Can't ssh into my server from outside my home network

A

Andrew A. Robinson

Guest
I recently setup a file server, and am using the Amahi app over Fedora 24. I frequently ssh into the server, and have used scp to copy from local to remote and vice versa. However, I have been unable to access the server from outside my network using ssh. I have setup the security keys on all my distros, so I know the server accepts and authenticates my devices.
I can also ping into the server from outside, i.e., ping xx.xx.xxx.xxx, and can ping the server using its internal address, 192.168.2.xxx. When I try to ssh in from outside, using ssh xx.xx.xxx.xxx:xxxxxx@hda. I am asked for my password. When I supply the valid password, I get the error: Permission denied, please try again. If I just use the ip address,ssh xx.xx.xxx.xxx, it goes off and never returns a response. Amahi's Wiki has not been useful for this problem.
I want to get the ssh working before I tackle sftp.I really wish I had taken some networking classes in college. Can anyone help me?
 


I think the format is ssh username@hostname, so ssh [email protected] or ssh [email protected].

Of course root is risky but should not get permission denied errors. And any other username will need to exist on the host, perhaps needing to be in a particular group for remote login.

I don't do remote login so I can't help much, but I do find a lot of examples on Google. Good luck!
 
Are you sure you have port forwarding setup on your home router to route ssh from the routable WAN address of the router to the non-routable LAN address of the server, 192.168.2.xxx?

I do use remote access using scp, sftp, and ssh for a system on my home network, and it works fine.

Also, I highly recommend changing the default ssh port, 22 to some other port. I used to get dozens if not hundreds of attacks on port 22 until I changed the port number. Now none!

Also, I highly recommend turning off root logins to the server, and only allowing logins from a regular user.
 
Hi,

As rstanley say, change the port is a good idea.

Did you check your iptables rules?
 
I rely on my ability to ssh to my server from various locations on the WAN. I agree that the first thing to check is the port forwarding that is set up on your router. Assuming that your sshd is set up to use the standard port (port 22), your router must forward port 22 to the internal IP of your server. This is the first and most basic setup for accessing your server residing behind your firewall (router).

If your service provider provided your router, they should have provided information for setting up the router. Usually using your web browser to go to and address such as 192.168.0.1 or similar will take you to your router setup. If you bought your own router, the same applies. That is the first check you need to make. Once port forwarding is enabled to the correct internal (LAN) IP address and verified, then it becomes a matter of appropriate ssh setup. Private and public keys, once established all depend on the ability of the ssh session making it though the router setup.

Hope that is helpful....
 
To put my 2 cents into the mix, might wanna look for a dynamic DNS in the case that you don't have a static IP from your ISP.

that will make it so that you can ssh to an adress for instance, host.dyndns.org and it will still rout you to your own ip.

Most routers have a setting for this all you need to do is to set it up with the site you wanna use.

for that you just google dynamic dns, there are a few that are for free.
 
Just a friendly note to the above responses ... the thread was actually started a year ago. The dates can confuse. The references to "guest" on some Members past and current relate to when Admin Rob reorganised this site.

BUT - that is not to say someone else may not have a similar problem, and benefit from your advice :)

Just so you know ;)

Wiz
 

Members online


Latest posts

Top