On Fri, Dec 20, 2013 at 4:06 PM, James Knott <james.knott@rogers.com> wrote:
John Andersen wrote:
This is why Greg's suggestion seems to hold the most promise.
Its clear that the cloud machine that Greg mentioned is going to need to be reachable, but it appears like neither of the two endpoints of the ssh connection need public ips. This is classic firewall piercing, like Skype has done for years.
In another note, I mentioned OpenVPN. This will also work. It uses UDP, though, IIRC, it can also be used over UDP. With it, he starts it before he leaves and you have a network connection between his computer and your home network.
autossh should be a one time setup thing. It runs as a daemon on the PC at the college. It establishes and monitors the ssh tunnel to the cloud server. If the ssh tunnel drops it re-establishes a new tunnel. The tunneling feature it uses is built into ssh/sshd, so the cloud server doesn't need anything beyond a normal sshd daemon running. If the cloud server has a firewall, the remote port will need to be opened up. For instance if you want to use port 2222 on the cloud server as the tunneled port, then you config autossh to pass that port to the outbound ssh command. It will then connect to the cloud server on the normal ssh port and tell it to open a listener on port 2222. Obviously you have to make sure no firewalls are blocking port 2222. Then anytime anyone wants so connect to the college PC via ssh, they just connect to port 2222 on the cloud server. The sshd daemon on the cloud server will forward the traffic to the other socket where they will get a standard ssh login prompt. It's all built-in ssh/sshd functionality so there is nothing special to install, etc. autossh just makes the whole process even easier and reliable. And it is in the openSUSE main repos. The only possible issue I can imagine would be making it work with systemd, but I assume that is trivial enough as well. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org