[opensuse] Is there a gotomypc like service for ssh?
All, I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc. I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier. Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service? This is effectively what gotomypc does for Windows boxes. FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration. Thanks Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 10:34 AM, Greg Freemyer <greg.freemyer@gmail.com> wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
Its called ssh reverse tunnel (ssh -R), just google it. But first try to change it to a high port, like 10022 Marcio --- Druid -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
If the ISP is blocking ssh traffic, you could make sshd listen on another port - e.g. some obscure number above 30000. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
If the ISP is blocking ssh traffic, you could make sshd listen on another port - e.g. some obscure number above 30000.
/Per Jessen, Zürich
check and see if they are http://www.canyouseeme.org/ -- Hans Krueger hanskrueger007@roadrunner.com registered Linux user 289023 411024 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 2:15 PM, Hans Krueger <hanskrueger007@roadrunner.com> wrote:
Per Jessen wrote:
Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
If the ISP is blocking ssh traffic, you could make sshd listen on another port - e.g. some obscure number above 30000.
/Per Jessen, Zürich
check and see if they are http://www.canyouseeme.org/
That method can not differentiate an ISP blockage from: a blockage at his local hardware router, or a block by his local opensuse firewall, or a block by virtue of having nothing listening on the port. I'm betting the hardware firewall is not forwarding port 22. -- ----------JSA--------- Someone stole my tag line, so now I have this rental. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 5:17 PM, John Andersen <jsamyth@gmail.com> wrote:
On Wed, Aug 13, 2008 at 2:15 PM, Hans Krueger <hanskrueger007@roadrunner.com> wrote:
Per Jessen wrote:
Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
If the ISP is blocking ssh traffic, you could make sshd listen on another port - e.g. some obscure number above 30000.
/Per Jessen, Zürich
check and see if they are http://www.canyouseeme.org/
That method can not differentiate an ISP blockage from: a blockage at his local hardware router, or a block by his local opensuse firewall, or a block by virtue of having nothing listening on the port.
I'm betting the hardware firewall is not forwarding port 22. --
It is happening somewhere I can't control. If I'm on the LAN with my laptop, no problem. If I'm remote, I see nothing. I tried to open up the port in the DSL modem, but it had no effect. I suspect they are blocking it at the ISP itself, so I don't have access to that system. Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 2:27 PM, Greg Freemyer <greg.freemyer@gmail.com> wrote:
On Wed, Aug 13, 2008 at 5:17 PM, John Andersen <jsamyth@gmail.com> wrote:
On Wed, Aug 13, 2008 at 2:15 PM, Hans Krueger <hanskrueger007@roadrunner.com> wrote:
Per Jessen wrote:
Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
If the ISP is blocking ssh traffic, you could make sshd listen on another port - e.g. some obscure number above 30000.
/Per Jessen, Zürich
check and see if they are http://www.canyouseeme.org/
That method can not differentiate an ISP blockage from: a blockage at his local hardware router, or a block by his local opensuse firewall, or a block by virtue of having nothing listening on the port.
I'm betting the hardware firewall is not forwarding port 22. --
It is happening somewhere I can't control. If I'm on the LAN with my laptop, no problem.
If I'm remote, I see nothing. I tried to open up the port in the DSL modem, but it had no effect. I suspect they are blocking it at the ISP itself, so I don't have access to that system.
Greg --
TCPTraceroute is usefull for detecting exactly WHERE such blockages occur. You can traceroute with any arbitrary port and/or protocol (tcp/udp). Its not installed by default so you have to fetch it, probably the redhat rpm would install directly. http://michael.toren.net/code/tcptraceroute/tcptraceroute.8.html http://michael.toren.net/code/tcptraceroute/ I'm betting its still a problem with your router. Its VERY unusual for ISPs to block ssh. there is no point, since its a secure protocol. -- ----------JSA--------- Someone stole my tag line, so now I have this rental. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* John Andersen <jsamyth@gmail.com> [08-13-08 17:39]:
TCPTraceroute is usefull for detecting exactly WHERE such blockages occur. You can traceroute with any arbitrary port and/or protocol (tcp/udp). Its not installed by default so you have to fetch it, probably the redhat rpm would install directly.
better using rpms built for openSUSE: http://download.opensuse.org/repositories/network:/utilities/openSUSE_10.3 Please people, trim your quotes. http://en.opensuse.org/OpenSUSE_mailing_list_netiquette#Quoting -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 6:04 PM, Patrick Shanahan <paka@opensuse.org> wrote:
* John Andersen <jsamyth@gmail.com> [08-13-08 17:39]:
TCPTraceroute is usefull for detecting exactly WHERE such blockages occur. You can traceroute with any arbitrary port and/or protocol (tcp/udp). Its not installed by default so you have to fetch it, probably the redhat rpm would install directly.
better using rpms built for openSUSE: http://download.opensuse.org/repositories/network:/utilities/openSUSE_10.3
It's also part of the 11.0 distro apparently (or I have my repositories screwed up.) Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
I'm betting its still a problem with your router. Its VERY unusual for ISPs to block ssh. there is no point, since its a secure protocol.
