Okay, here's the situation I am in. I have a raspberry Pi 2 model B. I have Raspbain Jessie installed as the OS. I have Apache installed as well. I have a web server running and i am able to edit it and access the site from different devices on different internet connections. I want to be able to connect to my RaspPi through SSH on my MacBook Pro. I am able to do this while on the same network. My Pi is plugged into the router via an Ethernet. What i have tried is, logging into my router and reserving an IP for my Pi, i also entered my MAC address here. I have gone into the port forwarding options in my router and have it set up as: HTTP, TCP, Server address(the one i reserved) my Ipv6, and Start port 80, end port 80. Ontop of that i have gone into my /etc/dhcpcd.conf file. There at the end of the file i added
interface eth0
static ip_address=10.0.0.100
static routers=10.0.0.1
static domain_name_servers=68.44.180.118 2001:558:feed::1 2001:558:feed::2
The guide I followed is attached here and follows other guides i have seen.
http://www.circuitbasics.com/how-to-set-up-a-static-ip-on-the-raspberry-pi/
Yet when i try to SSH remotely i cannot get a connection, and when i connect on the same internet i can connect as normal. Please if anybody sees what could help .
Your router's firewall is probably blocking the ports for SSH, which does not use port 80 (in raspbian, I think its default is port 22). If you are going to take the risk of leaving your SSH open to the public, you should probably switch it to a different port other than the default before opening up a port on your firewall. The Raspbian Community has a thread on how to properly change SSH's default server port. You'll also need to make sure your SSH client is using the same port. You will need to leave 80 open for web, and also forward the SSH port, which ever you choose that to be (22 is the default).
Related
I need some help understanding the current situation that I am having with my home network.
My home network is very simple: My ISP is xFinity with a Dynamic IP that doesn't change very frequently. Last IP change occured 6 months ago. It comes into an Arris SB6183 modem that I own. From the Arris, it goes into a Linksys E8540 WiFi 6 Router (or a Netgear R6250 DD-WRT due to troubleshooting). From here, I only have 2 computers: one Linux Desktop, and one personal Windows laptop that I use for web-browsing.
The Linux Desktop machine (LAN IP is 192.168.1.200) has SSHD Service on Port 22. The Router port forwards incoming SSH 22 connection from Internet to Port 22 on 192.168.1.200. Router firewall (SPI) is disabled.
Everything stopped working about 2 weeks ago. I am not able to SSH from outside into my Linux Desktop machine. If I am on the internal LAN, then SSH works just fine.
Using CanYouSeeMe.org shows me that Port 22 cannot connect: "Reason: connection timed out"
Here is what I tried:
Removed the Router and Laptop and plugged in the Linux Desktop
straight into the Arris modem. SSH attempts still shows "Request
timed out"
Made sure that UFW Firewall on Linux is off. No Fail2Ban.
Replaced the Linksys E8450 with Netgear R6250 DD-WRT. No change.
Called xFinity Customer Support and asked "Is Comcast blocking external incoming IPs to Port 22 ?" they responded "We don't block Port 22"
Contacted Comcast Customer Security Assurance and Abuse and asked them to verify if my profile has some Security Profile/Screen in place or some sort of flag. They responded NO.
Then, finally I put a Port Forwarding rule on the router: incoming connection on port 2222 go to SSH 22 on Linux Desktop. And this works!! If I initiate external SSH connection attemps on port 2222 I do indeed connect to my Linux desktop.
In a related news, my Reolink Security APP on my Android Samsung phone no longer connects to my Home Camera over Cellular Data. It connects fine if my Phone connets to the Lan over WiFi.
What are your thoughts ? Does it look like my ISP is blocking incoming connections ? Any help greatly appreciated!
