[opensuse] Access a remote openSuSE installation sitting behind NAT
Hi! I have recently installed a fresh openSuSE 10.3 for one of my friends who mainly uses his box to browse the Internet and has little technical skills. It seems like he has some problems with the sound card setup and I would like to investigate but have no access to the computer (ie. physical) and though on broadband the machine is behind a NAT (and possibly a firewall) with no public IP so can't connect to it either. Is there a way that I could access the machine (ssh, vnc) with as little user intervention as possible (ideally just a simple command). I sit behind a NAT myself by should be able to configure some port forwarding if necessary. Any suggestions welcome. Cheers, Marcin -- Marcin Floryan http://marcin.floryan.pl/ Please consider the environment before printing this email. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marcin Floryan wrote:
Hi!
I have recently installed a fresh openSuSE 10.3 for one of my friends who mainly uses his box to browse the Internet and has little technical skills. It seems like he has some problems with the sound card setup and I would like to investigate but have no access to the computer (ie. physical) and though on broadband the machine is behind a NAT (and possibly a firewall) with no public IP so can't connect to it either.
Is there a way that I could access the machine (ssh, vnc) with as little user intervention as possible (ideally just a simple command). I sit behind a NAT myself by should be able to configure some port forwarding if necessary.
Any suggestions welcome.
Cheers, Marcin
If you or your friend have no control of the NAT to forward ports, this could be done with ssh port forwarding (tunneling). If it is possible for him to connect to your machine, he could create a "remote port forward" by doing something like: ssh -R 5555:localhost:22 your_ip Then you should be able to connect to him, on port 5555 localhost. Best regards Sylvester Lykkehus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hello! Yup, crude solution but it seems to work very well. Thanks! Though I wonder now if there is any way to do that is I didn't have a public IP server at hand (ie. two machines behind NAT with no influence on the Firewall). More out of curiosity since the problem at hand has now been solved. Cheers! Marcin On 10/01/2008, Sylvester Lykkehus <zly@solidonline.dk> wrote:
If you or your friend have no control of the NAT to forward ports, this could be done with ssh port forwarding (tunneling).
If it is possible for him to connect to your machine, he could create a "remote port forward" by doing something like: ssh -R 5555:localhost:22 your_ip -- Marcin Floryan http://marcin.floryan.pl/
Please consider the environment before printing this email. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcin Floryan wrote: | Though I wonder now if there is any way to do that is I didn't have a | public IP server at hand (ie. two machines behind NAT with no | influence on the Firewall). More out of curiosity since the problem at | hand has now been solved. Well I'm not quit sure I did get you fully, but have you tried to set up e.g. dyndns.org for you both? - -- All the best, Peter J. N. aedon DESIGNS http://www.hochzeitsbuch.info http://www.hochzeitsbuch.selfip.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHhpMLh8q3OtgoGAwRAjkgAJ9K9Izxt5CWTUsOSJW7GbT9lCyrhQCeM3tf +aeRsshAT4aCZmnuOObCdME= =XaW9 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marcin Floryan wrote:
Hello!
Yup, crude solution but it seems to work very well. Thanks!
Though I wonder now if there is any way to do that is I didn't have a public IP server at hand (ie. two machines behind NAT with no influence on the Firewall). More out of curiosity since the problem at hand has now been solved.
Cheers!
Marcin
There would probably by easier ways, but if you want to follow the tunneling approach, and you both are behind nat/firewall rules that you can not change, you need a third (trusted) hosted which you both have ssh access to. Then the target (your friend) could open a reverse port forward on that host, and you could either connect to him on that host, or setup a local port forward so that you could connect to him by reaching localhost on that port. I'm not sure if that made any sense, heres an example: friend@hispc> ssh -R 5555:localhost:22 3rd_host you@yourpc> ssh -L 6666:localhost:5555 3rd_host Then you can reach your friends machine by connecting to localhost on port 6666. As a said, there is probably easier ways, but my guess is they all require a third host if both of you are completely cut off from configuring nat and firewall. Best regards Sylvester Lykkehus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks for the example! I've had a busy evening last night mastering the technique and it works well enough. I have also come across an idea of using "hole punching" and UDP but it seems to be more complex. Nevertheless a third host is essential, luckily I had one. Cheers, On 11/01/2008, Sylvester Lykkehus <zly@solidonline.dk> wrote:
There would probably by easier ways, but if you want to follow the tunneling approach, and you both are behind nat/firewall rules that you can not change, you need a third (trusted) hosted which you both have ssh access to.
Then the target (your friend) could open a reverse port forward on that host, and you could either connect to him on that host, or setup a local port forward so that you could connect to him by reaching localhost on that port.
I'm not sure if that made any sense, heres an example: friend@hispc> ssh -R 5555:localhost:22 3rd_host you@yourpc> ssh -L 6666:localhost:5555 3rd_host
Then you can reach your friends machine by connecting to localhost on port 6666.
As a said, there is probably easier ways, but my guess is they all require a third host if both of you are completely cut off from configuring nat and firewall.
Best regards Sylvester Lykkehus
-- Marcin Floryan http://marcin.floryan.pl/ Please consider the environment before printing this email. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marcin Floryan wrote:
Hi!
I have recently installed a fresh openSuSE 10.3 for one of my friends who mainly uses his box to browse the Internet and has little technical skills. It seems like he has some problems with the sound card setup and I would like to investigate but have no access to the computer (ie. physical) and though on broadband the machine is behind a NAT (and possibly a firewall) with no public IP so can't connect to it either.
Is there a way that I could access the machine (ssh, vnc) with as little user intervention as possible (ideally just a simple command). I sit behind a NAT myself by should be able to configure some port forwarding if necessary.
Any suggestions welcome.
You'll have to configure his firewall to forward ssh to his computer. Then use ssh -X to enable X forwarding and you can then run any application remotely. You can probably do similar with OpenVNC, but I haven't tried it. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
James Knott -
Marcin Floryan -
peter -
Sylvester Lykkehus