SSH externally from a remote machine not working
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.
SSH with legacy options Remote Server
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc
Computer@Computer -vv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug2: resolving "Computer" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to Computer [Computer] port 22.
TCPDUMP HOST
sudo tcpdump -i interface port 22 -vvv
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0
NetCAT HOST
nc -vv (IP) 22
Connection to (IP) 22 port [tcp/ssh] succeeded!
SSH-2.0-dropbear_0.46
/var/log/auth.log HOST
Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)
FIREWALL HOST
sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22 ALLOW Anywhere
MISC
Systemctl restart sshd
Systemctl enable sshd
Systemctl enable ufw
networking server ssh connection
add a comment |
I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.
SSH with legacy options Remote Server
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc
Computer@Computer -vv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug2: resolving "Computer" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to Computer [Computer] port 22.
TCPDUMP HOST
sudo tcpdump -i interface port 22 -vvv
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0
NetCAT HOST
nc -vv (IP) 22
Connection to (IP) 22 port [tcp/ssh] succeeded!
SSH-2.0-dropbear_0.46
/var/log/auth.log HOST
Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)
FIREWALL HOST
sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22 ALLOW Anywhere
MISC
Systemctl restart sshd
Systemctl enable sshd
Systemctl enable ufw
networking server ssh connection
add a comment |
I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.
SSH with legacy options Remote Server
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc
Computer@Computer -vv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug2: resolving "Computer" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to Computer [Computer] port 22.
TCPDUMP HOST
sudo tcpdump -i interface port 22 -vvv
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0
NetCAT HOST
nc -vv (IP) 22
Connection to (IP) 22 port [tcp/ssh] succeeded!
SSH-2.0-dropbear_0.46
/var/log/auth.log HOST
Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)
FIREWALL HOST
sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22 ALLOW Anywhere
MISC
Systemctl restart sshd
Systemctl enable sshd
Systemctl enable ufw
networking server ssh connection
I've setup Ubuntu Desktop 18.04 and I'm trying to setup ssh services so that I can ssh remotely into machine from anywhere. Bellow I've included a couple of recommendations on trouble shooting the problem, but it still persists, I am welcome to any suggestions. I just want to know if I'll ever be able to ssh to my machine remotely so I can move on.
SSH with legacy options Remote Server
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc
Computer@Computer -vv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug2: resolving "Computer" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to Computer [Computer] port 22.
TCPDUMP HOST
sudo tcpdump -i interface port 22 -vvv
18:50:47.949925 IP (tos 0x28, ttl 48, id 46536, offset 0, flags [DF], proto TCP (6), length 244)
Computer.ssh > Computer.34798: Flags [P.], cksum 0xc9f3 (correct), seq 85512151:85512343, ack 4029662038, win 377, options [nop,nop,TS val 3486052520 ecr 3637652101], length 192
18:50:47.950859 IP (tos 0x28, ttl 48, id 46537, offset 0, flags [DF], proto TCP (6), length 132)
Computer > Computer.34798: Flags [P.], cksum 0x4e9b (correct), seq 192:272, ack 1, win 377, options [nop,nop,TS val 3486052521 ecr 3637652101], length 80
18:50:47.950905 IP (tos 0x10, ttl 64, id 61816, offset 0, flags [DF], proto TCP (6), length 52)
Computer > Computer.ssh: Flags [.], cksum 0x0f98 (correct), seq 1, ack 272, win 1444, options [nop,nop,TS val 3637663146 ecr 3486052520], length 0
NetCAT HOST
nc -vv (IP) 22
Connection to (IP) 22 port [tcp/ssh] succeeded!
SSH-2.0-dropbear_0.46
/var/log/auth.log HOST
Feb 13 18:55:44 Computer sshd[9699]: Server listening on 0.0.0.0 port 22.
Feb 13 18:55:44 Computer sshd[9699]: Server listening on :: port 22.
Feb 13 18:55:44 Computer polkitd(authority=local): Unregistered Authentication Agent for unix-process:9689:610496 (system bus name :1.203, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_CA.UTF-8) (disconnected from bus)
FIREWALL HOST
sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22 ALLOW Anywhere
MISC
Systemctl restart sshd
Systemctl enable sshd
Systemctl enable ufw
networking server ssh connection
networking server ssh connection
asked Feb 14 at 0:08
Ovie AdeseOvie Adese
103
103
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.
There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1118075%2fssh-externally-from-a-remote-machine-not-working%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.
There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
add a comment |
If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.
There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
add a comment |
If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.
There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.
If you're trying to remote in from outside of your home network, the configuration needs to be done on your router. Specifically, enable port forwarding on port 22 on your router to your server.
There's a few precautions to take in mind with this, however. Exposing a server to the internet is a dangerous thing and shouldn't be taken lightly. At a minimum, you should have a VERY strong, and long password for the login account, and strictly disable root logins through SSH. A further step is to use encryption keys, and limit logins only to those with the keys. A step even further would be to change which port SSH uses from 22, as I can say from experience that this port is completely flooded with would-be hackers; you WILL get a login attempt every couple seconds from brute force attackers.
answered Feb 14 at 3:35
MintyMinty
89329
89329
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
add a comment |
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
I'll accept this as an answer, beucase it's very informative and because my router/modem does not support port forwarding, but does support port triggering so that could be the problem.
– Ovie Adese
Feb 14 at 18:56
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1118075%2fssh-externally-from-a-remote-machine-not-working%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown