Giving external ssh access to my home ubuntu laptops on the virgin media home BB netw

Tara4

Firstly, i've asked virgin media support and they couldn't tell me.

Is it possible for a dev on the internet to gain ssh access to my ubuntu laptops on a home virgin media wifi network ?

Would I need an external ip address ? Ipv6 or ipv4 ? I've logged into router and I can turn off firewall and/or set up port forwarding.

The router doesn't seem to list the ssh protocol in its list for port forwarding. And only has the option to set ipv6 external whitelisted ip.

Virgin support said I'd need to switch to ipv4 probably. But weren't clear after that. Cant see what difference internet protocol version would make though.

No firewall on either laptop. Any networking guru out there that can help ?

stevek93

I'd say IPV4 would be a start get VM to enable it. You also need to open port 22 on your router, then I believe its just then using your public IP address to open a ssh terminal?

Might be wise to have the WAN side different to the internal for example WAN port= 2200 LAN IP= 192.168.0.22 port= 22

Tara4

stevek93 wrote: »

I'd say IPV4 would be a start get VM to enable it. You also need to open port 22 on your router, then I believe its just then using your public IP address to open a ssh terminal?

Might be wise to have the WAN side different to the internal for example WAN port= 2200 LAN IP= 192.168.0.22 port= 22

Thanks stevek93.

My laptop has a LAN ip address. I want an outside/incoming connection to connect to my internal laptop.

So to set up the WAN I'd turn off the router firewall just to be sure. Then set up port forwarding with protocol set to all. Switch from ipv6 to ipv4. Then whitelist the devs ip address ?

Is all this possible on the VM hub 3.0 router do you know ?

jester77

Tara4 wrote: »

Thanks stevek93.

My laptop has a LAN ip address. I want an outside/incoming connection to connect to my internal laptop.

So to set up the WAN I'd turn off the router firewall just to be sure. Then set up port forwarding with protocol set to all. Switch from ipv6 to ipv4. Then whitelist the devs ip address ?

Is all this possible on the VM hub 3.0 router do you know ?

Would be better setting up a VPN and connecting that way. If you are going with direct ssh access, then create a private key and only allow the server access to that key and disable other authentication methods.

stevek93

Tara4 wrote: »

Thanks stevek93.

My laptop has a LAN ip address. I want an outside/incoming connection to connect to my internal laptop.

So to set up the WAN I'd turn off the router firewall just to be sure. Then set up port forwarding with protocol set to all. Switch from ipv6 to ipv4. Then whitelist the devs ip address ?

Is all this possible on the VM hub 3.0 router do you know ?

Yes so you can use your external IP address to do this.

Don't turn off the firewall it is isn't required and you put your router at risk, I am not to sure what is available on the VM router but you won't be able to see port fowarding until you switch to IPV4.

Tara4

stevek93 wrote: »

Yes so you can use your external IP address to do this.

Don't turn off the firewall it is isn't required and you put your router at risk, I am not to sure what is available on the VM router but you won't be able to see port fowarding until you switch to IPV4.

Thanks mate.

I'll report back in the afternoon and let you know my progress

stevek93

jester77 wrote: »

Would be better setting up a VPN and connecting that way. If you are going with direct ssh access, then create a private key and only allow the server access to that key and disable other authentication methods.

How would the OP go about setting up a VPN just curious.

ED E

stevek93 wrote: »

How would the OP go about setting up a VPN just curious.

Either run one locally or run at the far end and dial out. The latter wouldnt require any changes to their network. Hosting locally use an Rpi or something for always on.

Say the far end hosts, then you could permit SSH on the VPN IP of each laptop and the dev to connect.

Tara4

Yeah, Virigin Media weren't exactly falling over themselves to help. They don't' support port forwarding apparently. Yet the option appears when i got them to switch me from IPv6 to IPv4 like you suggested.

I set up port forwarding on the VM hub 3.0 by setting local ports to 22 and external ports to 6666 and enabling 'All' protocols and selecting enable.

I also had to set my IP which i got under the Connections tab of the router login page eg. 192.168.0.127

Then i went to DynDNSs.net and set up a free dynamic IP so that the external computer could 'see' my system on the internet without having to set a new ip address every 24hrs cause VM issue dynamic IP's.

I installed ssh server on my system. Added a new user for my dev. Added my dev to the sudo user group. Did a softlink from my home folder wp/docker instance to the dev's home folder so he can work on it.

My dev hasn't connected yet. Busy. But when he does I'll check back in to confirm it works ...

stevek93

VM don't know pretty much anything from my experience. When I had an engineer out I tried to show the engineer a simple ping I was running he didn't know what a ping was.

Tara4

LOL