0

I have the following setup:

  • I have enabled hotspot from my mobile phone and connected my laptop via Wi-Fi.
  • I'm tethering my mobile phone's internet via USB to connect my desktop to the internet. I can't connect my desktop via Wi-Fi because I don't have a Wi-Fi adapter.
  • I'm trying to ssh into my desktop from my laptop.

Here is the result of ifconfig commands:

# my laptop
❯ ifconfig | grep 192 -B1
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.43.186  netmask 255.255.255.0  broadcast 192.168.43.255

# my desktop
❯ ifconfig | grep 192 -B1
enp0s26u1u3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.42.17  netmask 255.255.255.0  broadcast 192.168.42.255

As you can see, they are not on the same subnet. I have read this question and run the following commands on my mobile phone. (Note that my mobile phone is connected to my desktop via USB):

# su root
# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 22 -j DNAT --to 192.168.42.17:22
# iptables -A FORWARD -p tcp -d 192.168.42.17 --dport 22 -j ACCEPT
# iptables-save

I think this should forward all the packages that are coming to eth0 interface to 192.168.42.17 (which is my desktop) and port 22. I don't see any problem here but I still can't ssh into my desktop. I tried to change interface name from eth0 to enp0s26u1u3 but nothing has changed. I still can't connect. I'm running this command on my laptop:

ssh "asocia@192.168.42.17"

What should I do to make this work?

sahinakkaya
  • 75
  • You should try to check the routing table (if possible) and edit it if it's not correct. Also, you should try to set the default Forward policy to ACCEPT to be sure it's not blocked by firewall. – S. Brottes May 04 '21 at 14:39
  • @S.Brottes Thanks for your reply. I'm afraid I don't have enough knowledge to understand what you mean. Can you explain a bit more? What command should I run or where to look? I have root privileges on all the machines I have so I can do whatever I want. – sahinakkaya May 04 '21 at 14:42
  • 1
    These command must be run on phone. Note that these commands could affect the behavior of the whole network connectivity of your cellphone. I advise you to be cautious. Check the default FORWARD policy with iptables -S. If it's not on ACCEPT, you can set it on accept with iptables -P FORWARD ACCEPT. Set the parameters to its original value after your test. Routing table show on which interface a packet must be sent depending of its destination IP address. Tutorial : https://www.cyberciti.biz/faq/linux-route-add/ – S. Brottes May 04 '21 at 15:16
  • @S.Brottes Default FORWARD policy is already ACCEPT. I think I can restart my phone even if I break something (done this earlier :D everything was OK after restart) I can't see anything that starts with 192.168.42.... when I do ip route on my laptop. Could this be the reason why I can't ssh using ssh asocia@192.168.42.17 command? – sahinakkaya May 04 '21 at 15:26
  • The rule is : If there isn't route for a network (192.168.42.0 for example), the "default" route will be chosen (sometime showed with ip address "0.0.0.0"). So you need to check on each device (and especially on the phone) if the selected interface according to the route table is correct. Also, don't forget to test if the connexion between each computer and the phone is good by using ping command : ping the phone from each computer. – S. Brottes May 04 '21 at 17:01

0 Answers0