atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

PuTTY and No-IP

Fri Aug 21, 2015 4:22 pm

Hello,
I am trying to have a remote access from my PC to my RPi via SSH with the Putty software (through different networks - different LANs).
I've already installed and configured my no-ip account in my RPi, I followed steps on tutorials and I think I configured it right.
I created a host which is myHost.no-ip.org; if I ping it from the command line of my PC, it receives answers, so I think it works fine.
What I want to do is to put the name of myHost.no-ip.org in putty and connect it remotely, but it appars an error of 'connection time out'.
Why can't I connect my RPi with no-ip and putty?
Is there any better option than putty to use the no-ip and remote access in different networks?
Thanks.

JimmyN
Posts: 1109
Joined: Wed Mar 18, 2015 7:05 pm
Location: Virginia, USA

Re: PuTTY and No-IP

Fri Aug 21, 2015 6:16 pm

The "myHost.no-ip.org" gets you across the WAN to your router, where your RPi resides.

In your router you need to forward port 22 (SSH) to your RPi so that SSH requests coming into the router are forwarded on to the RPi. If port 22 is not forwarded the router has no idea which LAN IP to send the SSH request to, so it doesn't do anything with it and eventually it times out.

atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

Re: PuTTY and No-IP

Fri Aug 21, 2015 9:43 pm

JimmyN wrote:In your router you need to forward port 22 (SSH) to your RPi so that SSH requests coming into the router are forwarded on to the RPi. If port 22 is not forwarded the router has no idea which LAN IP to send the SSH request to, so it doesn't do anything with it and eventually it times out.
okay, but there are 2 routers (my router and the router in which is located the RPi). I sopose that you are referred to the second one, right?
Then it is needed ALWAYS to do this forwarding?
Is there any method of remote control in which you don't do port forwarding?
Finally, how can I do this port forwarding?

JimmyN
Posts: 1109
Joined: Wed Mar 18, 2015 7:05 pm
Location: Virginia, USA

Re: PuTTY and No-IP

Sun Aug 23, 2015 2:20 pm

Yes the router where the RPi is connected has to have incoming SSH requests forwarded to the RPi.

The router works as a hardware firewall, nothing comes in from the outside (WAN) unless it is in response to a request that went out. To allow incoming requests you have to open a specific port on the router, then forward that port to the device that is listening for it.

You set port forwarding by logging into your router admin. In most cases that will be 192.168.0.1 or 192.168.1.1. Use your browser to go to that address and you'll get a router login page. If you don't know the username/password for your router, and you haven't changed the defaults, you can Google your router model to get that info. Change the router password while you're there to something other than the factory default. Since that's the gateway into your LAN you never want to run it with a factory password that anyone can obtain in a couple minutes using Google.

User avatar
bobstro
Posts: 193
Joined: Wed Feb 05, 2014 6:48 am
Location: Central Massachusetts, US
Contact: Website

Re: PuTTY and No-IP

Sun Aug 23, 2015 3:24 pm

And of course you've secured the Pi user account and tightened up ssh security before doing this, right?

atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:17 pm

bobstro wrote:And of course you've secured the Pi user account and tightened up ssh security before doing this, right?
yes

atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:20 pm

JimmyN wrote:Yes the router where the RPi is connected has to have incoming SSH requests forwarded to the RPi.

The router works as a hardware firewall, nothing comes in from the outside (WAN) unless it is in response to a request that went out. To allow incoming requests you have to open a specific port on the router, then forward that port to the device that is listening for it.

You set port forwarding by logging into your router admin. In most cases that will be 192.168.0.1 or 192.168.1.1. Use your browser to go to that address and you'll get a router login page. If you don't know the username/password for your router, and you haven't changed the defaults, you can Google your router model to get that info. Change the router password while you're there to something other than the factory default. Since that's the gateway into your LAN you never want to run it with a factory password that anyone can obtain in a couple minutes using Google.
ok, but what can I do if the RPi is moving and it takes wifi from the McDonalds (for example) or taking wifi from my phone. is it possible to make port forwarding on routers that are not mine and are publics?

User avatar
RaTTuS
Posts: 10600
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK
Contact: Twitter YouTube

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:26 pm

atmosteam wrote:...
ok, but what can I do if the RPi is moving and it takes wifi from the McDonalds (for example) or taking wifi from my phone. is it possible to make port forwarding on routers that are not mine and are publics?
no
if you take your RPi with you then you need to push ... you will be able to push from the RPI to elsewhere
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

User avatar
kusti8
Posts: 3439
Joined: Sat Dec 21, 2013 5:29 pm
Location: USA

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:26 pm

No. For that, look at Weaved IoT, which allows you to connect to your Pi without port forwarding.
There are 10 types of people: those who understand binary and those who don't.

atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:37 pm

kusti8 wrote:No. For that, look at Weaved IoT, which allows you to connect to your Pi without port forwarding.
yes, but does it work to control the raspberry pi? I think you cannot, because it is an application to execute a function remotely (as controling GPIO). What I want is to see the LXTerminal and write commands, things like that.

atmosteam
Posts: 68
Joined: Mon Jun 22, 2015 7:22 am

Re: PuTTY and No-IP

Mon Aug 24, 2015 3:38 pm

RaTTuS wrote:
atmosteam wrote:...
ok, but what can I do if the RPi is moving and it takes wifi from the McDonalds (for example) or taking wifi from my phone. is it possible to make port forwarding on routers that are not mine and are publics?
no
if you take your RPi with you then you need to push ... you will be able to push from the RPI to elsewhere
Unerstood. Thank you.

User avatar
IgorGanapolsky
Posts: 33
Joined: Sun Apr 10, 2016 8:32 pm

Re: PuTTY and No-IP

Sun Aug 07, 2016 11:25 pm

kusti8 wrote:No. For that, look at Weaved IoT, which allows you to connect to your Pi without port forwarding.
Why can't No-Ip be used here? Why does Weaved have to be used?

Heater
Posts: 16832
Joined: Tue Jul 17, 2012 3:02 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 12:35 am

Why can't No-Ip be used here? Why does Weaved have to be used?
Because.

The original idea of the internet was that we, all our machines, get an IP address. A 32 bit number. With that IP address any machine can be contacted from anywhere on the net.

A name service, DNS, would provide human readable names for all those IP addresses. Like "raspberrypi.org".

Turns out that the 4 billion available IP addresses is not enough for the huge number of people and machines on the net. So we have a level or more of "Network Address Translation" going on between the internet and the users of machines behind an Internet Service Provider".

Up shot of all this is that my machine with IP address 192.168.0.32 cannot directly contact your machine with IP address 192.168.0.32. So you end up as a consumer of the internet, not able to contribute with your own server (Nobody can find it if you have one).

This is very shitty of course. So they invented IPv6 with with 128 bit addressing. That way every atom on the planet could have its own IP address and be contactable by any other.


This of course does not fit the business model of Internet Service Providers, for whom you are a consumer, so IPv6 has been very slow in adoption.

In the meanwhile you can use the services of someone like dataplicity.com to make your Pi, or whatever machine, visible to the net from the outside of your ISP jail. Like my Pi 3 here: https://7d7b6f7a.dataplicity.io/
Memory in C++ is a leaky abstraction .

User avatar
IgorGanapolsky
Posts: 33
Joined: Sun Apr 10, 2016 8:32 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:26 am

Heater wrote: Because.
Turns out that the 4 billion available IP addresses is not enough for the huge number of people and machines on the net. So we have a level or more of "Network Address Translation" going on between the internet and the users of machines behind an Internet Service Provider".
Thank you very much for explaining this point in such fine detail. I never thought I'd understand the IPV6 intricacies vs IPV4 as it relates to Raspberry Pi, and networking in general. So you're saying that No-Ip uses IPV4, whereas Weaved, Ngrok, and Dataplicity use IPV6? Or is there a finer point I am missing here...

User avatar
RaTTuS
Posts: 10600
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK
Contact: Twitter YouTube

Re: PuTTY and No-IP

Mon Aug 08, 2016 6:41 am

look at
https://en.wikipedia.org/wiki/Private_network
these are none routable on the internet - so you can run a network at home and not worry about them leaking out on the internet.
this means a company can have a NAT network without having to buy huge blocks of IP numbers.
noip and there like - take your public ip address and give it a name [that you can control and move to elsewhere]
IPV6 also has private parts [oh err]

there are other ways of connecting to local machines using various techniques but in general KISS

some networks like wireless ones give you an end user IP address in a private range - this is so you don't run a server on your Phone etc .... [well other reasons also]
so you cannot use noip for that sort of thing
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

Heater
Posts: 16832
Joined: Tue Jul 17, 2012 3:02 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 7:08 am

Almost nobody is using IPv6 across the internet.

Services like dataplicity.com create "tunnels". Your machine will have a local LAN address, like 192.168.0.21 that is not reachable form the outside internet. The dataplicity program on your machine will make a connection out to dataplicity.com and then start exchanging data with it. In the same way a web browser connects out to servers on the internet. Then when you make connection to a URL on dataplicity.com their service will forward that to your machine over that tunnel.

If we all used IPv6 then every machine anywhere could be on a the same footing and provide services on a public IPv6 address. There is enough addresses to go around. No tunnels or VPN,s etc required.

My thesis is that there is no incentive for major players like Facebook, Google etc to switch to IPv6. It's better for them if they are the service and you are just a consumer. Able to use their services but not provide them yourself.

I think Facebook is a classic example. Basically it is a means of allowing everyone to be in contact with everyone else.It gets around this local LAN addressing problem. But we have to use their service to do so.

If all our machines could easily contact all other machines directly we could just exchange data in a peer to peer fashion without their server farms in the middle. We could all run some software locally that provides Facebook like service to each other.

That would be true "cloud". What we have today is not a cloud but a few highly centralized services.
Memory in C++ is a leaky abstraction .

SonOfAMotherlessGoat
Posts: 690
Joined: Tue Jun 16, 2015 6:01 am

Re: PuTTY and No-IP

Mon Aug 08, 2016 10:49 am

Heater wrote:Almost nobody is using IPv6 across the internet.
Ummm. http://www.worldipv6launch.org/participants/?q=1
Account Inactive

Heater
Posts: 16832
Joined: Tue Jul 17, 2012 3:02 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 2:33 pm

SonOfAMotherlessGoat,
OK, let me revise my "Almost nobody is using IPv6 across the internet." to "IPv6 has only about 12 percent adoption" https://en.wikipedia.org/wiki/IPv6_deployment.

Now, the IPv6 address of google.com is 2607:f8b0:4005:805:0:0:0:200e. Try entering that into your browser:

https:[2607:f8b0:4005:805:0:0:0:200e]

We get:

404. That’s an error.

"The requested URL / was not found on this server. That’s all we know."

That's after you have ignored the security warning because the HTTPS certs are not working.

Facebook works though:

https:[2a03:2880:11:2f83:face:b00c:0:25de]

But also complains about security on HTTPS.

raspberrypi.org has no IPv6 address.
Memory in C++ is a leaky abstraction .

User avatar
IgorGanapolsky
Posts: 33
Joined: Sun Apr 10, 2016 8:32 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 3:32 pm

Heater wrote:SonOfAMotherlessGoat,
OK, let me revise my "Almost nobody is using IPv6 across the internet." to "IPv6 has only about 12 percent adoption" https://en.wikipedia.org/wiki/IPv6_deployment.

Now, the IPv6 address of google.com is 2607:f8b0:4005:805:0:0:0:200e. Try entering that into your browser:

https:[2607:f8b0:4005:805:0:0:0:200e]

We get:

404. That’s an error.

"The requested URL / was not found on this server. That’s all we know."

That's after you have ignored the security warning because the HTTPS certs are not working.

Facebook works though:

https:[2a03:2880:11:2f83:face:b00c:0:25de]

But also complains about security on HTTPS.

raspberrypi.org has no IPv6 address.
That is interesting. So does that mean IPv6 is a flop of an initiative? Or is it just slow for adoption?

SonOfAMotherlessGoat
Posts: 690
Joined: Tue Jun 16, 2015 6:01 am

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:11 pm

Heater wrote:SonOfAMotherlessGoat,
OK, let me revise my "Almost nobody is using IPv6 across the internet." to "IPv6 has only about 12 percent adoption" https://en.wikipedia.org/wiki/IPv6_deployment.

Now, the IPv6 address of google.com is 2607:f8b0:4005:805:0:0:0:200e. Try entering that into your browser:
Why? I can just enter https://www.google.com and let my DNS pull the AAAA record and I don't have to worry about pulling out a direct address. Would you go to https://216.58.218.228? And yes you do get a warning about certificates, because you're trying to browse directly via IP. Don't do that. Certificates are name based, not IP based.

