1) Using another port than the standard port appears pretty useless to me. A hacker would do a port scan first, which reveals any port that is open (you can do it yourself with Network Utility.) Also, the standard port would have to be changed on the MacBook too, which would have to be done on the Unix level. (Changes are to be made in the SSH daemon's config file: /etc/sshd_config )



2) You have to enable SSH access on the MacBook in System Preferences–>Sharing 'Remote Login'



3) AFAIK the standard SSH command goes like this:



ssh username@IP or DNS address



If you're trying to connect from a computer outside your local area network, the IP address is the one that your ISP has assigned to your modem/router, not the one of your MacBook.



But if you're trying to connect from a computer WITHIN the same LAN, you must use the MacBook's local IP address assigned from your router. (Or the computer name, e.g. MyComputer.local)



4) The DHCP protocol might cause the router to assign a different IP address to your MacBook each time you connect to the wireless LAN. This is why the port forwarding rule might fail. In this case you need to set the router to reserve a fixed IP address for your MacBook which will be identified by the hardware address (MAC address) of your MacBook's wireless card (or ethernet card if you connect to the router via ethernet cable). See your router's manual for that.



I've been using my D-Link router's 'Virtual Server' settings instead of the 'Port Forwarding' settings for SSH, and it worked. Not sure if there's any real difference, though.

You are on the right track. You SSH to the external, public IP address as stated. I assume you got your SSH service to listen to port 22222 ok...

However, your laptop on 192.168.1.101 suggests that you are still using DHCP on the LAN side for the laptop. You should not. Set the Ip manually for that machine, then re-do the port forwarding to the new, manually set address. I would suggest 192.168.1.2. Don't forget to set the netmask, gateway and DNS addresses (same as you get with DHCP). Reboot after IP is all set...

That done, can you get another PC on the home LAN to ssh to 192.168.1.2? It should work ok, else the SSH service is not set up right to listen to port 22222 (you can try port 22 over LAN as well, to see that port 22 fails...). If you can connect locally (over LAN only) on port 22222, then your SSH is set up right.

The next trial is for you to check the router. Routers with firewalls may block incoming SSH (regardless of what port). Make sure any firewalls, on router or on the PC, are allowing incoming port 22222. As a test, disable any PC firewall, until you connect ok. That determines what is blocking what... Always remenber to "Save.." any router settings before exiting...

Odds are that your artwork laptop is on the cut back back of a organization organization firewall. This prevents VNC internet site travellers from being waiting to realize the artwork laptop. keeps hackers from being waiting to stay with VNC (or comparable innovations) to hack into the companies community. communicate on your equipment administator. they might have a manner in place which you will remotely get get appropriate of get admission to to on your artwork laptop from residing domicile. many situations a version of VPN as that's lots greater appropriate shield.