How do I find out my address so I can ssh from outside

Discussion in 'Linux Networking' started by dbd, Dec 3, 2003.

  1. dbd

    dbd Guest

    Hi,
    Short, but probably very stupid question:
    I am on a LAN, running sshd, people on the LAN can connect using ssh,
    but I can't find out my address so that people can ssh me via the net.
    I know my IP on the lan, my ip on the net, and my computer name (from
    console [[email protected] userName]), I have tried many combinations
    of these but I seem to find me to ssh from outside, how do I do this?
    Thanks
    dbd
     
    dbd, Dec 3, 2003
    #1
    1. Advertisements

  2. dbd

    P.T. Breuer Guest

    What do you mean? You only have the addresses that you can see via
    /sbin/ifconfig! No more and no less.
    What do you mean? You only have the IPs that you can see via
    /sbin/ifconfig!
    What?

    Now, what I *imagine* is happening, and you haven't said, is that you
    are on a local net in a non-routable range, such as 192.168.1.0. Or
    10.0.1.0. In that case, you don't have an IP address on the internet.
    Your connection to the net likely depends on the good graces of the
    gateway machine, which is likely forwarding packets from you to the net
    and adding a special "source port" indicator to them, so that when
    answers come back, it can recognise that they're really meant for you,
    and forward them on to you.

    But you can't do a thing to allow people to initiate outside connections
    to you! How is the gateway machine supposed to know that a random
    incoming packet is really for you, when it's directed at it?

    The best you can do is open a VPN to a cooperating server on some
    outside machine.

    Now, if that's not your situation, you'll have to pony up some data
    instead of the vague nonsense you spouted above. It may be possible to
    contact you from outside, but we can't tell if or how unless you make
    with data.

    Peter
     
    P.T. Breuer, Dec 3, 2003
    #2
    1. Advertisements

  3. dbd

    Leon. Guest


    Its the "IP on the internet" that they need.

    Perhaps its firewalled off so it wont work at all.
    Or perhaps sshd is configured to only accept local connections.
     
    Leon., Dec 3, 2003
    #3
  4. dbd

    James Knott Guest

    Actually, those addresses are just as routable as any other. The difference
    is that they're supposed to be blocked from reaching the internet. Many
    companies use and route addresses in those ranges.

    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
     
    James Knott, Dec 3, 2003
    #4
  5. (dbd) wrote in @posting.google.com:
    If your PC has a address like 192.168.x.x or 10.x.x.x (some other ranges
    too) then devices on the internet can't talk to it directly. You would
    have to modify your Internet Gateway/Firewall/Router to either NAT a
    public address to your PC's private address or else do port forwarding.
    Most firewalls would drop such incoming connections by default so you
    would also have to add a firewall rule to permit the incoming connection.

    Llanzlan.
     
    Llanzlan Klazmon The 15th, Dec 3, 2003
    #5
  6. Yes but they aren't routable via the internet. The BGP configurations
    between ISP's etc will not allow those subnets.

    Llanzlan
     
    Llanzlan Klazmon The 15th, Dec 3, 2003
    #6
  7. I will, from your question, presume that you are not the system
    administrator of the LAN. It is extremely likely that this person has
    installed one or more routers in the LAN, one of which acts as the gateway
    to non-local networks. This is the box which presents the public IP to the
    internet. It, or an accessory box, also acts a firewall to block unwanted
    access to the local network from non-local networks. This is probably the
    point at which inbound ssh attempts to your system fail. There are two
    probable reasons: the ssh port (normally 22) is blocked by the firewall for
    incoming traffic, or that port is already forwarded by the gateway to some
    system other than yours.

    The quick fix is to contact your system administrator.

    JW
     
    Jacob Westenbach, Dec 3, 2003
    #7
  8. dbd

    jack Guest

    Just a quick reminder: RFC1918, Section 3, second-last paragraph.


    Sorry for boring You, Jack.
     
    jack, Dec 4, 2003
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.