0

I am trying to setup an ssh server, and I can ssh locally with pubkey authentication, but when I try using the server's public ip, I cannot. I checked this website to see if the port was really open or not, and it was. I checked if there was a firewall and there doesn't seem to be any.

[jacob@cooler ~]$ ssh -vvv -p 22 user@ip)
OpenSSH_7.9p1, OpenSSL 1.1.1b  26 Feb 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname (ip) is address
debug2: ssh_connect_direct
debug1: Connecting to (ip) [(ip)] port 22.
debug1: connect to address (ip) port 22: Connection timed out
ssh: connect to host (ip) port 22: Connection timed out
[jacob@cooler ~]$ ^C

When I use the lan ip(using the same machine as the same client), it works. Changing the ip to the public ip does not. Any advice is welcome!

SweetFeet
  • 101
  • 4
  • 2
    You are trying this from inside the lan? You are probably just experiencing your routers lack of **NAT Hairpining** functionality. Try from a hotspot or a friend's connection. – Tim_Stewart Mar 23 '19 at 17:31
  • 1
    Oh. I tried that and it worked. Apparently the hours of research I did never brought that up. Lol. That was it! ha ha. – SweetFeet Mar 23 '19 at 20:39
  • Would be good to mark answer as accepted (your own also), if it solve Your problem. – Mikhail Moskalev Mar 23 '19 at 20:58
  • @MikhailMoskalev, I have to wait two days apparently before I can accept. Anyone want to give me upvotes? I feel like if this had been more popular, there would be less time wasted by people with problems like me! Thx! – SweetFeet Mar 23 '19 at 21:33
  • That's not what I meant. Give credit where it's due. You solved your question because of my comment. I gave the comment because I recently edited a question that was answered by @spiff about pretty much exactly this. So... the way this site is intended to work is by giving credit to people who bother to take their time and answer questions, (which we encourage everyone to join in on). – Tim_Stewart Mar 23 '19 at 22:09
  • 1
    Possible duplicate of [Unable to access outside service from inside LAN](https://superuser.com/questions/135366/unable-to-access-outside-service-from-inside-lan) – Tim_Stewart Mar 23 '19 at 22:09
  • There is no way I can do that because it seems I am not allowed to upvote or approve of comments as answers. I will credit you for it in the answer sorry. – SweetFeet Mar 23 '19 at 22:10
  • Lol, I didn't mean me. I meant the original question, and people who took their time originally in the answer linked. – Tim_Stewart Mar 23 '19 at 22:19

1 Answers1

0

Apparently, some routers cannot deal with a computer on a lan network accessing the public server located in the same lan, called NAT Hairpining. If you think you have everything setup for ssh (the port is open, there is no firewall), try logging in from a different network. Thanks to Tim_Stewart!

SweetFeet
  • 101
  • 4