As long as keys are all right, SSH connectivity issues often have to do with networking and firewall configurations. To ensure SSH connections can be properly established from an external network, you need to configure port forwarding and firewall rules.
Steps to Enable Port Forwarding and Allow SSH on Firewall
1. Retrieve Local IP Address
To find the local IP address of the server, run the following command:
ip addr
Now log in to your router. Please note that the steps below might vary depending on your router's vendor. I have a TP-Link router, so that's where I referenced from.
2. Retrieve MAC Address of the machine
- Go to DHCP and select the DHCP client list.
- Find the server's IP address and its corresponding MAC address. Make a note of this MAC address.
3. Add Server IP to Address Reservation
- In the DHCP section, select Address Reservation.
- Click Add New, enter the MAC address and the server's IP address, then click Save. Doing this step, so server's local IP address stays the same.
4. Configure Port Forwarding
- Go to Forwarding, select Virtual Server, and click Add New.
- Set Service Port to 22, IP address to the server's IP, and Internal Port to 22. Click Save.
5. Allow SSH Through the Firewall
Even if SSH is installed and running on the server, it might not be allowed by the firewall. To permit SSH traffic through the firewall, use the following command:
sudo ufw allow ssh
6. Allow SSH Traffic on External Firewall
In a work environment, there'll likely be both a router and a firewall. Depending on the firewall vendor, the instructions may differ. However, add a rule to allow traffic from the host machine to the server on port 22 to ensure the firewall doesn't block SSH traffic.
7. Connect to the Server from an External Network
To establish an SSH connection, use this command:
ssh -i keylocation/keyname user@publicIP
Don't know your public IP? Just google what's my IP.
Top comments (0)