In this tutorial we are going to realize how to SSH remotely connect to a Linux CentOS server at home/company in an external public network environment, without a public IP and without setting up a router.

video tutorial

[video(video-jrpesBrv-1680147672481)(type-csdn)(url-live broadcast (not recorded)https //www.cpolar.com/” title=”cpolar – Secure Intranet Penetration Tool”>cpolar – Secure Intranet Penetration Tool

cpolar supports one-click auto-installation of scripts

• cpolar installation (for domestic use)

curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash

or cpolar short link installation method: (for foreign use)

curl -sL https://git.io/cpolar | sudo bash

• Check the version number, there is a normal display of the version number that is successfully installed

cpolar version

• token authentication, login to the background of cpolar official website, click on the left side of the authentication, check your own authentication token, and then paste the token in the command line.

cpolar authtoken xxxxxxx

• Simple penetration test, if there is a normal generation of public network address is successful penetration, press ctrl + c exit

cpolar http 8080

• Adding services to the system

sudo systemctl enable cpolar

• Start the cpolar service

sudo systemctl start cpolar

• Check the status of the service, which is normally displayed asactivethen it indicates a successful startup online status

sudo systemctl status cpolar

After cpolar is successfully installed, 2 sample tunnels will be installed by default, which can be edited or deleted by yourself.

• website tunnel: using http protocol, pointing to local port 8080

• ssh tunnel, using tcp protocol, pointing to local port 22

2. Creating TCP tunnels

After installing cpolar Intranet Penetration locally on centOS system, you can access the local port 9200 of centOS from an external browser.LAN ip+:9200, open the cpolar web ui interface.

After installing cpolar, it will generate a tunnel with ssh name by default, if you have ssh, you can directly jump to view the online tunnel list, and then connect remotely.

If not, we click on the left-hand dashboard of theTunnel Management——Creating a TunnelSince ssh connections default to port 22, we’re going to create a tcp tunnel to port 22:

• Tunnel name: customizable, taking care not to repeat

• Protocol: tcp

• Local address: 22

• Domain type: select random domain name

• Region: Select China VIP

strike (on the keyboard)establish

After creating the tunnel, open the online tunnel list and check the random public tcp address.

3. Random-address public-network remote connections

Outside we can use this public address to SSH remote connection to Linux CentOS, windows system for example, we use in the cmd window can be remotely connected to centOS

ssh -p port number username@public address

Note that since our local port 22 is mapped to port 23075 on the public network (your public port may be different), the ssh command needs to be followed by the -p parameter followed by the public port number

Also we can use the xshell utility to connect to the

4. Fixed TCP address

The temporary TCP data tunnel established by cpolar successfully connects to the centos system on the LAN, and allows us to perform undifferentiated operations through this TCP connection tunnel. However, this TCP data tunnel is still a random temporary TCP tunnel, the port number will change every 24 hours, it is more suitable for debugging the system, remote operation problem solving and other environments.

If we want this data tunnel to exist stably for a long time, we need to set it up further. First of all, you have to log in to the cpolar website and click on the left side of thereserve

In the Reservations screen, find theReserved TCP addressItem. Under this item, we fill in some necessary information, such as the name of the tunnel that identifies the data tunnel, the area in which the tunnel is used, etc.

• Region: Select China VIP

• Description: i.e. notes, can be customized to fill in

Then clickreservations

After successful address reservation, cpolar will return a fixed public address + fixed public port number, which is the fixed address of our ssh connection to the centos system, copy it down

Next, we go back to the cpolar web UI management interface and open theTunnel List, find the random temporary TCP tunnel you created earlier and enter thecompilerweb page

Paste the tunnel port we got from the cpolar website into thereserved TCP addresscolumn, and then click below theupdatebuttons

• Port type: change to selectFixed TCP ports

• Reserved TCP address: Fill in the fixed public address just reserved successfully

strike (on the keyboard)update

Then check the list of online tunnels again, and find that the public address of the ssh tunnel has changed to the fixed address reserved by our website.

At this point, we can use the command to connect to Linux CentOS system under other devices and operating systems, stable and easy, and do not have to worry about the data tunnel port number reset problem.

5. SSH remote using a fixed public TCP address

Open cmd and execute the ssh command

ssh -p port number username@public address

Note here that you still need to add the -p parameter followed by the public port number

Also use the xshell tool to connect.

In summary, the successful realization of the external public network environment can also be SSH remote connection to the company/home Linux CentOS server, do not need a public IP, do not need to set up a router, simply through the cpolar intranet penetration tool to map the local port 22, through the generated public address to SSH remote connection.