Remote SSH from WAN to a Residential IPv6

Attempting to remote-access a home server is usually impossible because ISPs often have hardened firewalls. This can be solved (for now) using IPv6.

You'll need a router and ISP that support IPv6. Check at https://test-ipv6.com/. This tutorial was designed for Linux systems, but it should apply to any OS. Note that this will expose all of your ports directly to the WAN. See which ones are open with Nmap:

sudo nmap -n -PN -sT -sU -p- localhost

Find your local IPv6 by running ifconfig | grep --color 'inet6\|$'. You can also type what is my ipv6 into a search engine.

Make sure ssh is working on LAN: ssh -6 user@<local IPv6>. Then go to your router configuration page in a web browser. The IPv4 address for your router's page can be found as follows:

ip route show | grep -i 'default via'

In the web app, there should be an IPv6 menu that looks similar to this:

Enter your local server IPv6 into the DMZ (DeMilitarized Zone) page.

Any device that supports https://test-ipv6.com/ should now be able to connect to your machine's ssh server.

ssh -6 user@<IPv6>

It would be a similar process to expose an apache server, ftp, vnc, etc..

---