Bijk uses SSH for collecting data, which is secure and fast protocol for remonte access. It is installed by default on most linux distributions and you probably use it to access your server command line. However, Bijk access is limited only to run collection scripts installed while you installed Bijk to your server.

Bijk connects from IPs 95.168.195.25, 95.168.195.26, 95.168.195.27, 95.168.195.28, 95.168.195.29, and use default SSH port 22. If you use another SSH port on your server, you can set it on Bijk webpage in section Edit server, value SSH Port.

If you discover problems with SSH connection, your SSH daemon can be set to allow connections only for some exact users or to listen only on specific IP addresses of your server. Or you can use hosts.allow file on your server. You also can use some type of firewall. It can be internal firewall (iptables or some utility to set up iptables rules), external box with firewalling ability (some routers can also be used as a firewall), you can use firewall as a service of your provider, or your server can be behind NAT.

If you set up firewall rules directly on your server by command line and “iptables” command, you can see your rules by running command

iptables -vnL

Look for lines with your SSH port (22 by default).

If you firewall your SSH port, you probably have allowed only specific IP addresses (lines with ACCEPT keyword) and denied everything else (lines with DROP keyword). In that case you need to add a rule to allow connection from Bijk server to your SSH port:

iptables -I INPUT -p tcp -s 95.168.195.25 --dport 22 -j ACCEPT
iptables -I INPUT -p tcp -s 95.168.195.26 --dport 22 -j ACCEPT
iptables -I INPUT -p tcp -s 95.168.195.27 --dport 22 -j ACCEPT
iptables -I INPUT -p tcp -s 95.168.195.28 --dport 22 -j ACCEPT
iptables -I INPUT -p tcp -s 95.168.195.29 --dport 22 -j ACCEPT

where 22 is the SSH port.

If you use some initscript to start your firewall, you need to update it. Otherwise you need to run command

iptables-save

which will write actual rules to use while booting the system.

If you use some web-based or application tool to manage your firewall rules, please see the documentation of that tool.

If you use some external firewall (external box with firewalling ability managed by web-based tool or command line), please see the documentation of that product.

It is needed to allow SSH access to your server from IP addresses 95.168.195.25, 95.168.195.26, 95.168.195.27, 95.168.195.28, 95.168.195.29.

Please contact your provider to setup the firewall for you.

It is needed to allow SSH access to your server from IP addresses 95.168.195.25, 95.168.195.26, 95.168.195.27, 95.168.195.28, 95.168.195.29. If you use another SSH port than 22 (default), please let it know to your provider.

If your server is in some local network (office server for example) and it has local network IP address (in one of ranges 192.168.?.?, 10.?.?.? or 172.[16-31].?.?), you need to set up port forwarding rule on your router. For specific description how to setup port forwarding on your router please see the documentation of that product.

It is needed to set up port forwarding rule for some TCP port (any not used port) of your public IP to SSH port of internal IP of your server. Then set the port of your public IP on Bijk webpage as a SSH port of your server and public IP of your router as a IP address of your server.

Example: your public IP is 1.2.3.4, your server IP is 192.168.1.1, you use default SSH port 22 and you want to open the public port 60022.

You need to set up port forwarding rule on your router to forward TCP port 60022 to IP 192.168.1.1 TCP port 22.

On Bijk webpage then you need to set IP address of your server to 1.2.3.4 and SSH port of your server to 60022.

If you are not sure about security of your SSH daemon, you can create firewall rule to open public port (60022 in our example) only for IP 95.168.195.26.

By default you will not need to change anything in SSH configuration, but if you will make some changes, please be aware if you are connected to your server using SSH - if the new configuration will be wrong, you would not be able to connect to your server again. So after every SSH reload please check the connection in another console (let the first console connected).

Contiguration of your SSH daemon is in file

/etc/ssh/sshd_config

and to apply changes you need to reload your SSH daemon

/etc/init.d/ssh reload

Please check the configuration file to option “AllowUsers”. If it is used, please add user “bijk” to the line (users separated by space). Also please check the option “AllowGroup”. If it is used, please add group “bijk” to the line (groups separated by space).

Next please check ListenAddress option. If there is only :22, 0.0.0.0:22 or the option is not used, it's OK. Otherwise you see “IP address:port” behind that option (there can be more lines with that option). Make sure primary IP address of the server is there or set the right IP address and port of the server where SSH is listening on Bijk webpage.

Please check the file

/etc/hosts.allow

on your server. On most servers it contains only comments (# on the begin of the row), but if there is something else, please see the documentation of that file:

man hosts.allow

If you have still trouble with SSH connection from Bijk to your server, please describe connection of your server to the internet, copy output of commands “ip a”, “ip ro” and “iptables -vnL” and send it as an e-mail to support@bijk.com or you can fill our Contact form.