This isn't so much a post to show how to do it as it is a post describing a specific example of it in use. I basically spent two minutes looking at http://www.howtoforge.com/reverse-ssh-tunneling and was up and running in no time. It's that simple.
The sitation:
I have a computer at work. Opening up a port to allow for remote access is a headache and a half, since it involves getting signatures from a range of people and drawing up an IT security plan etc. As an academic during grant season I don't have that kind of time. Nor do I want to put up with all that BS. I also understand that opening up ports willy-nilly can leads to security threats.
Anyway, I have iinet at home and they leave port 22 open by default. I have a Linksys WRT54 running Tomato and I allow key-based ssh external access.
My IP address is not static but changes perhaps once per month at most.
On my main desktop at home I run this as a cron job:
#!/bin/bash
ipaddr=`wget http://automation.whatismyip.com/n09230945.asp -O - -o /dev/null`
when=`date +%a' '%d' '%b' '%Y' '%H':'%M`
echo $when $ipaddr >>/home/me/Dropbox/currentip.dat
exit 0
Simple as that
The sitation:
I have a computer at work. Opening up a port to allow for remote access is a headache and a half, since it involves getting signatures from a range of people and drawing up an IT security plan etc. As an academic during grant season I don't have that kind of time. Nor do I want to put up with all that BS. I also understand that opening up ports willy-nilly can leads to security threats.
Anyway, I have iinet at home and they leave port 22 open by default. I have a Linksys WRT54 running Tomato and I allow key-based ssh external access.
My IP address is not static but changes perhaps once per month at most.
On my main desktop at home I run this as a cron job:
#!/bin/bash
ipaddr=`wget http://automation.whatismyip.com/n09230945.asp -O - -o /dev/null`
when=`date +%a' '%d' '%b' '%Y' '%H':'%M`
echo $when $ipaddr >>/home/me/Dropbox/currentip.dat
exit 0
That way I can easily look up the latest ip address in my dropbox folder.
I run debian testing on all boxes.
Connecting via ssh to my home router works flawlessly. The other way doesn't work at all.
The solution:
We'll pretend that my home ip is 124.54.34.23 and my work ip is 169.23.54.6
At work
While at work, I connect to my home router using
ssh -R 19999:localhost:22 root@124.54.34.23
This logs me in to my Tomato router. Once in, start
top -d 600
This will keep top running, updating every ten minutes. This is to prevent the connection from being dropped.
The alternative is of course to use autossh -- the basic usage is just to replace ssh.
The alternative is of course to use autossh -- the basic usage is just to replace ssh.
Now, go home
At home
log in to your router from the local network, then connect to port 19999 on localhost:
me@niobium:~$ ssh root@192.168.2.1
Tomato v1.28.1816
BusyBox v1.14.4 (2010-06-27 20:11:16 PDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.
# ssh me@localhost -p 19999
me@localhost's password:
Linux beryllium 3.2.0-1-amd64 #1 SMP Sun Feb 5 15:17:15 UTC 2012 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Feb 15 18:55:45 2012 from localhost
me@beryllium:~$
Simple as that
ConversionConversion EmoticonEmoticon