SSH and Port Forwarding
18, Jun 2009
I'm currently home for a short time, and I therefore get the joy of providing support to my family with their computers. Last time I was here I set my mom up with Ubuntu on her laptop. Since then she has had next to no problems with it, and has noticed a slight speed increase in the way the laptop performs.
While I'm visiting, I'm taking the opportunity to get something working that I didn't have an opportunity to last time I was here. I want remote SSH access to her laptop so that I can run updates and check on things while I'm away from home.
What Needs To Get Done
First off, Ubuntu doesn't come with SSH installed, so that must be installed from the repositories. It is necessary to get both ssh and sshd (the daemon that runs the ssh server). It is done quite simply:
sudo apt-get install openssh-server openssh-client
That also adds sshd to the list of applications that are automatically run during boot, so it is not necessary to modify any files and add the daemon to the list. Unfortunately, it's not just as easy as that.
When I'd try and ssh into the laptop after installing the openssh-server, I got the notice that the connection has been refused. After some digging around on-line I discovered that this was likely because the laptop was blocking access to port 22, the default port that SSH connects through. So, to fix that a command has to be run through the iptables firewall. The following line opens up port 22:
sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
For more detailed information on how iptables works visit the Ubuntu iptables How To.
Once that was done, I was able to SSH into the machine within the network, however the final goal is for me to be able to connect to her computer from home in Orlando. To do that I had to enable port forwarding on the wireless router here. To find out what your gateway address is (the router's address) run
sudo netstat -r
The gateway address is usually something like http://192.168.1.1/. To access your router settings, you'll have to login from there. If you've never done this before, the usual username and password is either admin/password or admin/password1 (You should change it immediately). Once logged in the steps you'll have to take vary according to the router that you're using. One thing that threw me off while typing in the password was that they had a script set-up that automatically adds extra characters to the password as you're typing it in. Supposedly this is for security, as it doesn't let people watching you tell how many characters you've input, but I found it to be very disconcerting.
Anyway, once you've logged in, make your way to the firewall portion of the router's controls and look for the Port Forwarding options. Set the Networked Computer/Device option to the computer that you wish to be able to access remotely, and choose SSH as the protocol. Once this has been done and the settings applied on the router, you should be able to login to your computer remotely from outside your local network.
Have Something to Say?
Questions? Comments? Concerns? Let me know what you’re thinking.