Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

Can't ssh into my server from outside my home network

Discussion in 'Linux Networking' started by Andrew A. Robinson, Feb 23, 2017.

  1. I recently setup a file server, and am using the Amahi app over Fedora 24. I frequently ssh into the server, and have used scp to copy from local to remote and vice versa. However, I have been unable to access the server from outside my network using ssh. I have setup the security keys on all my distros, so I know the server accepts and authenticates my devices.
    I can also ping into the server from outside, i.e., ping xx.xx.xxx.xxx, and can ping the server using its internal address, 192.168.2.xxx. When I try to ssh in from outside, using ssh xx.xx.xxx.xxx:[email protected]. I am asked for my password. When I supply the valid password, I get the error: Permission denied, please try again. If I just use the ip address,ssh xx.xx.xxx.xxx, it goes off and never returns a response. Amahi's Wiki has not been useful for this problem.
    I want to get the ssh working before I tackle sftp.I really wish I had taken some networking classes in college. Can anyone help me?


     
  2. atanere

    atanere Guest

    I think the format is ssh [email protected], so ssh [email protected] or ssh [email protected].

    Of course root is risky but should not get permission denied errors. And any other username will need to exist on the host, perhaps needing to be in a particular group for remote login.

    I don't do remote login so I can't help much, but I do find a lot of examples on Google. Good luck!
     
  3. rstanley

    rstanley Guest

    Are you sure you have port forwarding setup on your home router to route ssh from the routable WAN address of the router to the non-routable LAN address of the server, 192.168.2.xxx?

    I do use remote access using scp, sftp, and ssh for a system on my home network, and it works fine.

    Also, I highly recommend changing the default ssh port, 22 to some other port. I used to get dozens if not hundreds of attacks on port 22 until I changed the port number. Now none!

    Also, I highly recommend turning off root logins to the server, and only allowing logins from a regular user.
     
  4. camp0

    camp0 Guest

    Hi,

    As rstanley say, change the port is a good idea.

    Did you check your iptables rules?
     
  5. CptCharis

    CptCharis Active Member

    Joined:
    Feb 27, 2018
    Messages:
    227
    Likes Received:
    238
    atanere likes this.
  6. Contemplative Farmer

    Joined:
    Mar 21, 2018
    Messages:
    5
    Likes Received:
    7
    I rely on my ability to ssh to my server from various locations on the WAN. I agree that the first thing to check is the port forwarding that is set up on your router. Assuming that your sshd is set up to use the standard port (port 22), your router must forward port 22 to the internal IP of your server. This is the first and most basic setup for accessing your server residing behind your firewall (router).

    If your service provider provided your router, they should have provided information for setting up the router. Usually using your web browser to go to and address such as 192.168.0.1 or similar will take you to your router setup. If you bought your own router, the same applies. That is the first check you need to make. Once port forwarding is enabled to the correct internal (LAN) IP address and verified, then it becomes a matter of appropriate ssh setup. Private and public keys, once established all depend on the ability of the ssh session making it though the router setup.

    Hope that is helpful....
     
    atanere likes this.
  7. DaMeD83

    DaMeD83 New Member

    Joined:
    Feb 13, 2018
    Messages:
    13
    Likes Received:
    17
    To put my 2 cents into the mix, might wanna look for a dynamic DNS in the case that you don't have a static IP from your ISP.

    that will make it so that you can ssh to an adress for instance, host.dyndns.org and it will still rout you to your own ip.

    Most routers have a setting for this all you need to do is to set it up with the site you wanna use.

    for that you just google dynamic dns, there are a few that are for free.
     
    atanere likes this.
  8. wizardfromoz

    wizardfromoz Super Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 30, 2017
    Messages:
    1,547
    Likes Received:
    1,697
    Just a friendly note to the above responses ... the thread was actually started a year ago. The dates can confuse. The references to "guest" on some Members past and current relate to when Admin Rob reorganised this site.

    BUT - that is not to say someone else may not have a similar problem, and benefit from your advice :)

    Just so you know ;)

    Wiz
     
    atanere likes this.

Share This Page