# ssh over internet question

## h2sammo

is there a difference in syntax for logging in to my work machine from home?

i tried 

```
 ssh user@globalIP
```

and it didnt get me anywhere.

----------

## Mousee

Chances are your "work machine" is behind a firewall. Port 22 (SSH default port) is not normally opened to the public. So you may wish to ask your boss or someone who manages the network at your company if you're allowed to login remotely and, if so, if there's a port you can use to access your work computer from while at home (or out of the office in general).

----------

## rtomek

Yes, our firewall is also set up so that we can ssh into other computers on our local network here at work using port 22. However, to access from outside we use a much higher port # so you need to contact your admin.

----------

## h2sammo

so the syntax i used is correct? would a specific port be specified as follows?

```
ssh user@globalIP:port
```

----------

## Mousee

 *h2sammo wrote:*   

> so the syntax i used is correct? would a specific port be specified as follows?
> 
> ```
> ssh user@globalIP:port
> ```
> ...

 

No.

```

ssh user@globalIP -p PORT

```

Also:

```

man ssh

```

Will give you some other ideas as to what you can do with the ssh command  :Smile: 

----------

## eccerr0r

Reminder again that likely ssh connections are disallowed from the outside world for most companies for security reasons.  And even so, many companies use private IP addresses which don't work on the outside world.  Basically the few companies that have "class A" internet netblocks (typically 1.x.x.x to 63.x.x.x ) can potentially have external == internal IP addresses, but still be firewalled off (which is somewhat silly.)  Some companies with class B can do this, but this is rare.  The small companies with class Cs or smaller typically will use private IPs to stretch out number of computers as well as have a bit of simple firewall protection.

Many companies require a Virtual Private Network to connect into their network.  A VPN server verifies the remote machine is an "authorized" machine and that remote machine becomes part of the corporate network.  Then you may ssh to your work machine, typically regardless if it had a private or public IP address.

Getting your private key signed with the company VPN server depends on whether your company allows it or not.

----------

