0

I know that there are many, many topics on exactly this subject, however, nothing is working for me (i'm using ubuntu 22.10).

I added this configuration in /etc/ssh/sshd_config.d/sshd_config.conf:

Port 2222
PermitRootLogin no
PermitEmptyPasswords no
ClientAliveInterval 300
ClientAliveCountMax 0
MaxAuthTries 5

this setting in ufw:

sudo ufw allow 2222/tcp
# Rule added
# Rule added (v6)

sudo ufw status


Status: active




To                         Action      From


--                         ------      ----


2222/tcp                   ALLOW       Anywhere


2222/tcp (v6)              ALLOW       Anywhere (v6)

and on my router (which is a MERCUSYS MR30G):

allowed port in router

so... when I try to make the connection:

ssh -p 2222 user@address
# ssh: connect to host address port 2222: Connection refused

for debugging...

ssh -V:

OpenSSH_9.0p1 Ubuntu-1ubuntu7.1, OpenSSL 3.0.5 5 Jul 2022

sudo service ssh status:

● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/lib/systemd/system/ssh.service; enabled; preset: enabled)
     Active: active (running) since Sun 2023-04-02 13:19:58 -03; 30min ago
       Docs: man:sshd(8)
             man:sshd_config(5)
    Process: 609877 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
   Main PID: 609878 (sshd)
      Tasks: 1 (limit: 9293)
     Memory: 1.4M
        CPU: 39ms
     CGroup: /system.slice/ssh.service
             └─609878 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

Apr 02 13:19:57 patrickstar systemd[1]: Starting OpenBSD Secure Shell server...
Apr 02 13:19:58 patrickstar sshd[609878]: Server listening on 0.0.0.0 port 2222.
Apr 02 13:19:58 patrickstar sshd[609878]: Server listening on :: port 2222.
Apr 02 13:19:58 patrickstar systemd[1]: Started OpenBSD Secure Shell server.

sudo ss -ntpl | grep 2222:

LISTEN 0      128          0.0.0.0:2222       0.0.0.0:*    users:(("sshd",pid=609878,fd=3))         
LISTEN 0      128             [::]:2222          [::]:*    users:(("sshd",pid=609878,fd=4))
rhuanpk
  • 111
  • 5

1 Answers1

0

Well, after a LOT of analysis, I came to the conclusion that the blocking is actually at my ISP, apparently they have a NAT that fronts my internet, which makes all the configuration of port redirection on my router, on the firewall and in ssh from my machine it is useless if my ISP does not release the port in the NAT or if they directly deliver a public IP to my router.

NOTE:

Original solution was described in this comment.

EDIT:

Finally, after meditating on the problem and after a lot of research, I saw two solutions to my problem:

  1. Settle directly with my ISP by purchasing a public IP;
  2. Use some type of reverse proxy (which was my chosen option).

In this case, I discovered Ngrok, tested it and it worked perfectly.

rhuanpk
  • 111
  • 5