I want to access my raspberrypi from outside my local network, in particular using ssh. When I searched for answers, almost all mentioned port forwarding. My understanding is a little thin, but I think I have forwarded the port. Instead of the standard port 22 I use something like port 2222:
ssh -p 2222 bla#raspberrypi
This works locally, but it didn't work when I tried it outside, and I found that port 2222 is closed. My impression was that port forwarding was synonymous with "making the port available outside LAN". How do I actually open the port for outside access? Thanks in advance.
Go to your routers admin page, usualy at 192.168.1.1 (especaly cisco), sometimes is at 192.168.100.1. Another concern is that you have to have static ip from isp because there is a refresh rate which if you have the ip is resetting. You could open a port to the dynamic ip but it will be eventualy changed. I have tested this and it work until the ip changed.The default port is 22 but you could change it, here is a tutorial and explanation by Eli the Computer Guide. If you couldn`t port forward watch a tutorial on how to port forward on your router. I recommend because you have little knowledge in port forwarding that you should go with the default port.
Keep Hacking. Good Luck :) !
Device: Raspberry Pi 2 Model B
OS: Raspbian Stretch ( no desktop ) with static ip
Router: Belkin F9K1103
DNS service: Hosting on Norwegian version of domainnameshop.com
Greetings. I'm in the process of setting up my Pi as a server. The current motive is to be able to ssh into the device from another network and host a Git server on it.
It works great at home using the local ip address, but when it comes to port forwarding port 22, NOTHING works... I've tried for at least 10 hours combined, scavenging the internet for solutions on this topic, rasbian / raspberry related port forwarding or general. Nothing seems to work. I've tried everything it seems, and no matter what i do the tests show that the port is CLOSED.
I'm currently port forwarding the Pi's local ip and port 22 on the networks port 22 ( also tried port 3322 to the pi's port 22 ) on BOTH the router and the modem using the internet provider's own service for port forwarding online ( Telenor ). The Pi is connected with an ethernet cable, and I've tried connecting it to both the router and the modem when doing all the tests. I've also tried to add 'Port 22' and 'Port 3322' in the Pi's SSH configuration file.
I've also tried to use a DNS service in which I'm forwarding my home network's ip address but still no luck.
Can anybody please help me before I go insane? I'm I missing something crucial? I can't count on both my hands how many forum posts I've been reading and guides on both raspberry or general port forwarding..
Ok so I found out what was wrong.
Our modem is quite new and advanced, and the internet provider has their own online admin panel for it with its own port forwarding solution and what not. So this was apparently a case of classic double NAT conflict. The router tries to port forward to the modem which would normally just bridge that onto the web, but the modem is in a sense being port forwarded too by the internet provider and it's own services.
What I had to do was reverting the static IP configs on the Pi, unplug it from the wifi router, then plug it directly to the modem and then port forward it using our internet providers online admin panel for the modem.
Now it works brilliantly.
I don't have a ton of experience with routers or port forwarding, but I do have a new Raspberry Pi and I wanted to see if I could set up a simple Hello World page just for educational purposes. I have quite a bit set up with apache2 already installed and the web page works great on my local area network, however I can't connect to it using my LTE from my phone, telling me this thing does not connect to the internet.
I am currently using Rasbian under all the default settings from the pi.
My router is an all in one modem and router, from xfinity. After sifting through countless sites trying to solve this issue, the following 2 were the closest thing to my particular issue. My reputation is not high enough to put more than 2 links, so I will put the most important ones..
So to the best of my knowledge this is the way to do it ...
1) Set the web server up to work locally
2) Then go into the router with the IPv4 or IPv6 (shouldn't matter which) and forward all Port 80 traffic to, say, Port 8080 where my PI 'should' be listening, then send back my web page down through Port 80 to the client calling the web page.
Under 10.0.0.1 I find this...
Then I go to 'Advanced'
I have tried from Start port 80 to End port 8080, which my 2 PI files I edited to listen for that port.
