Access to a server with only private IP address

·

3 min read

What's public and private IP address

Public and private IP addresses serve different purposes in internet networking.

Public IP address

A public IP address is a unique address assigned to a device, such as a Google server, a home router, by an internet service provider (ISP). Each public IP address is unique across the whole internet, Google server's IP will be different than Microsoft server's, they can be accessed from anywhere in the world.

ssh username@server_ip_address

Private IP address

On the other hand, a private IP address is used within a private network, such as a home or office network, to connect securely to other devices within the same network. These addresses are not visible or directly accessible from the internet. Private IP addresses are assigned by the network router to each device within the same network. Multiple devices across different networks can have the same private IP address because these addresses are not routable on the internet.

Private IP addresses fall within specific ranges reserved by the Internet Assigned Numbers Authority (IANA). These ranges are:

  • Class A: 10.0.0.0 — 10.255.255.255

  • Class B: 172.16.0.0 — 172.31.255.255

  • Class C: 192.168.0.0 — 192.168.255.255

Public IP addresses, on the other hand, can be any IP address that does not fall within the private IP address ranges or other reserved ranges.

In summary, the main differences between public and private IP addresses are their scope, communication, and uniqueness. Public IP addresses have a global reach and are used to communicate over the internet, while private IP addresses only have a local reach and are used to communicate within a private network.


How to SSH to a server with only private IP address

1.Using sshx

github.com/ekzhang/sshx

sshx is a secure web-based, collaborative terminal. It let you run a single command to share your terminal with anyone and see other people's cursors moving in real time.

# Get sshx by running this command. It's tiny and downloads in seconds (3 MB).
curl -sSf https://sshx.io/get | sh
# run sshx after install
sshx
# you will see something output like https://sshx.io/aaaa#bbbb

Now you can access your ssh server remotely anywhere by open sshx.io/aaaa#bbbb in your Chrome.

2.Using bore

https://github.com/ekzhang/bore

bore is a modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls.

# first run this command on your ssh server
bore local 22 --to bore.pub
# The above command will output info like the following
2024-01-12T08:21:47.663201Z  INFO : connected to server remote_port=19215
2024-01-12T08:21:47.663201Z  INFO : listening at bore.pub:19215

Now you can access your ssh server remotely anywhere running the following terminal command

ssh username@bore.pub -p 19215

How to access to a HTTP server with only private IP address

3.Using Cloudflare Tunnel

Follow these instructions to download and install cloudflaredhttps://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/

Run the following terminal command to start a free tunnel.

cloudflared tunnel --url http://localhost:8080
# you will see something output like
+----------------------------------------------------------+
|  Your quick Tunnel has been created!                     |
|  Visit it at (it may take some time to be reachable):    |
|  https://kuwait-played-bt-frequencies.trycloudflare.com  |
+----------------------------------------------------------+

Now you can access your HTTP server remotely anywhere by open https://kuwait-played-bt-frequencies.trycloudflare.com on your Chrome.

The local http server will receive http request like this:

GET / HTTP/1.1

{
  "host": "kuwait-played-bt-frequencies.trycloudflare.com",
  "user-agent": "Mozilla/5.0 (...) Gecko/20100101 Firefox/115.0",
  "accept": "text/html,...,*/*;q=0.8",
  "accept-encoding": "gzip",
  "accept-language": "en-US,en;q=0.5",
  "cdn-loop": "cloudflare; subreqs=1",
  "cf-connecting-ip": "*.*.93.87",
  "cf-ew-via": "15",
  "cf-ipcountry": "JP",
  "cf-ray": "87bc2ed4765280f3-NRT",
  "cf-visitor": "{\"scheme\":\"https\"}",
  "cf-warp-tag-id": "5dcce6a4-c3eb-4a29-8b92-ab00c7981824",
  "cf-worker": "trycloudflare.com",
  "connection": "keep-alive",
  "dnt": "1",
  "sec-fetch-dest": "document",
  "sec-fetch-mode": "navigate",
  "sec-fetch-site": "none",
  "sec-fetch-user": "?1",
  "upgrade-insecure-requests": "1",
  "x-forwarded-for": "*.*.93.87",
  "x-forwarded-proto": "https"
}

if you want to change the host header, using --http-host-header option:

cloudflared tunnel --url http://localhost:8080 --http-host-header yourhost