John Andersen <jsamyth@gmail.com> wrote:
On Thu, Dec 19, 2013 at 5:51 PM, John Andersen <jsamyth@gmail.com> wrote:
Friend's college age son wants to access his computer in the dorm when he visits home. College won't allow listening on ports, and they have him behind a NAT.
Is it possible to have an outbound (from the dorm) ssh connection "reversed" so that the target (the home computer) is able to control the dorm machine?
John,
The answer is use autossh. It is designed specifically to maintain a open port on a remote server. Then you just connect to the remote server and access the target PC.
--- details -- I do that at my Dad's house, but it does require a machine with a static IP somewhere.
In my case the PC at his place makes a outbound ssh connection to a server I control in the cloud. The type of ssh connection is a "tunnel" which causes the server in the cloud to open up a port and listen on it. That goes on 24x7x52. No software has to be installed on the cloud server. It just has to allow incoming ssh connections and have the alternate port open at the firewall.
Anytime I want to ssh into the PC at my Dad's I connect to the appropriate port on the cloud server and it forwards everything to PC at my Dad's.
When I first tried, I just had ssh with the reverse tunnel args called at boot time. I found out quickly that ssh is not very reliable if you are talking weeks/months.
Now I use autossh to manage the reverse tunnel for me. That is in
On 12/19/2013 3:19 PM, Greg Freemyer wrote: the
distro, so zypper in should get it for you.
I have it running with sysVinit still, so I just had to enable the daemon and edit the included config file.
Let me know if you go that route and you want to see any of my sysVinit scripts/config files.
Greg
Thanks Greg, this looks promising. You say:
In my case the PC at his place makes a outbound ssh connection to a server I control in the cloud.
So this "cloud" you refer to is any machine on which you can create a listening connection, so it could be some third machine somewhere, not yours, not your dads?
Well it has to be a machine that you have rights to ssh into. If you have a pc at your house and a way to reliably ssh into it from the internet, then your machine could be the tunnel. In my case I rent a virtual machine on the internet to host a website and email. I use that virtual machine as my tunnel. That is the pc at my dad's keeps a ssh socket open to it all the time. I connect to the vm when I need to talk to the pc at my dad's. Greg -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org