A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
Please tell me you plan to use ssh keys and preferable fail2ban and a firewall on your machine if you are not using a VPN / Cloudflare tunnel.
https://www.tomshardware.com/how-to/use-a-secure-key-for-ssh is one starting point but u/flaming_m0e nailedit - what actually is your problem?
I would also ask - what do you aim to do?
Some clue as to your network kit (esp the router and if you are on CGNAT) would also help.
connection timed out everytime i want to connect to it from a diffrent network and yes i do plan on using fail2ban and firewall
what i'm aiming to do is to be able to ssh/access to it through the internet my router is fiberhome router
Not a router I know so I can only give general advice.
You need to find out if your ISP allows incoming connections on port 22
You will need to find out if you are on CGNAT or equivalent for your internet connection - look at the external IP address of your kit.
You will need to set your Pi up to have a fixed IP address internally (based done on the router / DHCP server rather than on the PI)
Get fail2ban and ssh keys working first (I would also look to add UFW - do it with a keyboard and screen set up just incase you lock down port 22 in error).
Then you will need to find your router manual and look at that for port forwarding, It can be called a few things:
Avoid anything that is setting up DMZ - you only want to to open one port to the Pi and keep it on your network.
Normally port forwarding will need to know the source and destination port (port 22 in both cases for SSH by default) and the internal IP address or destination (the PI) - some routers will need the MAC address of the PI instead of the IP address. You can normally find this from the router / DHCP server or from the Pi using ip a and looking for the MAC details. Some folk will recommend moving ssh from port 22 - two minds over this as a port scan will show the new port up BUT you do stop the stupid attacks that try to brute force 22 using pi / raspberry
Testing is best done with a different network - use your mobile or a different house as lots of routers do not allow a loop back (hair pinning) into the same network as your originate the connection.
If you find yourself on CGNAT or not able to open port 22 then there are a few things you can look at:
All of these require a small client program to be running on the Pi or other machine.
turns out i'm behind a cgnat so that's why i can't port forward so in the end i setup tailscale to bypass it thanks a lot for the info