Article directory
Preface
Deepin operating system is a Linux operating system based on Debian. It focuses on users' ultimate operating experience for daily office, study, life and entertainment. It is suitable for notebooks, desktop computers and all-in-one computers. It is China's first Linux distribution with international influence, supports 33 languages, and has users on six continents except Antarctica.
The following introduces a few simple steps combined with Cpolar intranet penetration to implement SSH public network remote Deepin, jumping out of LAN restrictions, allowing us to conduct remote SSH connections on any device.
Cpolar intranet penetration provides higher security and privacy protection. By using encrypted communication channels, Cpolar technology can ensure the security of data transmission, which provides users and teams with more reliable protection, allowing them to process with confidence. and storing sensitive work content.
1. Start SSH service
By default, Deepin has installed the ssh service. We only need to enable it. The following command is used to enable SSH:
#启动ssh服务
sudo systemctl start ssh
#查看ssh 服务状态
sudo systemctl status ssh
#加入开机启动
sudo systemctl enable ssh
Execute the above command, turn on SSH, and add boot startup. Enter to view the status. You can see that the SSH service is running.
Next modify the configuration file and edit the SSH configuration file
sudo vim /etc/ssh/sshd_config
Uncomment the following two parameters and change the value to yes
After the modification is completed, save it and then restart the SSH service. Next, install the cpolar intranet penetration tool to achieve remote SSH connection.
sudo systemctl restart ssh
2. Deppin install Cpolar
Deepin is a Linux-based system. You can use the cpolar Linux installation method to quickly install it with one click. In the command interface of the Deepin terminal, we enter the following command. If you are using it for the first time, you can register an account in the official website link below!
cpolar official website address: https://www.cpolar.com
- Use one-click script installation command
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Add services to the system
sudo systemctl enable cpolar
- Start cpolar service
sudo systemctl start cpolar
After cpolar is installed and the service is successfully started, access the 9200 port of Linux on the browser: [http://127.0.0.1:9200]. Log in using the account logged out of the cpolar official website. After logging in, you can see the cpolar web configuration interface. Connect Come down and configure it in the web interface.
3. Configure ssh public network address
After logging in to the cpolar web UI management interface, click Tunnel Management - Create Tunnel on the left dashboard:
- Tunnel name: It can be customized. Be careful not to duplicate the existing tunnel name.
- Protocol: tcp
- Local address: 22
- Domain name type: Temporary random TCP port
- Region: Select China
Click创建
Then open the online tunnel list on the left and check the address of the ssh tcp connection generated after the tunnel was just created. This address is the public network connection address. We can use this address for ssh connection on any device.
4. Public network remote SSH connection
The public network address of ssh was created in Deepin above. Next, we use the public network address on other devices to test the ssh remote connection. Next, we connect on the Windows system command line and we can see that the connection is successful.
Similarly, we use the ssh connection tool and can connect normally. Enter the cpolar tcp public network address in the tool. Take Secure CRT as an example
We can also see that the connection is successful, so that we have a remote ssh address set up.
summary
For a better demonstration, we used the tunnel generated by Cpolar in the aforementioned process, and its public network address was randomly generated.
The advantage of this random address is that it is established quickly and can be used immediately. However, its disadvantage is that the URL is randomly generated and this address will change randomly within 24 hours, making it more suitable for temporary use.
I usually use a fixed TCP domain name because I hope that when I send the address to colleagues or customers, it will be a fixed and easy-to-remember public network address, which will make it more formal and facilitate communication and collaboration.
5. Fixed connection SSH public network address
The above steps use a random temporary TCP port address. The generated public network address is a random temporary address. The public network address will change randomly within 24 hours. Next, we configure a fixed TCP port address for it. This address will not change. After setting it, there will be no need to modify the address repeatedly every day.
Configuring a fixed TCP port address requires upgrading cpolar to the Professional Edition package or above.
Reserve a fixed tcp address
Log incpolar official website, click Reserve on the left and find the reserved tcp address. Let’s reserve a fixed tcp address for SSH:
- Region: Select China
- Description: Notes, customizable
Click保留
After the address is successfully reserved, the system will generate the corresponding fixed public address and copy it.
Open the cpolar web ui management interface, click Tunnel Management - Tunnel List on the left dashboard, find the TCP tunnel we created above, and click on the right编辑
Modify the tunnel information and configure the successfully reserved fixed tcp address into the tunnel.
- Port type: modified to fixed tcp port
- Reserved tcp address: fill in the address successfully reserved by the official website,
Click更新
After the tunnel is successfully updated, click the status on the left dashboard - Online tunnel list. You can see that the public network address has been updated to a fixed TCP address and port.
6. SSH fixed address connection test
After fixing the address, use our fixed TCP address to connect. You can see that the connection is successful and a permanent fixed address is set.
