5

so I have no experience in computer networks at all.

I need to ssh (actually I need to connect via x2go but its equivalent I guess) from my laptop to PC. I know the PC local IP address and I can ssh and connect via x2go when my laptop is in the same local network.

But how can I connect from outside? thanks

[SOLUTION] So as a total noob, the most straightforward solution for me was to use free dynamic DNS provider services. I used noip.com services. I set up name that is an alias for my dynamic IP. Also I forwarded port in my router settings which also happened to be easy task. No I can acces my PC via ssh -p port_forwarded username@aliasIP

Improve this question

1 Answer 1

Reset to default
7

Three methods:

1) You can forward port 22 on your router to the port on your PC that the daemon is listening at. When you ssh PCuser@Public_IP_of_PC (22 is the default port, if another port is forwarded, pass it with -p argument) you will access the PC behind the router. The exact dynamics of the process is explained in detail here: https://unix.stackexchange.com/questions/19620/ssh-port-forward-to-access-my-home-machine-from-anywhere

2) Create a reverse ssh tunnel from the PC behind router to laptop (provided that laptop has a certain IP) as such:

ssh -v -N -R port_of_laptop:localhost:local_port_of_pc laptop_user@$laptop_ip

(however is laptop is also behind a router, this time a port has to be forwarded from the laptop's router top a port at laptop.)

At the laptop side you just ssh as such:

ssh -v -p port_of_laptop@localhost

3) Or you can setup an OpenVPN server listening on UDP 1194 port (best way is to use a free-tier micro EC2 instance on AWS with elastic IP). Then you'll make your laptop and PC clients inside the same VPN. This way, connected to the VPN through tun0 interface, all clients can access each other as if they are on the same LAN even if they are actually not. client-to-client connection must also be enabled. The good thing with is approach is that, you don't have to track the address of the router that the PC is connected to (if it has a dynamic IP that changes in each reboot/reconnection).

ssh PCuser@IP_of_PC_given_by_tun0
Improve this answer
10
  • So I choose first option. I have enabled port, say, 55 for forwarding on my router settings. But now how can I get the "name" of my local network? So i can use it via ssh name@IP ?
    – tomtom
    Commented Dec 22, 2016 at 23:08
  • Well I'm confused with all these $i variables. I mean, say my PC local IP address is 192.168.0.200 and I have forwarded port 55 in my router settings. Now say I am out of town and want to access my PC from internet. How do I do that? Not sure if this make difference but at the end I care about x2go, not ssh.
    – tomtom
    Commented Dec 22, 2016 at 23:28
  • If you port-forward tcp/55 on your router to 192.168.0.200:22, then from the internet you would ssh -p 55 ${your_username_on_PC}@${your_public_IP}.
    – user4556274
    Commented Dec 22, 2016 at 23:34
  • Well I just wanted to provide a one-liner to a bash script in which arguments will be passed instead of a static one. You forward port 55 on your router to a certain port of PC and of course you make that port available on the PC using iptables, etc and start a daemon listening on that port (such as sshd). In the case of ssh, you ssh to -p 55 root@IP. You set a password at the server side (the PC). In the case of VNC, you don't provide a login name but just the IP (the default port is 5900). Well I haven't used x2go, but I see that it uses ssh.
    – S.C
    Commented Dec 22, 2016 at 23:42
  • And I think, reverse tunnel (method 2 above) is a more secure way than forwarding port at the router which may create a vulnerability. With a reverse tunnel created at the PC from port X of PC to port Y of laptop, at the laptop side, you connect to ssh -p Y PCuser@localhost.
    – S.C
    Commented Dec 22, 2016 at 23:43

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .