Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 15 December 2024, 09:32:18 pm

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Any Insight on How To Enable Remote/Internet ssh Access?
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Any Insight on How To Enable Remote/Internet ssh Access?  (Read 15739 times)
broadaxe
Jr. Member
*
Offline Offline

Posts: 2


« on: Wednesday 16 September 2009, 01:14:21 pm »

Hello,
I have a brand new install of Endian Community release 2.2. I am trying to configure the External ssh access with no success. The manual is very terse on this aspect, it just states to look at System => SSH access and then at Firewall => System access. I have configured both in the same way I have in IPCop in the past, but I do not get access - e.g.:
System => SSH access:
  • Allow TCP forwarding
  • Allow password based authentication
  • Allow public key based authentication

and
Firewall => System access:
<ANY> RED Uplink main    TCP/22    ALLOW    Service (SSH)

I have even played with the possibility of doing port forwarding from the front(RED) to the back(GREEN) interface on port 22, all to no avail. Any ideas? Help would be appreciated.

- Broadaxe.
Logged
DukeOfAwesome
Full Member
***
Offline Offline

Posts: 30


« Reply #1 on: Wednesday 16 September 2009, 01:27:23 pm »

From memory it's port 222...
Logged
broadaxe
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Wednesday 16 September 2009, 02:08:06 pm »

Well, the /etc/ssh/sshd_config lists both ports. I am not sure if one is used for the GREEN(port 22 definitely) and the other for the RED. I might try that, but I am not sure if it would work for me, I need external access to port 22.
Here is a snippet from the actual Endian Manual (from clicking on the help button at the top right corner of the web interface)

"Assume you have a service such as telnet (or any other service that can be tunneled through SSH) on a computer inside your GREEN zone, say port 23 on host 10.0.0.20.

This is how you can setup a SSH tunnel through your Endian Firewall to access the service securely from outside your LAN.

1. Enable SSH and make sure it can be accessed (see Firewall, System access).

2. From an external system connect to your Endian Firewall using

    ssh -N -f -L 12345:10.0.0.20:23 root@endian_firewall   

where -N tells SSH not to execute commands, but just to forward traffic, -f runs SSH in the background and -L 12345:10.0.0.20:23 maps the external system's port 12345 to port 23 on 10.0.0.20 as it can be seen from your Endian Firewall.

3. The SSH tunnel from port 12345 of the external system to port 23 on host 10.0.0.20 is now established. In this example you can now telnet to port 12345 on localhost to reach 10.0.0.20. "
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com