Remote access using openssh and DynDNS
I’m not a big fan of the “cloud” and having to rely on third party to store and sync my data. I prefer to have more control of my own things. Unfortunately static IP address are usually paid and not very cheap. I don’t want to pay for a static IP adress right now so U looked for other options. DynDNS seemed to be the best one. What does it do? Well, it takes your public dynamic IP adreess provided by your IPS and associates that with a domain name DynDNS provides. But if its a dynamic DNS won’t it change and break your connection anyway? That’s where ddclient come… but one thing at a time so I don’t get lost with the instruccions.
This assumes you already have ssh configured and a static IP adress assigned to your computer that will be the server your want to connect to. There are lots of guides online on how to do this.
1- Sign up to DynDNS dynaic DNS service. It’s free and reliable! The confirmation email can take some hours to arrive, mine took around 4 or 5 hours, so be patient.
2- Choose your domain name from the free ones DynDNS provides. There are a lot of options, some of them very cool such as homelinux.com 
. Take note of your username and password and domain name. They will be needed again.
3- Configure your rooter to foward port 22 (for ssh) to your computer (the server one). If you dont know how to do this follow a guide to your router at: http://www.portforward.com/.
4- Install ddclient (it’s in Debian/Ubuntu Repositories) and debconf will popup aking you to configure the client. Select DynDNS as the service provider and enter your username and password. ddclient will update with DynDNS your public IP address so that the connection is not broken when the public IP address changes. It can be done trough the router but apparently doing this thought software is more reliable.
This is a sample /etc/ddclient.conf file to update Dyndns:
# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
daemon=3600
cache=/tmp/ddclient.cache
pid=/var/run/ddclient.pid
use=web, web=checkip.dyndns.com/, web-skip=’IP Address’
protocol=dyndns2
server=members.dyndns.org
login=username
password=’password’
domain.homelinux.org
wildcard=YES
syslog=yes
5 – See if it works! Example: ssh username@yourdomain.linuxhome.com. If it does not work when you have booth computers at your LAN, try a remote access, some routers don’t support loopback connections.
For security reasons make sure you have ssh configured to allow key acess only. Password autentication over the internet is not safe really. Follow these guides on how to setup openssh and openssh with key acess.
More From amrlima
If you want to follow this post leave a comment bellow and continue the thread, or sbscribe the feed. If you don't have a feed reader you may subscribe by e-mail. Click here to sign up.
Trackbacks & Pingbacks
Comments
Deixe o seu comentário
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">
Subscribe by Email
Comentário by KrisBelucci 2 de Junho de 2009 @ 7:19
da best. Keep it going! Thank you
Comentário by amrlima 8 de Junho de 2009 @ 10:35
Thanks! Hope it’s been helptfull to you
Comentário by T-Rex 8 de Junho de 2009 @ 19:27
Do you have user name(s) and password(s)? WHOIS Information Who is the registrant? Can you access the administrative email address? Is the domain name locked? Where the domain name is registered at?
Comentário by web hosting 8 de Junho de 2009 @ 21:26
HTML 5 allows connections across domains, through use of the Access- Control HTTP header, as defined in a separate W3C specification (which applies identically to normal XHR usage and to server- sent events). A request is made for a resource as usual, but if that resource on the server (in this case, an event stream from a Comet server), includes the Access- Control HTTP header with values allowing the use of the resources, browsers will treat it as if it came from the same domain as the main document. If…
Comentário by amrlima 24 de Junho de 2009 @ 11:11
@T-Rex your comments are… well, confusing and they considered as spam by askimet
I am tented to considerer it also as spam, but you seem to have a valid email adress and a website. Anyway I don’t get your comments
Comentário by Michael 18 de Julho de 2011 @ 12:55
I’ve been trying to get this to work myself. I believe port forwarding is working (it’s working for other services), and ddclient is working, and I can ssh on the LAN to my server.
But when I try to come from the Internet (using PuTTY), it prompts for “user@mydomain.dyndns.org”. This fails, i think because my server’s expecting to authenticate “user@localhostname” ?
So this is probably a dumb question: how to get ssh and/or putty to authenticate as my server’s local user, when coming from outside?
Comentário by amrlima 18 de Julho de 2011 @ 15:50
@Michael: “user@mydomain.dyndns.org” should work. Make sure your firewall is not blocking port 22 (if you didn’t change the default ssh’s port).
Comentário by Michael 21 de Julho de 2011 @ 5:02
yep, works, i’m a dummy. i tried from *outside* as you suggested in the article. guess my router is one of those that don’t do lookback connections.
Comentário by amrlima 21 de Julho de 2011 @ 9:55
Great!
. Most routers are a PITA 
. Enjoy your connection 