Remote SSH access without knowing remote IP

Started by freedomlives, May 24, 2015, 04:30:37 PM

Previous topic - Next topic

freedomlives

This is more a general Linux question, and I feel ashamed (having used Linux for more than a decade) to be asking it, but maybe someone here with their OLinuXino boards has had the same problem and can quickly advise me.

Without being able to know the IP address of the board (i.e. behind a DSL/cable modem), and without being able to configure the cable modem to open up ports to the outside world, is there some software package/configuration that would allow me to make SSH connections to it?
I have a VPS server, so I could configure the board to make some connection to it and then use my VPS as a proxy, but I just don't know, offhand what I should be doing.  VPN?

Background:  I'm in the US, visiting family, and I want to leave one A20Micro set up with a video camera hooked up to my grandmother's TV so my kids can video-chat her when we're back in Slovakia.  She is totally technology-illiterate, so the most she can do is press the "input" button on the remote to change to HDMI input.  Everything else I want to do remotely.  I don't have time right now to set up even the video chatting software, I just want to be able to have SSH access so when I'm back home next week I can further configure the board.

Gerrit

let the board connect to your home address and open a port 22 back to the board.

to automate the the login you need to generate a key or use sshpass http://linux.die.net/man/1/sshpass

command at the board
sshpass -p your_password ssh -R 2222:localhost:22 user@yourhomeip


home machine
ssh user@localhost -p 22222

freedomlives

Thanks!

I vaguely recall having heard the phrase "ssh tunnel", but I never knew how to do one, until now.

I had a problem that ssh still opened a remote terminal on my machine, and therefore added the "-nNT" flags to suppress that, as this article describes:
http://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html

Gerrit

if you run that line from like /etc/rc.local or as a startup script from /etc/X11/Xsession.d/ to keep the connection up it could help to add "ServerAliveInterval 60" to /etc/ssh/ssh_config

http://www.maketecheasier.com/keep-ssh-connections-alive-in-linux/

MBR

You can also use some kind of VPN (eg. OpenVPN), as long as you have the "server" with a public IP address, you will be able to connect friom anywhere.

Gerrit

Quote from: MBR on May 28, 2015, 02:58:12 AM
You can also use some kind of VPN (eg. OpenVPN), as long as you have the "server" with a public IP address, you will be able to connect friom anywhere.

Can you give an example how to configure this, it is just to connect to the board, and not the get all the internet trafic from the board running through the server.

MBR

Quote from: Gerrit on May 28, 2015, 04:05:32 PM
Can you give an example how to configure this, it is just to connect to the board, and not the get all the internet trafic from the board running through the server.

For OpenVPN, you have to disable the option redirect_gateway on client (or server, if you use push on clients), so none of the non-OpenVPN-related thrafic will affected (because the default gateway will stay the same). And if you connect to the server from a different machine, you will also need the option client-to-client in the server configuration.