Control Your Mac from Afar
Subject:   SSH into LAN'd Mac?
Date:   2003-10-14 07:28:09
From:   anonymous2
Response to: SSH into LAN'd Mac?

I'm assuming here that your LAN Macs all have IPs in the range 192.168.1.x (or in the Class A or B range reserved for private use). If you're not doing this already, you probably should be.

If that is the case, you can't directly access the target machine anyway.

What you need to do is to get your router/firewall to forward requests to port 22 to a specific machine. This needn't be the target machine as you can always SSH from there to the target machine inside the LAN.

You'll need to ensure that all the LAN machines that you might want to target have static IPs. You'd then set the router to port-forward requests onto one of them (referred to below as the primary target).

To operate, you'd just do ssh which will land you inside your network on the primary target, from which you can SSH to your actual target as necessary.

It's *exactly* the setup I use (with dyndns) to log into home and collect mail with pine.

Full Threads Oldest First

Showing messages 1 through 1 of 1.

  • SSH into LAN'd Mac?
    2004-01-07 17:15:29  anonymous2 [View]

    there is also another way to get this working.

    many ssh-clients let you configure the port to use
    on the router you have to configure nat (or better pat) to translate the ip adress to the one of your target machine and the destination port of your target machine.

    this setup is a bit more work to do but it reduces network trafic in the target LAN
    this setup can even be used to connect to multiple vnc servers on a LAN behind a router with an acceptable amount of network traffic

    by the way -
    for the sake of security its a good idea to use ports different from the well-known ports to confuse crackers ;-)