From owner-freebsd-questions@FreeBSD.ORG Tue Dec 18 10:43:57 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4978616A46C for ; Tue, 18 Dec 2007 10:43:57 +0000 (UTC) (envelope-from gerard@seibercom.net) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.242]) by mx1.freebsd.org (Postfix) with ESMTP id EEE7913C465 for ; Tue, 18 Dec 2007 10:43:56 +0000 (UTC) (envelope-from gerard@seibercom.net) Received: by an-out-0708.google.com with SMTP id c14so731726anc.13 for ; Tue, 18 Dec 2007 02:43:56 -0800 (PST) Received: by 10.100.211.8 with SMTP id j8mr17124333ang.56.1197974635954; Tue, 18 Dec 2007 02:43:55 -0800 (PST) Received: from ?192.168.1.102? ( [67.189.206.211]) by mx.google.com with ESMTPS id 1sm21576757agb.2007.12.18.02.43.51 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 18 Dec 2007 02:43:51 -0800 (PST) Date: Tue, 18 Dec 2007 05:44:11 -0500 From: Gerard Seibert To: freebsd-questions@freebsd.org Organization: Seibercom.net In-Reply-To: References: <20071218040802.GB6678@ayn.mi.celestial.com> X-Face: "\j?x](l|]4p?-1Bf@!wN<&p=$.}^k-HgL}cJKbQZ3r#Ar]\%U(#6}'?<3s7%(%(gxJxxcR nSNPNr*/^~StawWU9KDJ-CT0k$f#@t2^K&BS_f|?ZV/.7Q Message-Id: <20071218054048.6EE7.A38C9147@seibercom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.44 [en] Subject: Re: SSH through port forwarding X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Dec 2007 10:43:57 -0000 > On December 18, 2007 at 12:47AM sham khalil wrote: > On Dec 18, 2007 12:08 PM, Bill Campbell wrote: > > > On Mon, Dec 17, 2007, Andrew Falanga wrote: > > >Hi, > > > > > >I'm having a difficult time working with my father to get the port > > >forwarding working on his Linksys router to forward SSH requests to his > > >FreeBSD machine at home. As near as we can figure, it's setup correctly. > > >In case anyone here uses this router it is WRT54G and details (including > > a > > >users manual) can be found at, > > > > > http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&pagename=Linksys%2FCommon%2FVisitorWrapper&cid=1149562300349 > > . > > > > > >Now, I'm in Idaho and he's in NY (which does make things difficult). Is > > >there any special tricks to setting up port forwarding for SSH? Probably > > >should have checked this first, but I'm going to go look on the handbook > > >too, just to see. > > > > It should Just Work(tm). I don't have one of those handy, but > > port forwarding is generally under the Advanced tab Linksys > > routers. It may be called Games or something like that. Forward > > port 22, ssh, to the internal IP and save the settings. > > > > Generally one should have a fixed internal IP for forwarding as > > DHCP assigned IP addresses may change. > > > > once you open port 22 to public ip, you'll get people try to bruteforce your > machine. > if you don't want that set sshd to listen to a higher number like 5522 > then forward port 5522 from the router to the internal machines. > > unfortunately for wrt54g, you can't forward port 5522 to 22 for internal > machine. Security through obscurity is a poor substitute for security. Port scanners will eventually find that port also. Have you checked to see if a firewall is set up that could be blocking the port? -- Gerard