Many home routers will block return access through the WAN port for security reasons. I'd check that.
I wouldn't use port 22/tcp on the internet. You'll be constantly attacked. Have your router do port translation from a really high port external to the static LAN IP for the Linux machine port 22/tcp. Then use the ~/.ssh/config file so you never need to know that port or your static public IP again. Also, setup denyhosts or fail2ban to do something about brute-force attacks and once you get things working perfectly, setup ssh-keys for all non-local access.
Some ssh articles:
http://blog.jdpfu.com/2015/08/17/tro...sh-connections
http://blog.jdpfu.com/2011/08/23/sec...cking-failures
As for nextcloud, I use it only with either an ssh-tunnel or over a full VPN. HTTPS is just too hackable these days. I see 10K HTTP/HTTPS attacks against my public servers every day - all looking for php hacks. To me, it just isn't worth the risks to put a PHP-webapp directly on the internet.
The ssh-tunnel is setup this way:
Code:
$ more fireproxy-home.sh
#!/bin/bash
# Only start SOCKS proxy if necessary
if [ $(ps -eaf |grep ssh |grep -c 64000) = 0 ] ; then
# Setup SOCKS proxy through home server
echo "Starting ssh SOCKS Proxy"
ssh -f -C -D 64000 public.name.com -NT
fi
echo "Starting Firejail chromium with private & proxy "
export http_proxy="socks5://localhost:64000";
firejail --private chromium-browser \
--proxy-server="socks5://localhost:64000" &
Bookmarks