2010/3/9 Rick Sewill <rsewill@xxxxxxxxx>: > On Tue, 2010-03-09 at 00:49 +0300, Hiisi wrote: >> Dear list! >> I would like to be able to ssh to my home computer located behind my >> ISP' NAT. I know, I can tunnel to it through some middle host and >> actually I'm doing it at the moment. But I'm fancy is there a better >> solution? Is there a possibility of not using any computer at the <--SNIP--> > > If it's a company gateway, we mustn't help you defeat their security. > > I don't want to discuss whether having a gateway adds to security. > Personally, I believe all devices in the internal LAN must be secure. > I do not believe security can be done solely at the border of a LAN. > > Do you control the device that is doing NAT for you or does the ISP? > If controlled by the ISP, did the ISP provide a way to configure it? > > As others have said and will say, one needs to have the NAT device > port forward the appropriate port (whatever port you use for ssh) > to your host. > > You and other, thank for your responses. Sorry I didn't make it clear. I don't have any router. I'm connected to Internet via LAN. My IP address is something like 192.168.3.20 and I use ISP' router IP (192.168.0.1) as a gateway (I don't have any access to the router). So, I decided its called NAT. Am I wrong here? I don't know. I know only that I can't reach my computer from the outside of the LAN. So, I did the following: on the target computer I ran: ssh -R 10002:localhost:22 user@xxxxxxxxxxx (it's a computer somewhere and I have ssh access there) Now I can connect to the target computer in a few steps: 1. connect to middle.host: ssh user@xxxxxxxxxxx 2. and from there: ssh Hiisi@xxxxxxxxxxxxx -p 10002 See, it's not very convenient and I'm not sure whether it's possible to use VNC using this setup (as I would like to). So, is there any better solution? -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/ -- Spandex is a privilege, not a right. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
