What's new

How to use pi1.domain.com and pi2.domain.com instead of router.domain.com:8001 and router.domain.com:8002?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

XIII

Very Senior Member
In my current network setup I have two Raspberry Pi's behind my router, that I want to access from all over the world using SSH (yes, I know many people consider this unsafe and I should use OpenVPN, but let's leave that for another discussion for now).

I have opened two different ports on my router and forward those ports on the router to the Pi's:
  • port 8001 on router -> port 22 on Pi 1
  • port 8002 on router -> port 22 on Pi 2
Additionally I own a domain name and have set a DNS record for the subdomain "router" to the IP address of my router.

Thus, I can access the Pi's via these addresses:
  • Pi1: router.domain.com:8001
  • Pi2: router.domain.com:8002
What I would rather want is this:
  • Pi1: pi1.domain.com
  • Pi2: pi2.domain.com
How can I achieve this, if at all?

Someone suggested me to use nginx as a reverse proxy, but many posts on the internet state this cannot work for the SSH protocol because domain names are not included in requests.

How do I get this to work?
 
I don't know if you can proxy SSH, why not use a VPN tunnel?
 
Can you please describe the VPN tunnel part?

(I'm not sure I have sufficient knowledge to understand what you mean without some explanation)
 
Setup a VPN server running either on your internet router or one of the rpi's (I use wireguard on one of my SBC's). When you connect from your remote host to the VPN server effectively you are on your home network.
 
Last edited:
I did not get that to work using OpenVPN on iOS devices in the past, but maybe I should try that again now.

Thanks.
 
Obviously a VPN would better etc, etc...

Otherwise, the only way I can see it working like you want is if you have multiple IP addresses. Using IPv6 would make it easier, but you'd be relying on both locations being IPv6 enabled.
 
You either need a proxy (something listening on port 80 which can be smart enough to forward to the correct PI) or separate IPs, not really available on residential ISPs mostly (and even if you did, you would need a router which can support port-mapping from different IPs).
 
What is the client software you are using? You said you want to connect to the Pi's with SSH.... so that's not web (port 80) traffic.

So you will currently have configured your SSH client to use port 8001 instead of the default port of 22. So I don't see what the problem is.
 
Indeed. The person telling me to use nginx was only using web traffic; he misunderstood that I want to proxy ssh traffic, while I was pretty specific about that.

Clients? (for SSH & SFTP)
So you're right, once configured I don't have to type the port in any of these clients.

However, whenever I want to configure a (new) client I need to remember specific port numbers (I use harder to remember numbers than 8001 and 8002 IRL) instead of simple domain names.

No big thing at all, but if it was possible it would be nice (to implement & learn something new).
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top