Re: ssh to my computer behind NAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2010/3/9 Rick Sewill <rsewill@xxxxxxxxx>:
> On Tue, 2010-03-09 at 00:49 +0300, Hiisi wrote:
>> Dear list!
>> I would like to be able to ssh to my home computer located behind my
>> ISP' NAT. I know, I can tunnel to it through some middle host and
>> actually I'm doing it at the moment. But I'm fancy is there a better
>> solution? Is there a possibility of not using any computer at the
<--SNIP-->
>
> If it's a company gateway, we mustn't help you defeat their security.
>
> I don't want to discuss whether having a gateway adds to security.
> Personally, I believe all devices in the internal LAN must be secure.
> I do not believe security can be done solely at the border of a LAN.
>
> Do you control the device that is doing NAT for you or does the ISP?
> If controlled by the ISP, did the ISP provide a way to configure it?
>
> As others have said and will say, one needs to have the NAT device
> port forward the appropriate port (whatever port you use for ssh)
> to your host.
>
>

You and other, thank for your responses. Sorry I didn't make it clear.
I don't have any router. I'm connected to Internet via LAN. My IP
address is something like 192.168.3.20 and I use ISP' router IP
(192.168.0.1) as a gateway (I don't have any access to the router).
So, I decided its called NAT. Am I wrong here? I don't know. I know
only that I can't reach my computer from the outside of the LAN. So, I
did the following: on the target computer I ran:
ssh -R 10002:localhost:22 user@xxxxxxxxxxx (it's a computer somewhere
and I have ssh access there)
Now I can connect to the target computer in a few steps:
1. connect to middle.host:
ssh user@xxxxxxxxxxx
2. and from there:
ssh Hiisi@xxxxxxxxxxxxx -p 10002
See, it's not very convenient and I'm not sure whether it's possible
to use VNC using this setup (as I would like to).  So, is there any
better solution?
-- 
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/
--
Spandex is a privilege, not a right.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux