[LINUX] Pretend to be a server with two PCs

motivation

The difference between a personal computer and a server is mainly in terms of specifications and intended use, and the boundaries are more ambiguous than expected. In fact, you can use your computer as if it were a server on another network. So, let's simulate remote server work by making an SSH connection from one to the other using two PCs at home.

Things to prepare / premise

--Connection source PC: Those that can use SSH. OS is optional. --Connected PC: Ubuntu or MacBook. Other Linux distributions have different commands. In the case of Windows, the settings are different, so I will omit it. --Both PCs are connected to the same network

Check the IP of the connection destination PC

For Ubuntu

# server ubuntu
$ ip a
...
inet 192.168.X.Y/24 ...
...

For MacBook

# server macbook
$ ifconfig
...
inet 192.168.X.Y netmask 0xffffff00 ...
...

The above command will display the private IP of the connected network. Usually in the format 192.168.X.Y, where X and Y are numbers from 0 to 255.

About IP address

The IP address is a 32-bit number, and if you represent it by a number separated by 8 bits, it becomes an IP address that you often see. Since 8 bits represent numbers from 0 to 255, 4 numbers in this range will be the IP address.

If there is a / 24, it means that the first 24 bits of the IP address are fixed within the group. That is, the first three numbers are fixed and the last numbers are different. netmask 0xffffff00 expresses the same thing. That is, if the fixed bit is written in hexadecimal so that the fixed bit is 1 and the variable part is 0, this is the case.

I wasn't sure why private addresses usually start with 192.168.

Start SSH service on the server side

In the initial state, SSH connection is not possible from the outside. Let's check it with ping.

#Connection source
$ ping 192.168.X.Y
Request timeout for icmp_seq 0
...

For X and Y, enter the values you confirmed earlier. This result means that you cannot access the IP.

Therefore, try starting the SSH service at the connection destination.

For Ubuntu

#Connection destination Ubuntu
$ sudo apt-get install -y openssh-server

╩╗When you install openssh-server`, the SSH service will start automatically. You can check it with the following command.

#Connection destination Ubuntu
$ sudo systemctl status ssh
...
Active: active (running)
...

The SSH service will start automatically the next time you start your PC. If you want to stop the automatic startup, there seems to be the following method (Reference) ..

  1. Rename the ssh.conf file with the following command (restore the name for automatic startup)

    $ sudo mv /etc/init/ssh.conf /etc/init/ssh.conf.disabled
    
  2. Comment out the part related to automatic startup in /etc/init/ssh.conf

...
#start on filesystem or runlevel [2345] 
...

For MacBook

In System Preferences> Sharing, select "Remote Login" and select an accessible user (Reference -access-your-mac-mchlp1066 / mac)). A screen like the one below. It politely teaches you SSH commands. Sharing.png

Now try ping again.

$ ping 192.168.X.Y
64 bytes from 192.168.10.224: icmp_seq=0 ttl=64 time=108.883 ms
...

If all goes well, you can see access to the IP.

Connect with SSH

The connection method is the same as a normal server.

#Connection source
$ ssh <user>@192.168.X.Y

Since ordinary PCs have password login, you will often be asked for your password after this. You should be able to connect by entering the login password you normally use at the connection destination.

Set up a firewall

If you just started the SSH service, the only protection against unauthorized access is the password. By setting a firewall at the connection destination, you can limit the access method.

For Ubuntu

Check the current status of the firewall.

$ sudo ufw status
Status: inactive

╩╗Inactive` means that the firewall is not configured.

First of all, we will prohibit access in principle and allow only SSH.

$ sudo ufw default deny
$ sudo ufw allow ssh
$ sudo ufw enable

This will prevent access to anything other than SSH (port 22). You can check it with the following command.

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere      
22/tcp (v6)                ALLOW       Anywhere (v6)

To make it a little more secure, you can limit the source to the same network segment.

$ sudo ufw reset
$ sudo ufw default deny
$ sudo ufw allow from 192.168.X.0/24 to any port ssh
$ sudo ufw enable

Replace X with the number of the confirmed IP address. / 24 allows access only from networks where the first 24 bits (three numbers) of this IP match.

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       192.168.10.0/24

For MacBook

It can be set from the "Firewall" tab in System Preferences> Security & Privacy. If you allow SSH access, it seems that only the SSH port is automatically set to be accessible. Screen Shot 2020-07-05 at 14.23.55.png

Recommended Posts

Pretend to be a server with two PCs
Creating a Flask server with Docker
Realize a queue with two stacks
I made a web server with Raspberry Pi to watch anime
I tried to communicate with a remote server by Socket communication with Python.
How to add a package with PyCharm
Set up a Samba server with Docker
Send mail with mailx to a dummy SMTP server set up with python.
Only 8 Techniques to Pretend to be Data Scientists
A memo for making a figure that can be posted to a journal with matplotlib
A confusing story with two ways to implement XGBoost in Python + overall notes
When I connect to a remote Jupyter Server with VScode, it's remote but local
SSH login to the target server from Windows with a click of a shortcut
[Python] How to create a local web server environment with SimpleHTTPServer and CGIHTTPServer
Start a temporary http server locally with Pytest
Send a message from Slack to a Python server
Build a local server with a single command [Mac]
How to read a CSV file with Python 2/3
Log in to the remote server with SSH
Set up a simple HTTPS server with asyncio
Send a message to LINE with Python (LINE Notify)
A memorandum to make WebDAV only with nginx
Install Windows 10 from a Linux server with PXE
ODBC connection to FileMaker 11 Server Advanced with Python 3
How to develop a cart app with Django
How to make a dictionary with a hierarchical structure.
I want to make a game with Python
Start a simple Python web server with Docker
I want to be an OREMO with setParam!
Make a chatbot and practice to be popular.
Try to make a "cryptanalysis" cipher with Python
Decide to assign a laboratory with Python (fiction)
Set up a local server with Go-File download-
Steps to create a Twitter bot with python
Launch a web server with Python and Flask
Save the object to a file with pickle
Try to make a dihedral group with Python
How to set up a local development server
How to create a multi-platform app with kivy
AWS Step Functions to learn with a sample
Mount a directory on another server with sshfs
[Dedicated to Telewa! ] PC operation with a webcam
I want to write to a file with Python
Create a "Hello World" (HTTP) server with Tornado
A layman wants to get started with Python
Run the output code with tkinter, saying "A, pretending to be B" in python
Convert images from FlyCapture SDK to a form that can be used with openCV
[Mac] I want to make a simple HTTP server that runs CGI with Python
I tried to automatically generate a character string to be input to Mr. Adjustment with Python
[Go language] Be careful when creating a server with mux + cors + alice. Especially about what I was addicted to around CORS.
How to convert / restore a string with [] in python
I tried to create a table only with Django
A memo connected to HiveServer2 of EMR with python
[Python] How to draw a line graph with Matplotlib
I want to transition with a button in flask
Try to make a command standby tool with python
Python Ver. To introduce WebPay with a little code.
I made a ready-to-use syslog server with Play with Docker
How to create a submenu with the [Blender] plugin
I want to climb a mountain with reinforcement learning
I tried to draw a route map with Python