SSH externally from a remote machine not working





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







1















I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.



SSH with legacy options Remote Server



ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc 

Computer@Computer -vv

OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017

debug2: resolving "Computer" port 22

debug2: ssh_connect_direct: needpriv 0

debug1: Connecting to Computer [Computer] port 22.


TCPDUMP HOST



sudo tcpdump -i interface port 22 -vvv



18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)

    Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192

18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)

    Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80

18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)

    Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0


NetCAT HOST



 nc -vv (IP) 22

 Connection to (IP) 22 port [tcp/ssh] succeeded!

 SSH-2.0-dropbear_0.46


/var/log/auth.log HOST



Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.

Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.

Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)


FIREWALL HOST



sudo ufw status

Status: active



To                         Action      From

--                         ------      ----

22/tcp                     ALLOW       Anywhere                  

22                         ALLOW       Anywhere


MISC



Systemctl restart sshd

Systemctl enable sshd

Systemctl enable ufw





networking server ssh connection







share|improve this question





























    1















    I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.



    SSH with legacy options Remote Server



    ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc 
    
Computer@Computer -vv
    
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
    
debug2: resolving "Computer" port 22
    
debug2: ssh_connect_direct: needpriv 0
    
debug1: Connecting to Computer [Computer] port 22.


    TCPDUMP HOST



    sudo tcpdump -i interface port 22 -vvv
    

    
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
    
    Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
    
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
    
    Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
    
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
    
    Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0


    NetCAT HOST



     nc -vv (IP) 22
    
 Connection to (IP) 22 port [tcp/ssh] succeeded!
    
 SSH-2.0-dropbear_0.46


    /var/log/auth.log HOST



    Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
    
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
    
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)


    FIREWALL HOST



    sudo ufw status
    
Status: active
    

    
To                         Action      From
    
--                         ------      ----
    
22/tcp                     ALLOW       Anywhere                  
    
22                         ALLOW       Anywhere


    MISC



    Systemctl restart sshd
    
Systemctl enable sshd
    
Systemctl enable ufw





    networking server ssh connection







    share|improve this question

























      1












      1








      1








      I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.



      SSH with legacy options Remote Server



      ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc 
      
Computer@Computer -vv
      
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
      
debug2: resolving "Computer" port 22
      
debug2: ssh_connect_direct: needpriv 0
      
debug1: Connecting to Computer [Computer] port 22.


      TCPDUMP HOST



      sudo tcpdump -i interface port 22 -vvv
      

      
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
      
    Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
      
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
      
    Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
      
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
      
    Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0


      NetCAT HOST



       nc -vv (IP) 22
      
 Connection to (IP) 22 port [tcp/ssh] succeeded!
      
 SSH-2.0-dropbear_0.46


      /var/log/auth.log HOST



      Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
      
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
      
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)


      FIREWALL HOST



      sudo ufw status
      
Status: active
      

      
To                         Action      From
      
--                         ------      ----
      
22/tcp                     ALLOW       Anywhere                  
      
22                         ALLOW       Anywhere


      MISC



      Systemctl restart sshd
      
Systemctl enable sshd
      
Systemctl enable ufw





      networking server ssh connection







      share|improve this question














      I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.



      SSH with legacy options Remote Server



      ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc 
      
Computer@Computer -vv
      
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
      
debug2: resolving "Computer" port 22
      
debug2: ssh_connect_direct: needpriv 0
      
debug1: Connecting to Computer [Computer] port 22.


      TCPDUMP HOST



      sudo tcpdump -i interface port 22 -vvv
      

      
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
      
    Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
      
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
      
    Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
      
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
      
    Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0


      NetCAT HOST



       nc -vv (IP) 22
      
 Connection to (IP) 22 port [tcp/ssh] succeeded!
      
