HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   TPS-Ubuntu 11.04[ISPConfig 3] - questions about network and SSH (http://www.howtoforge.com/forums/showthread.php?t=52715)

ihsir 17th May 2011 16:10

TPS-Ubuntu 11.04[ISPConfig 3] - questions about network and SSH
 
Hello Falko,

I have followed your tutorial on how to forge for setting up the Perfect Server & want to let you know that so far it is great! In between, I took a sidestep to run vimtutor to brush up on the needed vi skills/shortcuts to be able to create and edit the different files.

My system name is ubuntuServer.tampabay.rr.com and I set all of the IP addresses the same as you did in Step 7 - Configure the network.
I've been interested in setting up SSH and VNC at home, but haven't done it yet. I've got the Server (which is a dual boot with XP Home / Ubuntu Server 11.04) and an iMac with Snowleopard. I've got a Linksys Router (Wireless G), but the server is plugged directly into it, the Mac is connected through Airport.

On step 5 though, you mention that we are able to use PuTTY to connect to the server (via SSH) and enter all the commands. I'm at work now and downloaded PuTTY, opened it, and in the Host name, I put "ubuntuServer.tampabay.rr.com". I tried the port as both 80 (and 22) and tried connecting, but I was unable to connect.
  1. Do I need to connect from inside the home network?
  2. If so, how can I do it from the Mac? I tried using SSHTunnel and Terminal, but I'm not sure if I'm doing it correctly.
  3. How can I connect to it from outside of the home network?
  4. My ISP provider, Brighthouse, is dynamically providing me the IP address. I'm confused as to whether I will still need a tool like DynDNS to keep the IP address synced online, or if step 7 was the solution for that (or if it was only to keep the server IP within the network static).

Can you please clarify, or point me in some direction where I can find this information? Everything I've found so far seems to assume that the user already knows it.


Thanks again for the wonderful tutorial!

falko 18th May 2011 14:48

First make sure that SSH is running on the server. You can check that with
Code:

netstat -tap
If you use a firewall, make sure that port 22 is open.
If you connect from outside your network, you must configure your router to forward port 22 to your server.

ihsir 20th May 2011 05:15

TPS-Ubuntu 11.04[ISPConfig 3] - questions about network and SSH
 
1 Attachment(s)
Hi Falko,

Sorry for the late response, but I've been having some trouble with the server. I tried installing a GUI (apt-get install ubuntu-desktop) thinking that it would be helpful, but I started getting lots of errors. I did some reading on it and found out that Gnome doesn't play well with Natty.

I redid the installation from fresh. Twice, because I was still getting errors the last time.

I just did it again and have reached step 6 in the tutorial (where you said that you can start using PuTTY or some other SSH client).

I mucked around with the router and was able to get to the Port Range Forwarding section, but I am not sure if I did it correctly. Since the iMac is hooked up to the network at home, I am trying to connect with SSHTunnelManager, but there, also, I'm not sure if I'm doing it correctly. Please see the screen shot and let me know if you see anything glaringly wrong.

Also, since the router is limiting my choice of IPs to forward to (only the last digit can be modified), does that mean that when I reach step 7 I'll have to use that IP instead of the one you have in your example (e.g. 192.168.1.x vs. 192.168.0.100)?

Oh, and on this fresh install, when I do "netstat -tap" I'm seeing two different SSH items listening:
tcp | 0 | 0 *:ssh | *:* | LISTEN | 906/sshd
tcp6 | 0 | 0 [::]:ssh | [::]* | LISTEN | 906/sshd

Is this correct?


Thank you!

falko 20th May 2011 14:41

Quote:

Originally Posted by ihsir (Post 257207)
Also, since the router is limiting my choice of IPs to forward to (only the last digit can be modified), does that mean that when I reach step 7 I'll have to use that IP instead of the one you have in your example (e.g. 192.168.1.x vs. 192.168.0.100)?

Yes, you have a different subnet, so you must use 192.168.1.x addresses.

Quote:

Originally Posted by ihsir (Post 257207)
Oh, and on this fresh install, when I do "netstat -tap" I'm seeing two different SSH items listening:
tcp | 0 | 0 *:ssh | *:* | LISTEN | 906/sshd
tcp6 | 0 | 0 [::]:ssh | [::]* | LISTEN | 906/sshd

Is this correct?

That's ok - the first line is for IPv4, the second one for IPv6.

The screenshot of the router configuration page looks good as well (as far as I can see, it's a little bit small).

ihsir 21st June 2011 19:17

Port Forwarding question
 
2 Attachment(s)
Hello Falko,

I brought home a Windows 7 laptop from the office with PuTTY on it and sat down last night to get this to work.
When I logged into the server, I noticed the IP address it had listed right upon login: 192.168.1.103 (See screenshot).

I then went in PuTTY and entered this IP address and was able to connect successfully!

I changed the SSH port forwarding in the router to also be 103 for port 22 (see screen shot).

I assume that if I want to be able to pull up Squirrel mail and ISP config from a computer outside of the LAN, I'll have to allow port 80 (or 8080) to forward to 103 as well, correct? Is this an unsafe practice? Generally, what is considered standard/okay/best practice in port forwarding?


Thank you very much for all the help thus far!

falko 22nd June 2011 14:17

Quote:

Originally Posted by ihsir (Post 258747)
I assume that if I want to be able to pull up Squirrel mail and ISP config from a computer outside of the LAN, I'll have to allow port 80 (or 8080) to forward to 103 as well, correct?

That is right.

Quote:

Originally Posted by ihsir (Post 258747)
Is this an unsafe practice? Generally, what is considered standard/okay/best practice in port forwarding?

No, this is a common practice, and it is not unsafe - think of all the servers that use ISPConfig and are in data centers (i.e., not in a local network).


All times are GMT +2. The time now is 16:49.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.