Turning a Laptop into a Server
The journey of converting a laptop to a publicly available server.
Table of Contents
- Laptop Preparation
- SSH Setup
- Network Setup
The laptop is a four and a half year old Lenovo IdeaPad 330S running Windows 11 Home.
As the laptop is to be treated as a server, it will have to be kept on at all times, which means that it will be plugged in to power at all times. Keeping a laptop charging at 100% battery for extended periods of time is not good for a laptop’s battery life.
The relatively old laptop being used as a server is a Lenovo IdeaPad 330S. Fortunately, it’s built-in Lenovo software had an option in the Power menu to toggle an option called ‘Conservation Mode’, which charges the battery only up to 60%. This ensures that the battery life will be longer than what it would’ve been if it was charging at 100%.
The laptop had a Windows 11 Home operating system on it. To make it easy to host it as a server and to get a more hands on experience with Linux, the laptop was dual booted with an Ubuntu 22.04 LTS operating system.
The laptop should be able to operate in a ‘Headless’ mode, i.e., it should stay switched on and accessible even when the lid is closed, as it is to be operated as a server that can be accessed from anywhere.
To do this,
HandleLidSwitchExternalPower was set to
/etc/systemd/logind.conf. This means that the laptop will just lock itself when the lid is closed and the external power is connected. It will go to sleep if the external power is not connected (as per usual), as having the laptop run out of battery and die is not good.
Once Linux was up and running, I installed the
As the server will eventually be publicly available, it had to have some security as well.
- How do I disable remote SSH login as root from a server?
- The Best Ways to Secure Your SSH Server
Local Network Setup
The SSH Daemon operates on port 22 by default. Any client within the network just needs to know the username and hostname of the server to SSH into it.
This works because Uncomplicated Firewall (
ufw) that comes bundled with Ubuntu is enabled and is allowing TCP traffic on port 22 using the command
sudo ufw allow "OpenSSH".
Remote Network Setup
To make the server available to clients outside the server’s local network, the router will have to relay requests that it receives for the server to the server located inside its network. To make this work, Dynamic DNS, Port Forwarding and ufw need to be set up.
Internet Service Providers (ISPs) provide one public IP address to the router in a local network and that is usually a dynamic IP address that changes every few days. To not lose connectivity to the server due to an IP address change, the public IP address needs to constantly be monitored for changes.
The public IP address of the router is how a client outside the local network can communicate with the server inside the router’s local network.
To store the server’s public IP address and keep it up to date I built a utility called dynamic-dns that checks the public IP every 10 minutes and updates it on a domain on Cloudflare if there is a change in the public IP address.
Now that clients outside the network can reach the server’s router, the router needs to redirect requests that it receives for the server, to the server. This can be achieved through Port Forwarding.
Port Forwarding is essentially configuring the router to pass any requests received at (a) particular port(s) on the router to a particular device in the router’s local network, at the same port at which the request was received by the router.
Example: The router can be configured to forward requests arriving at port 9723 to port 9723 on the server. (The server, depending on the router, is identified by its MAC address or static local IP address within the local network.)
Thus, clients are now not only able to reach the router, but by providing the appropriate port, can reach the server inside the router’s network as well.
NOTE: Port 22 was not opened on the router and rather a random port on the router was used to access the server. This is to provide some security through obscurity so that it is not trivial to figure out that there is a SSH service running at this public IP address. It is not much security, but is at least better than making the default port (22) accessible to the public internet, which invites brute force attacks and makes it easier to discover the server for attackers.
The client can reach the server from the public internet, but Uncomplicated Firewall (
ufw) will block connections from any port that’s not port 22 (as we had enabled that during Local Network Setup).
ufw has to be configured to forward requests from the ‘port forwarded’ port to port 22 at which the SSH Daemon is running.
Accessing the Server
Finally, to access the server from outside the local network, one needs to know the server’s username, public IP (stored at a domain on Cloudflare in this case) and the port at which the server is available.
The laptop is now available on the local and public network!
Local internet access:
Public internet access: