• Announcements

    • alpenwasser

      Please Use CODE Tags   31 Jan 2016

      Welcome to the Programming and Software Design Section,

      When asking for help with programming issues, please use the code tags to enclose your code, it makes things much more easily readable for the people trying to help you, thus improving your chances of actually getting help.
        To add code tags, click the <> button on the editor toolbar, then enter your code in the code editor that appears. If you are on a mobile device, or prefer to use BBCode, you can use [code] // Your code here // It will be syntax highlighted, though not necessarily corectly. [/code] (but the code editor is more consistent and less buggy).
babadoctor

Why does SSH need to be port forwarded?

The difference between teamviewer and SSH is where the traffic originates from.

 

With teamviewer, your computer connects to an outside server and tells it which IP and port to send traffic on. When you try to connect to your teamviewer server, you contact the central server (hosted somewhere on the Internet) which connects the two connections to each other.

This is why it does not require port forwarding. Because the connection originates from inside your network. Your router sees that your computer wants to connect to the Internet, so it assigns that connection a dynamic port number which it automatically keeps track of. Since it is your computer starting the connection, your router will know which traffic should be forwarded to it automatically.

 

 

With SSH, there is no middleman. It's not your computer from the inside network that is establishing the connection. Your router will just see an incoming connection on port 22 and then have no idea what to do with the connection. Should this packet on port 22 be sent to computer 192.168.1.6 or should it be sent to 192.168.1.7? Your router will have no idea and just try to process the packets itself, and then probably discard them.

 

There are ways around it with SSH, but they are very complicated so I really don't see why you won't just port forward. Is there any special reason for it?

You will most likely need a VPS or a VPN in order to make it work the way you want. With a VPS you could do the same thing Teamviewer does, but you will have to write the server (middleman) and client (that runs on your SSH server) yourself. I am not aware of any programs that does this already.

 

With the VPN you would have to make sure both the SSH server and client both are on the same network (either a completely separate VPN for the two, or VPN from the client into the server's network) and then you will be able to SSH without port forwarding since you're on the same network.

 

But both solutions are costy. Cost in time, computational resources and money, so I really don't get why you just can't port forward.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.