In this way, when incoming connections are received to port X of our public IP, the router will refer it to the corresponding machine. The solution to the aforementioned problem is port-forwarding. How does an incoming connection (from SSH, as would be our case) to communicate with machine 1 of our local network? Don't forget that "from the outside" the 3 machines, although they have local IPs, share a single public IP through which they connect to the Internet. Suppose you have a local network of 3 machines, all of them behind a router. More specifically, you have to configure.īefore going to the point and showing the necessary configuration it seems prudent to explain a little what port-forwarding consists of. In case your server is behind a router, it is necessary to configure the latter so that it does not block incoming connections. AllowUsers so and so and Configure the router The following example restricts access to the SSH server so that only so-and-so users can do so from hosts 10.1.1.1 and 10.2.2.1. The Allowusers parameter allows you to restrict access by user and, optionally, the host from which you can connect. By default it comes with the value 22, you can choose another that suits you best (for the purposes of this tutorial we chose 443 but it can be any other). To avoid possible attacks it is advisable to change the port that SSH will use. My recommendation is to modify only 2 parameters: port and allowusers. You will now be able to access the Ubuntu (SSH server) with an SSH client.Ģ.- Once installed, it is useful to review the configuration file:įrom this file you will be able to configure your SSH server at ease. In this tutorial we are going to explain the "typical" case: Linux server, Windows client.ġ.- Install the SSH server. In other words, as the IP of your secure server is not blocked (yes, on the other hand, YouTube's) you will be able to "evade" this restriction (not being able to access YouTube) since for the administrator of your company's network your machine was only chatting with your "secure" server and has no idea that through it you are actually browsing a lot of pages. Can't access YouTube from work? Well, an SSH tunnel may be the solution, as all requests will be made through your "secure" server. This method is also useful for circumventing the restrictions imposed on the connections of many work environments. In this way, we can connect to the Internet through our "secure" server. However, there is a solution: an SSH tunnel. Of course, it is always recommended to carry out these types of transactions in a safe environment. I hear you ask: can this really help me? Well, let's assume the following scenario: you are in an internet cafe or restaurant with free Wi-Fi and you need to make a bank transfer or other important operation. The "disadvantage" of this method is that you always have to have this machine turned on and configured correctly to function as an SSH server, but it allows you to substantially improve the security of your connection and even evade the connection restrictions imposed by network administrators ( for example, your job). This server could be, for example, in your home. This "safe" channel is nothing more than a server configured for this purpose. The idea of building a SSH tunnel is to encrypt all connections (regardless, for example, if you go to an https or http page) and connect to Internet through a secure channel.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |