Open terminal and ssh into umbrel remotely

Hello! I know we can use tor browser and open access umbrel remotely without being home.
Is it possible to access it from terminal without being on the home network?

Thanks!

Understood, thank you!

I was wondering about this as well but for some reason I can’t see the relevant comment

Ya, I don’t see the response

As a test, I was able to SSH to it on my local network:

ssh umbrel@umbrel.local

I used the password I set it up with.

If you can get to the SSH port remotely, which is outside of the scope of this response, then you should be able to use SSH.

1 Like

Hi, I am also trying to ssh into my umbrel from a remote network via the .onion address.

I found this article and set up the ‘torrc’ accordingly however I haven’t had success yet.
https://medium.com/@tzhenghao/how-to-ssh-over-tor-onion-service-c6d06194147

EDIT: I just realized that I don’t forward port 22 on my router. That might be one issue. Will update if I find something out.

NEXT EDIT: I don’t think port forwarding is necessary as described here:

Did it work my friend? Looking to achieve the same due to some travels (and i will worry about security implications later :smile:)

Just create an OpenVPN to your home router and you can enter SSH and even use any of your home devices as in a LAN.
There are many ways to create an OpenVPN even with a dynamic IP, as many users have at home.
Just search for them.
A simple example https://tailscale.com/

Another option to consider is to implement a zero-trust setup with CloudFlare as described in the following article: https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
This was a fun, though not trivial, project. High-level steps are to register for a free CloudFlare Teams account, install the cloudflared daemon on your Umbrel node, install the CloudFlare WARP client on your access devices and configure policy in the Cloudflare Team web dashboard. End state is that the Umbrel creates an outbound tunnel connection to Cloudflare’s network and you can access a browser-encapsulated ssh session anywhere without exposing a public ssh endpoint from your home network. I was able to add an access policy to use multi-factor authentication to a free Azure Active Directory instance to increase security.

When I try to login to my node via tailscale I get “Error Not allowed by CORS”. Any suggestions? Thanks!