Yep, I have to agree - it's more likely that port 22 isn't properly forwarded on the router/NAT-box. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2008-08-13 15:34, Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
Yes, ssh :-) Use port forwarding from from that machine to your own, and then you can connect back to it. Example: you@parents~> ssh -R 2222:localhost:22 you@home Your home machine is now listening on port 2222, and will tunnel traffic on that port to the parents on port 22 Example: you@home~> ssh localhost -p 2222 Make sure you have "AllowTcpForwarding yes" in /etc/ssh/sshd_config on your home machine. I would try what Per suggested first though.
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
Thanks Greg
/Sylvester -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks for the various pieces of advice. I'm going to try to figure this out this weekend. Greg On Wed, Aug 13, 2008 at 10:07 AM, Sylvester Lykkehus <zly@solidonline.dk> wrote:
On 2008-08-13 15:34, Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
Yes, ssh :-) Use port forwarding from from that machine to your own, and then you can connect back to it.
Example: you@parents~> ssh -R 2222:localhost:22 you@home Your home machine is now listening on port 2222, and will tunnel traffic on that port to the parents on port 22 Example: you@home~> ssh localhost -p 2222
Make sure you have "AllowTcpForwarding yes" in /etc/ssh/sshd_config on your home machine.
I would try what Per suggested first though.
This is effectively what gotomypc does for Windows boxes.
FYI: I am not concerned about security on this machine / connection. I just need to get into it for administration.
Thanks Greg
/Sylvester -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 13, 2008 at 10:07 AM, Sylvester Lykkehus <zly@solidonline.dk> wrote:
On 2008-08-13 15:34, Greg Freemyer wrote:
All,
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
Yes, ssh :-) Use port forwarding from from that machine to your own, and then you can connect back to it.
Example: you@parents~> ssh -R 2222:localhost:22 you@home Your home machine is now listening on port 2222, and will tunnel traffic on that port to the parents on port 22 Example: you@home~> ssh localhost -p 2222
Make sure you have "AllowTcpForwarding yes" in /etc/ssh/sshd_config on your home machine.
I would try what Per suggested first though.
I'm trying the reverse tunnel approach. It seems to work, but I need to polish my approach. I want this to work even in the presence of network issues, timeouts, reboots, etc. So I have tried to put the ssh command in cron. If I use a private key to login, I'm good. So I have tried: ssh -nNT -R 2222:localhost:22 www.norcrossgroup.com That seems to work, but it leaves a ssh connection in place each time I fire it off. ie. I just tried doing it every minute about 30 minutes ago and now I have 30 ssh sessions in place between the 2 computers. Prior to that I tried this every hour (on the hour): ssh -R 2222:localhost:22 www.norcrossgroup.com sleep 3600 It seems to work, but it seemed unreliable for some reason. If I waited the hour and tried the connection in the first few minutes of the hour it seemed better. (Very limited testing.) Any suggestions for a cron entry that will work more reliably? Thanks Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Dne Wednesday 13 of August 2008 15:34:04 Greg Freemyer napsal(a):
I have a machine at my parents house that is behind a ISPs firewall. Console only. No X-Windows, etc.
I've tried to open up the ssh port in the firewall but it is not working. Maybe the ISP is blocking it even earlier.
Is there a service that allows that machine to open an outbound connection, and then somehow from my house tie into that connection for ssh service?
You may try reverse tunneling - google for 'ssh reverse tunnel'. -- Best regards / s pozdravem Petr Uzel, Packages maintainer --------------------------------------------------------------------- SUSE LINUX, s.r.o. e-mail: petr.uzel@suse.cz Lihovarská 1060/12 tel: +420 284 028 964 190 00 Prague 9 fax: +420 284 028 951 Czech Republic http://www.suse.cz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (8)
-
Druid -
Greg Freemyer -
Hans Krueger -
John Andersen -
Patrick Shanahan -
Per Jessen -
Petr Uzel -
Sylvester Lykkehus