 SSH-2.0-dropbear_0.46


      /var/log/auth.log HOST



      Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
      
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
      
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)


      FIREWALL HOST



      sudo ufw status
      
Status: active
      

      
To                         Action      From
      
--                         ------      ----
      
22/tcp                     ALLOW       Anywhere                  
      
22                         ALLOW       Anywhere


      MISC



      Systemctl restart sshd
      
Systemctl enable sshd
      
Systemctl enable ufw





      networking server ssh connection




      networking server ssh connection






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Feb 14 at 0:08









      Ovie AdeseOvie Adese

      103




      103






















          1 Answer
          1






          active

          oldest

          votes


















          1














          If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.



          There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.






          share|improve this answer
























          • I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

            – Ovie Adese
            Feb 14 at 18:56












          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1118075%2fssh-externally-from-a-remote-machine-not-working%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.



          There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.






          share|improve this answer
























          • I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

            – Ovie Adese
            Feb 14 at 18:56
















          1














          If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.



          There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.






          share|improve this answer
























          • I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

            – Ovie Adese
            Feb 14 at 18:56














          1












          1








          1







          If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.



          There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.






          share|improve this answer













          If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.



          There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Feb 14 at 3:35









          MintyMinty

          89329




          89329













          • I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

            – Ovie Adese
            Feb 14 at 18:56



















          • I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

            – Ovie Adese
            Feb 14 at 18:56

















          I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

          – Ovie Adese
          Feb 14 at 18:56





          I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.

          – Ovie Adese
          Feb 14 at 18:56


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Ask Ubuntu!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1118075%2fssh-externally-from-a-remote-machine-not-working%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Human spaceflight

          Image
          Human spaceflight From Wikipedia, the free encyclopedia Jump to navigation Jump to search "Space traveler" redirects here. For other uses, see Space traveler (disambiguation). @media all and (max-width:720px){.mw-parser-output .tmulti>.thumbinner{width:100%!important;max-width:none!important}.mw-parser-output .tmulti .tsingle{float:none!important;max-width:none!important;width:100%!important;text-align:center}} Apollo 11 crewmember Buzz Aldrin on the Moon, 1969 International Space Station crewmember Tracy Caldwell Dyson views the Earth, 2010 Space Shuttle Discovery heads into space with a crew aboard, STS-121 in 2006 Inside a space suit on the Canadarm, 1993 Human spaceflight (also referred to as crewed spaceflight or manned spaceflight ) is space travel with a crew or passengers aboard the spacecraft. Spacecraft carrying people may be operated directly, by human crew, or it may be e
          Read more

          Can not write log (Is /dev/pts mounted?) - openpty in Ubuntu-on-Windows?

          Image
          0 1 What exactly does the error message beginning with E: mean? I assume it has to do with the file structure on Ubuntu-on-Windows, but what exactly? The following package was automatically installed and is no longer required: os-prober Use 'apt-get autoremove' to remove it. The following extra packages will be installed: libxslt1.1 The following NEW packages will be installed: libxslt1.1 xmlstarlet 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 435 kB of archives. After this operation, 1023 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libxslt1.1 amd64 1.1.28-2build1 [145 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe xmlstarlet amd64 1.5.0-1 [290 kB]
          Read more

          File:DeusFollowingSea.jpg

          Image
          File:DeusFollowingSea.jpg From Wikipedia, the free encyclopedia Jump to navigation Jump to search File File history File usage No higher resolution available. DeusFollowingSea.jpg ‎ (238 × 211 pixels, file size: 12 KB, MIME type: image/jpeg ) Summary [ edit ] Media data and Non-free use rationale Description Cover art of the Deus CD Following Sea Author or copyright owner Deus Source (WP:NFCC#4) rocksucker.co.uk Date of publication 2012 Use in article (WP:NFCC#7) Following Sea Purpose of use in article (WP:NFCC#8) to serve as the primary means of visual identification at the top of the article dedicated to the work in question. Not replaceable with free media because (WP:NFCC#1) n.a. Minimal use (WP:NFCC#3) Low res image used in infobox of the article on the album Respect for commercial opportunities (WP:NFCC#2) n.a. Fair use Fair use of co
          Read more