What's the best way to SSH to machines on the local network?

  • I have 2 computers, one that I use and one for the kids. I want to be able to ssh into their computer to control it (like to shut it down etc) but am curious the best way to do this. We both are in the same house and share the same internet connection.

    What would be the best way to do this? From research, I read to install openssh-server on the remote computer but am stumped what to use for the hostname when trying to connect. Usually for VPS's it's the external IP but since we both share a wifi connection would it be the hardware IP? Should we be interfacing directly by LAN or by going through the internet?

    being able to ssh into your kids machines is a serious breach of privacy. You should set rules and turn it off manually or set a timer for shut down times. I disapprove. If my parents could ssh into my machine I'd feel violated.

  • Run:

    avahi-browse -tl _workstation._tcp
    

    To get a list of Ubuntu workstations in the local network, then you can connect to them by running:

    ssh <username>@<computer-name>.local
    

    Note: for `avahi-browse`, you'll need to install the `avahi-utils` package (which will also pull in `avahi-daemon`, the service providing the .local addressability).

    @Piskvor Good point. This package is already installed by default in Ubuntu Desktop, but I don't know about other flavors (kubuntu, lubuntu, etc). If it isn't installed just run `sudo apt-get install avahi-utils`.

    so would it be necessary to setup an ssh server or does e.g. ubuntu 14.04 run one by default?

    @tobi SSH server is not installed by default. You have to install it.

    the list seems empty after I run `avahi`. Both computers are connected to the same router

  • You can use the IP address to ssh into the kid's computer. If you want to use the computer name, edit your /etc/hosts file to include the computer name.

    192.168.1.104  dad
    192.168.1.105  kids
    

    You need to point out that the IPs need to be statically assigned to the computers.

    You can enable `ssh`ing by name without editing the hosts file by naming hosts in `~/.ssh/config`: http://www.howtogeek.com/75007/stupid-geek-tricks-use-your-ssh-config-file-to-create-aliases-for-hosts/

    @NathanLong - Nice tip! though one could argue having it in hosts file lets one access any service (if that is desired).

  • Before doing ssh , check for ssh client and server. If you don't have these service install

     sudo apt-get install openssh-client
    
     sudo apt-get install openssh-server
    

    If you have already just do

     ssh [email protected]
    
     Enter connecting device login password.
    

    Example :

     ssh [email protected]
    
     [email protected]'s password:********
    

    If you got any error like : "Permission denied, please try again."

    Please check twice for Username and ip.

  • I use the file ~/.ssh/config which ssh parses automatically, here is an example:

    Host *
    ControlMaster auto
    ControlPath /tmp/%[email protected]%h:%p
    
    KeepAlive yes 
    ServerAliveInterval 60
    ServerAliveCountMax 10
    ControlPersist 1h
    
    Host server1
            User user1
            HostName server1-web.example.org
    
    Host server2
            User user2
            HostName server2-db.example.org
            Compression yes
            IdentityFile /home/user/.ssh/different_key.pem
    

    Note that you can use any (clientside) variable in this file and either set it globally or per server.

    Then how does one configure the DNS facility of a home Internet gateway appliance to associate `server1-web.example.org` and `server2-db.example.org` with the respective servers?

    1. You can ssh directly to a local IP provided that your LAN uses static IPs, for example
      ssh [email protected]

    2. You can edit hosts file in both computers, as mentioned by Ed Manet in his answer. That way you can then ssh using computer's hostname, that is ssh [email protected]_hostname

    3. You can setup a local DNS server to resolve your LAN's hosts. This way you will be able to ssh using the computer's hostname as in option 2 but with additional benefit the avoidance of editing every hosts file, by pointing your DNS server in Ubuntu's network settings.

    DNSMasq is pretty good DNS server easy to setup.
    Another option is BIND.

  • Use the local LAN IP address. The alternate approach requires some port to be open to the Internet, to allow you to login.

    Also, you would need port mapping (on the router). Using your 'public' IP address (on the router) as a target will not connect to either of your two PCs.


    The simplest way is to permanently assign each IP address (for your 2 computers) on the router. Then simply connect to that IP address.

    If you want to get clever (later), set up a server and start using a local DNS service to assign meaningful names to each device. Not really worth the trouble for only 2 PCs.

    Note: many decent home routers nowadays will read the workstations' hostnames during IP address assignment, and will resolve it for local DNS. Alas, this is not a universal feature just yet.

  • If you are sharing the same internet connection you are most likely behind the same wifi router. So you connect directly to your kids computer:

    ssh <IP-address>
    

    or:

    ssh <user-name>@<IP-address>
    

    Obviously this works better if the kids computer has static IP address. Otherwise you always need to check what the IP is. Most routers have an option to assign static (always the same) IP to chosen devices. Some routers also have an option to assign host name to certain device - then for any device in the same network address "kids" would mean the same. If you assign host names with /etc/hosts file the host name is only known to that computer where that host file is. Also that assumes that kids computer has static IP address.

    You can set static IP to kids computer also in that machine but I advice setup where network settings are done in the router. One point of control - easier to manage. If something is unclear, leave a comment and I will expand my answer.

    I've tried Your suggestion, but got an error: `ssh: connect to host xxx.xxx.x.xx port 22: connection refused` - is there any additional configuration neccessary?

    There needs to be ssh server running on that machine and no firewall blocking it and so forth. It could be that ssh has been configured to expect connections on some other port in which case it is possible to user -p flag to use something else than the default port (22).

  • You can use the IP address in place of a hostname or assign a custom host name in your /etc/hosts file.

    To get the IP on the kid's computer: on the network menu see "Connection Information" or run ifconfig on the commandline (these have to be done on the kid's computer).

    Your wifi router assigns these IP addresses and you should be able to configure it to keep specific IP addresses for the computers they are currently assigned to. (Otherwise the IP's may change from time to time).

  • You can simply give assign compute name to your child's machine.
    Then just simply do,
    ssh MachineName

    I never used this, just a thought in my head i shared.

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM