- port forwarding
In computer networking, port forwarding or port mapping is an application of network address translation that redirects a communication request from on address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.
ㅁ ㅁ ㅁ
my house --------------------------> my lab -----------------------------> server
public IP(ex, iptime IP) : 223.###.##.### private IP : 192.###.#.###
port(server port number) : ###22
public IP : IP needs to be communicated by each computer on Internet
private IP : IP distributed to each server in inner network, normally it composes of 192.168.x.x
- vi /etc/ssh/sshd_config
Define the regulation when access the ssh.
vi : Visual display editor
i : Insert
...
Port 22 #open here
#AddressFamily any
ListenAddress 0.0.0.0 #open here, 0.0.0.0 means myself
#ListenAddress ::
...
#LoginGraceTime 2m
PermitRootLogin yes #open here
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
...esc : input command
: input
wq! : Write and Quit
q! : Quit
- systemctl start sshd
systemctl : System Control, commands to manage systemd
systemd : System Demon, the multitasking program running over the multitask operation background
sshd : Secure Shell Demon
shell : It is a program that takes commands from the keyboard and gives them to the operating system to perform. (skin of onion)
ssh : Secure Shell, a network communication protocol that enables two computers to communicate and share data
- systemctl status sshd
[root@localhost ~]# systemctl start sshd
[root@localhost ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-12-23 01:27:25 EST; 1 months 15 days ago #here I can see oepn ssh server demon is active now
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1161 (sshd)
Tasks: 1
Memory: 2.5M
CGroup: /system.slice/sshd.service
└─1161 /usr/sbin/sshd -D
Feb 06 20:09:52 localhost.localdomain sshd[26363]: Accepted password for root...
Feb 06 21:06:12 localhost.localdomain sshd[29435]: Accepted password for root...
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
Hint: Some lines were ellipsized, use -l to show in full.
- firewall-cmd --permanent --add-port=22/tcp
Release port 22 firewall
tcp : Transimission Control Protocol, the protocol using with IP in order to send the data as message on the Internet. Basically tcp uses with ip. For example, ip handles deliver the data, it manages and traces the packet.
packet : The data is transmitted divided into multiple pieces, each pieces called packet.
protocol : The regulation for transmission information
- cd /etc/sysconfig/network-scripts
Let's change the network such as IP address, prefix, gateway, DNS.
ifcfg : Interface Configuration file, it controls the software interfaces for individual netsork devices. As the system boots, it uses these files to determine what interface to bring up and how to configure them. These files are useally named ifcfg-name, where name refers to the name of the device that the configuration file controls. (access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s1-networkscripts-interfaces#:~:text=As%20the%20system%20boots%2C%20it,that%20the%20configuration%20file%20controls.)
...
IPADDR="192.###.#.###" //server IP(private IP)
PREFIX="24" //gateway will be used as 24bit among 32bit
GATEWAY="192.###.#.###"
DNS1="203.###.##.#" //Domain Name Server
IPV6_PRIVACY="no"
...DNS : Domain Name Server, hostname converts to IP address through dns such as when user input (www.google.com) then the system converts it to IP address for user to connect the google server.
- ssh root@223.x.x.x -p ###22
Connect the server from my lab computer remotely.
ssh root@223.x.x.x -p ###22
root@223.x.x.x's password: 223223.x.x.x : my lab public IP
-p : port
###22 : server port
'Concept > Network' 카테고리의 다른 글
| OSI 7 Layers, TCP, UDP (0) | 2022.01.25 |
|---|---|
| Packet, TCP Header, IP Header, Ethernet Header (0) | 2022.01.25 |