I have a Smart Lighting system at home powered by Philips Hue. I was trying to connect to my Philips Hue Bridge’s IP remotely without implementing Port Forwarding on my WiFi Router.
Instead of setting up an EC2 instance, I moved ahead with a Lightsail instance, which unlike EC2, is much less complicated, and also provides the download of private key, the firewall changes etc. upfront for easy and convenient access.
Disclaimer: The process I mention below may not be optimum if you are opening up sensitive/unprotected ports without appropriate security measures. Use your own judgement before you implement Port Forwarding.
Following is an example of what I planned to do. Basically, I wanted to access Port 9090 on my Lightsail instance to reach the Philips Hue Bridge at my home.
- I had opened Port 9090 through the Firewall option in Lightsail
- I also had set a password for root user by using the command sudo passwd
However, the port forwarding did not work because Lightsail’s SSH does not support port forwarding by default.
I made the following changes in /etc/ssh/sshd_config to enable port forwarding.
# Changed the following line PermitRootLogin yes # Added at the bottom the following UseDNS no ClientAliveInterval 180 ClientAliveCountMax 3 GatewayPorts yes
Then I restarted ssh using root
After that I was able to do the port forwarding smoothly by executing the following command on my Desktop at home (your needs may vary, so modify accordingly)
ssh -i key.pem -R *:9090:192.168.0.75:80 firstname.lastname@example.org
Now from a remote machine, if I reach out to Port 9090 on 220.127.116.11, it works well. The command man ssh will help you understand the -L (Local Forward to Remote) & -R (Remote Forward to Local) option better. You can also use PuTTY to implement Port Forwarding.