step 1, go to system preferences, check sharing, check remote login. Only allow the unprivileged user to remote login, remove admin from the allowed list.
 |
| remote login enable |
step 2. go to system preferences -> users & groups select the user you need to remote access the computer, change the password to be a very strong one.
step 3. if your firewall is blocking port 22, enable it. Go to system preferences -> Security and Privacy -> Firewall Options.
step 4. schedule wake up, if your computer go to sleep you won't be able to ssh into it. Go to system preferences -> Energy saver -> Schedule
 |
| schedule wakeup |
step 5. test remote login from LAN address, ssh <user>@<localIp>.
step 6. login your gateway router, add a port forwarding rule, forward port 22 to the ip address of your computer.
 |
| port forwarding |
step 7. test remote login from internet address. The internet address can be found from gateway router.
You can disable password login and only allow certificate based login, but the above 7 steps should be able get your WAN access goal reached.
No comments:
Post a Comment