Yesterday I was trying to configure my computer behind a router to enable it for the SSH connection from outside the router. After some google-ing, I found many ways all involving changing the iptables rules, but all turned out to be failures. Finally, under the help of Daizhong, I found the working way to configure my computer in order to solve the problem.
Before beginning all the operation below, you need to setup the router to fix your IP address and set the forwarding port through the ADMIN page (normally is 192.168.1.1) of your router(two steps, first is fixing your IP address and then set the port forwarding).
The following steps are:
Firstly, you need to edit the SSHD configuration file
to enable the port forwarding you set on the ADMIN page of your router.
Then, you need to edit file
to set the value of ssh port to the number you gave before.
After that, you should set the firewall either using terminal or UI tools to allow the port for ssh. The terminal way is by adding the following line into the file /etc/sys config/iptables:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport XXXX -j ACCEPT
put your port number to the position of “XXXX”.
In the end, you should set the port allowed under SELinux using:
sudo semanage port -a -t ssh_port_t -p tcp XXXX
In the end, you can restart the sshd and iptables for a test, by using:
service sshd restart service iptables restart ssh username@ip -p XXXX
Note all the commands above need superuser account.