lately I have been able to set up one of my research laptop to broadcast as ssh server using SSHD. That laptop has CentOS7 KDE, everything seems similar but not quite the same.
I also would like to set up one of my laptops at home as an SSH server, to act as a mirror. Now, at my home network, the router is shared by 3 computers, and two of the computers are clones with OpenSUSE.
I am familiar to
ssh -X account@ipaddress
except all three computers tell me that they have the same IP address.
Even with SSHD start command, I am having trouble logging into the “mirror”. How could I set up a home-ssh server on a wireless system? Also, could someone explain to me the potential security risks here?
I interpreted the OP’s description to mean that he configured private static addresses on each of his machines (not public) so of course NAT would have made all machines use the same IP address from the Internet.
Recommend you consider alternatives to what you are designing.
<Simple Solutions> will make your life easier in the future, less things to break.
This means that unless you have a really good reason to SSH into a machine in your network to do print jobs, this is not necessarily the best way (This is the architecture chosen and often seen in small MS Windows networks, particularly SBS networks when a remote User does a remote desktop into his personal Office machine which has all his favorite apps and files).
If you are connecting from a laptop you carry with you or otherwise have the file(s) you want to print, it makes more sense to connect directly to the Printer (or Network Printer Share) from your remote machine.
You seem to describe having configured a CIFS/SAMBA Printer share on the machine your printer is physically attached.
If this is the case, then your best solution is likely to configure a VPN to your network.
The better alternative is if you can configure your Printer as a network device with its own IP address or able to configure your the machine attached to your Printer to use a standard TCP/IP printer protocol (because you can’t serve CIFS/SAMBA across an unsecured network like the Internet without exposing usernames and passwords which can severely compromise you).
If you can configure your Print Server (the machine attached to your printer) with a non-CIFS/SAMBA method, you can then configure your router to serve your Print server similar to how you described configuring a web server to be seen on the Internet.
If you still believe doing a SSH into a machine in your network is your preferred method for reasons like I described in MS Networks, then this is again a router configuration issue to forward connections on a special, specific port or IP address only to that machine.
the printers are connected via USB cables only, they are not wifi capable, which means I need a standing server for them. The server is, and has to be Windows 7 Pro computer, because it is shared by Windows guests and has software that I only have Windows license for. It is also the primary work station while I am home.
As for the SSH mirror/second “server” computer because I wish to have a linux server that I can easily ssh & scp in and out of, as I would like to synchronize some of the data I carry on my work laptop. There are often times I wish to print something while I am away in classes.
I wish to dedicate this thread on specifically only setting the SSH server/mirror.
I have another thread for the printer server. I will need to read on VPN configuration, I would appreciate a pointer to the right document.
Do you wish to set up a VPN between the laboratory where you are doing your research and your private network @home or, do you mean something else?
[HR][/HR]If you have administration rights for the laboratory and, you are the owner of that laboratory then, setting up the VPN is a matter which has to be done in the Routers connecting the laboratory and @home networks to the ISP – assuming the same ISP and technology for both networks; for example, if the Routers of both networks use DSL provided by the same ISP then, it’s often possible to set up a VPN via the ISP’s DSL network.
But, if you’re not the owner of the laboratory network then, it’ll be a negotiation issue with that network’s owner.
You mentioned that your @home network has a router, presumably connected to an ISP via ??? (DSL??, ATM??, X.25??, LTE??, UMTS HSPA??, analogue dial-up??), which serves your @home network – Ethernet?? or WLAN???.
Is this router set up to serve private IP addresses via DHCP to the machines connected to your @home network?
Are your @home machines set up to retrieve their private IP addresses via DHCP?
openSUSE 13.2 uses systemd. What is the SSH daemon status reported by systemd?
> systemctl status sshd.service
sshd.service - OpenSSH Daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Do 2016-08-25 09:30:19 CEST; 3h 41min ago
Process: 1426 ExecStartPre=/usr/sbin/sshd-gen-keys-start (code=exited, status=0/SUCCESS)
Main PID: 1459 (sshd)
└─1459 /usr/sbin/sshd -D
One of the nice things about a LAN is, that it’s transparent – the physical connection doesn’t play any role in the connectivity – metal wires in an Ethernet cable or WLAN, it doesn’t matter – the applications all behave the same, regardless of the means to connect to the LAN.
Where is “here”?
Do you mean your private @home network?
Or, do you mean access between your private @home network and somewhere else, such as the network where you are doing some research?
For the case of the private @home network, the security risks are:
The encryption being used by the WLAN – none, weak, strong.
The lack of NAT by the router connected to the ISP – normally not an issue if the private @home network uses “private” IP addresses.
The lack of a firewall implemented in the router connected to the ISP.
The possibility to access (login to) the router connected to the ISP from the Internet.
The lack of secure IP sessions when connecting from machines on the private @home network to the Internet.
For the case of access from your private @home network to somewhere else, the security risk is basically the same as that for a WLAN: encryption none/weak/strong.
Okay, professional/personal life has been resolved.
Now, about setting up ssh mirror/server.
I should mention to you that I have zero IT experience, my focus in study and research is in physics. I just learn-as-I-go to get my hardware working properly.
I wish to set up one of 2 computers that remain at home at all time, to be accessible remotely through ssh while I am on campus, or in the lab. I wish to be able to scp some documents back and forth.
At home, there is one wifi router that is linked to 3 computers. One dedicated Windows machine with 2 printers connected by USB, it is an “entertainment” station, which will always have Windows7, maybe not after 2020. I have one hybrid laptop, which can boot into one of 2 drives, one of which has latest LEAP as of last week.
The idea is that I wish to access this LEAP laptop.
As few of you have pointed out, I am inexperienced in this field, and I would like to read up on the materials. My last resort would be to ask my departmental IT to help me after hours, but that would eliminate my learning experience.
Connecting to a Router @home from a research site:
Depends on the Router – it’s Router specific.
For example: the AVM FRITZ!Box 7490 connected to a VDSL service from a German ISP –
With this Router it’s possible to set-up a VPN via the Internet to the @home (private) LAN provided that, the ISP has provided a non-private IPv4 address.
Alternatively, it’s possible to set-up a FTPS connection from the Internet to the Router which allows access to the NAS devices directly connected to that Router.
[HR][/HR]An issue is: IP address changes – for example some ISPs prefer that the subscriber’s Routers are assigned new IPv4 and IPv6 addresses daily (usually at about 3 o’clock in the morning).
The best thing to do is to configure a static ( fixed ) IP address in your local network for the laptop. Next you need your router to forward port 22 to that IP address. If that is setup correctly you should be able to use
Once you’re logged in on the laptop you can access other machines that run the ssh service.