Those files are under
sudo nano /ect/apache2/sites-enabled-000-default.conf
and
sudo nano /ect/apache2/ports.conf
I changed
Listen 80
to
Listen 8080
and all other combinations alongside changing my router Start and End ports... none of which worked so I am lead to believe there is either a knowledge gap or I am doing something terribly wrong.
I just want to put a simply Raspberry pi web server online from my Local connection at home using a Comcast xfinity router. If anyone has any experience doing, I would seriously appreciate it, I've spent far too many hours trying to walk through this alone, so now I am reaching out to the faithful stackoverflow community.
It sounds like you are almost there.
For you to be able to access your raspberry pi server from the internet, you need to find your external ip address. Your router has one external ip address that you can reach from the internet. While on your wifi, search google for "what is my ip" Google may display it as the top result, or you might have to click into a site like ipchicken. Write this IP address down.
Next, setup your router to forward all port 80 (default http port). Try setting Apache to listen on port 80, and have your router set with start port and end port to be port 80 (this makes it so you don't have to put :port-number in the address, i.e. you will do http://your-ip-address rather than http://your-ip-address:8080). The start port is the port on the external network, the end is the port that your Apache server is running on the raspi.
It looks like your raspi has the ip address of 10.0.0.17 on your local network based on your screen shot. If it doesn't, change the IP address in the port forwarding section of the router configuration to be the IP address of your pi. You can figure out what the assigned IP address of your pi is through the router interface, or by typing ifconfig -a and looking for the ip address of the adapter that you're using to connect to the network. Your router may have the ability to assign a static ip address to your raspberry pi while it's connected to your network. It would say something like DHCP reservation. You'd need to find the MAC address of your pi. You can do that with ifconfig -a as well. Then configure your modem to always assign your pi the same ip address that you've configured in the port forwarding.
Now that everything is setup, switch to your cellular connection and then try to go to the ipaddress that Google gave you.
type your-ip in browser address bar -> port 80 request to your modem's IP -> you've set external port 80 requests to be forwarded to port 80 on your internal network for the device 10.0.0.17 -> your raspberry pi will serve the HTML
Note: The external ip address of your modem is most likely not static unless you specifically pay for a static address. This address usually will stay the same for at least a day though, so if you're just testing, it's not a big problem. In the future, if you want to ensure that you'll be able to reach your pi, look into dynamic dns.
I SSH into my workstation, which is a mac running OS X Yosemite, daily. Unfortunately, I noticed a while back that enabling remote login into my machine has put it under the fire of many automated dictionary attacks trying to log in using the default port, 22.
To make my machine more secure, I changed the SSH port. To do so, I edited the /etc/services file, and changed the following two lines:
ssh 2123/udp # SSH Remote Login Protocol
ssh 2123/tcp # SSH Remote Login Protocol
That greatly reduced the number of dictionary attacks, but now when I try to SSH from my workstation to other machines, I always need to specify the port (which is usually port 22).
This is easy enough for most simple tasks, just specify the port when SSHing in:
ssh -p22 me#another.computer.com
It becomes a pain for more complicated tasks where specifying the port is not an option, but it can still be done by adding an entry in ~/.ssh/config:
Host github.com
Hostname ssh.github.com
Port 443
Between these two options, I could always connect to any machine I wanted to connect to. However, I'm now writing a script that will connect to machines that will have different IP addresses (and domain names), and there is no optional argument to specify the port number.
I have also been getting frustrated that it does not default to port 22 for outgoing connections, but I do not want to change my incoming port back to 22.
Is it possible to change the incoming SSH port, but still have the default outgoing SSH port? That is, can I only allow people to login to my workstation using port 2123, but when I try connecting to other machines, the default port it tries to use is port 22?
I'm running OS X 10.10.2 Yosemite.
Change the ssh port back in `/etc/services' - that sets the defined port for the ssh protocol.
Then change the port that sshd listens on. On OS-X this is more complicated than it need be. See https://serverfault.com/questions/18761/how-to-change-sshd-port-on-mac-os-x