My ISP has given me 1 IPv4, or a /56 of IPv6's. Way easier to set up AAAA and A records than to try to remember the IP's. That's why DNS was invented. (And all my servers and VPS locations are v6, the lowest you can get now is a /64.)

If you intentionally try to use something incorrectly, of course it's going to break.
Account Inactive

SonOfAMotherlessGoat
Posts: 690
Joined: Tue Jun 16, 2015 6:01 am

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:19 pm

IgorGanapolsky wrote: That is interesting. So does that mean IPv6 is a flop of an initiative? Or is it just slow for adoption?
It's very far from a flop. There's about a /20 or of IPv4's that aren't McNugget'd and those are ARIN. Try to get routable from APNIC and you're going to be out of luck. The doom and gloom of running out of v4's was way overplayed, I'll grant you that. But we are getting to the point that any decent sized block of v4's are a precious commodity. To the point that people are buying trash allocations and trying to resuscitate them and pull them out of the BGP blocklists.

So slow for adoption, but once you have the resources to use them, it's great. No NAT to deal with, lower overhead on the routers, faster speeds (yes, latency drops when you lose the NAT garbage.) Internally at the house I'm pure IPv6, with some DNS work to convert v4 only addresses over to v6. And on my servers that are running v6 I'm getting way fewer portscans and scriptkiddies bouncing off the firewall partially because the address space is so vast it's difficult to run a scan.
Account Inactive

Heater
Posts: 16832
Joined: Tue Jul 17, 2012 3:02 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:46 pm

SonOfAMotherlessGoat,

Ah, good point about the HTTPS failure. I was not thinking straight.

Still I cannot reach google using an IPv6 address though.

When you visit google.com how do you know you are using IPv6?

Perhaps not a flop. Just gaining traction very slowly.

For example my companies servers on google cloud cannot use IPv6. It's not supported.

Google reports that only about 4% of the traffic their site is over IPv6.

Some of reasons for the slow adoption of IPv6 are laid out here: http://teamarin.net/2014/08/13/transiti ... king-long/

Now, where can I find a hosting provider that will give me IPv6 addresses from my servers? Preferably IPv6 only?
Memory in C++ is a leaky abstraction .

SonOfAMotherlessGoat
Posts: 690
Joined: Tue Jun 16, 2015 6:01 am

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:55 pm

Heater wrote:When you visit google.com how do you know you are using IPv6?
Because I use https://ipv6.google.com/?gws_rd=ssl most often.
Perhaps not a flop. Just gaining traction very slowly.
Definitely agree with that point! :)
Now, where can I find a hosting provider that will give me IPv6 addresses from my servers? Preferably IPv6 only?
I mostly run my own servers (either co-lo or VPS). I have only run into one provider that doesn't use IPv6, every other one that I use has a minimum of a /64 allocated but you have to set up the static addressing yourself. Most locations don't provide the RA or DHCPv6 to do it automatically, so there is a bit of a learning curve to picking things up again. I have a few favorites from the low end OpenVZ/KVM to Digital Ocean up to the big Co-lo farms that are near to where I live out here on the West Coast. And if your providers are giving you v4's you may just want to ask about their v6 plans, a large number of places will allocate them out for free. (For my home ISP I just had to call in and ask them to bump the /64 allocation to a /60 and they gave me the /56 instead. I only need 6 /64's for VLAN's and the rest are just hanging around. And the portblocks from the IPv4 address don't apply for v6 as they just haven't gotten around to updating their headends.
Account Inactive

SonOfAMotherlessGoat
Posts: 690
Joined: Tue Jun 16, 2015 6:01 am

Re: PuTTY and No-IP

Mon Aug 08, 2016 4:58 pm

Heater wrote: Some of reasons for the slow adoption of IPv6 are laid out here: http://teamarin.net/2014/08/13/transiti ... king-long/
14% and climbing faster https://www.google.com/intl/en/ipv6/statistics.html
Account Inactive

Heater
Posts: 16832
Joined: Tue Jul 17, 2012 3:02 pm

Re: PuTTY and No-IP

Mon Aug 08, 2016 6:33 pm

SonOfAMotherlessGoat,

Well what do you know.

Whilst you were writing that I was on the Digital Ocean case. So I now have an IPv6 (only) server:

http://[2a03:b0c0:1:a1::4ba:1001]/

Can you, or anyone else, reach it?
Memory in C++ is a leaky abstraction .

Return to “General discussion”