networkingremote accessssh
My ISP does not allow me to have a static IP address. As such I am unable to remotely SSH in my home machine. Is there a way I could SSH from my home machine to a server and SSH into the server from my remote laptop and bridge the two connections?
Cheers!
By default VirtualBox works in "NAT" mode, meaning that it builds a "virtual" network and translates network accesses from the VM so that to the outside world, they appear to come from your actual computer.
VirtualBox makes the VM think it's connected to a network, but in reality VirtualBox is providing network services, including a mini DHCP server. Then, VirtualBox does network accesses "on behalf" of the VM, making it appear as just another application running on your PC.
However this means that the outside world doesn't really know about the VM and can't access it directly.
I think the port redirection you did was from your home router to your PC, not to the VM. You may be missing some configuration on the VirtualBox side. Apologies if you already did this, but your question was not clear about this.
Basically you have to change the VM's network configuration and set it to "Bridged". What this does is, it creates a virtual interface on your PC and makes the VM use that to access the outside world; anything coming into or going to that interface gets piped to the VM. Thus, the VM will be visible as just another machine in whichever network your PC is connected to (it even has its own MAC address!).
Then, depending on your network's configuration, the VM may get a DHCP address like any other PC connected to your router, or you may need to configure a static IP address for it. This depends on how your network is set up.
Once the VM has a "real" address, you can, on your router, follow the instructions you found to route port 22 to the VM's IP address. This should work as you expect it to.
If it doesn't:
Now that you have verified the service works from the local network, you're ready to forward the ports from the router to go to the desired computer.
You can get (verify your computer's IP) the local IP address of your computer by running the following command. The output will be similar to this example, of which I'll use for the example in these steps.
$ hostname -I
192.168.1.5
You want to forward the ssh port (port 22) in the router's configuration to the IP address of your server.
The Steps:
ssh port 22 (the tcp protocol) to the local IP address of your computer.With those steps, you can now log into your computer using the public IP of the router from outside your network.
You can setup a DNS to point to your router's public IP address so that you can conveniently use the name for logging in rather than having to remember the IP address.
Static IP Versus Dynamic IP
Most home internet service providers charge a fee for Static IP addresses. So it's likely that you may have a dynamic IP, which is subject to change from time to time. If you have a dynamic IP and can't connect from remote, you have to check to ensure that you are trying to connect to the correct IP address of your router.
A static IP will not change without some type of conscience configuration and intentions.
If you have a dynamic IP it's possible to use a ddns service (Dynamic Domain Name System) to assign a name that will automatically change the name to point to the new dynamic IP when it changes. There is a feature of most routers to configure it to use your DDNS service.
Trouble Shooting Alternatives
Internet Service Providers often blocks many common ports. It's often to protect the user from hackers and exploits. Sometimes it's to prevent the user from running certain services and to minimize bandwidth.
Whatever the purpose, you'll have to use an alternate port for your ssh server. This can be done by adding or changing the port the ssh server will listen to. You can do this by editing your /etc/ssh/sshd_config file.
Ubuntu uses port 1022 as an alternative when performing version upgrades from remote. This provides for a means to login into a recovery session if you loose connection. I used this same port in my example below. You can set it for any port that isn't currently being used for something different.
After changing the listening port on the server, be sure to change the port forwarding configuration in your router to the port the ssh server is listening to. Also be sure to test the new port configuration locally.
Change from:
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to
Change to:
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 Port 1022 # Use these options to restrict which interfaces/protocols sshd will bind to
After making sshd service configuration changes restart the sshd service with:
$ sudo systemctl restart sshd
The command to ssh into an alternate port:
(This command can be executed from any computer including the server itself for testing and logging into the port.)
$ ssh -p 1022 username@server.com
A website to test the way the ports are viewed from outside
You can verify your settings by connecting to this site:
http://www.canyouseeme.org.
Best Answer
I just copy/paste (slightly modified) part of @b_laoshi's answer from here:
EDIT: To allow to establish a SSH tunnel without the need for an active terminal window, one can add the
-Nparameter (before the-R) (as pointed out in the link provided by @steeldriver). Moreover, if one wants to automatically setup a permanent background ssh connection, Erik Torgesta's great article provides you with all the necessary steps.Related topics: