5

My goal is to SSH into my Pi on my LAN (local area network) from WAN. Basically, I want to SSH to a Pi that is at home and that is connected to the router from places like school or work.

I thought that I would try opening a port on my router so I went to my routers NAT settings and changed service to SSH (since thats what I want, right?).

enter image description here

I am later going to put Pi's local IP in the "Server IP Adress" bar. But I am somewhat uncertain whether it would be (somewhat) secure if I were to open a port like that. Like, is that all it takes? I am new to the networking scene and hence lack experience in this regard.

SDsolar
  • 2,378
  • 8
  • 26
  • 43
Clone
  • 215
  • 2
  • 10

3 Answers3

1

If you open your Raspberry Pi's SSH port on the internet, there are two things you will need to know:

  1. You cannot access your Pi just by port forwarding! (Unless you have a static IP address)
    You will need to register an account with a "dynamic dns" service after port forwarding. I recommend duckdns.org.
  2. Port forwarding your Pi will lead to a serious vulnerability in your Pi if you have not changed the default password.

That said, port forwarding is your only option if you want to remotely access your Pi. However, do it wisely. Google is your friend if you want to research this.

Brendan Lewis
  • 73
  • 9
1

What you are describing should open up SSH access to your raspberry pi from the whole internet.

There is certainly risk involved in doing this - anyone able to login to the pi (for example by guessing your username and password) would take complete control of you Pi and have full access to your home network. This is something you want to avoid.

However, there are options to mitigate this risk - for example disabling password login and using public key authentication. You must also ensure that you keep your software up to date. Nothing can guarantee total safety.

What you want to do is not an uncommon thing to do but it's important to be aware of the risks.

Andy Smith
  • 432
  • 1
  • 5
  • 19
1

I'm not sure your level of commitment to this, but I use OpenVPN on my Rpi to tunnel into my home network. Bonus, it's also a free VPN service I can now use on public wifi. I tried rolling my own OpenVPN server, but soon after found pivpn and love it. So easy to set up. pivpn, if you're interested

Now whenever I need access to my server for ssh or smb shares while on the road, I just connect to the vpn and then act as if I'm on my home network.

Scott W.
  • 11
  • 1