Suppose your computer at work is in a private network that does IP masquerading. You want to access that machine from home or from another computer outside the network. Suppose you have sent your admins about 30 mails in about 14 weeks about you wanting to access your machine from outside and suppose they answered about a third of the mails, but you haven't made any significant progress towards accessing your machine. I am not talking hypothetically here unfortunately.
Actually it's quite simple if you use reverse ssh tunnels (thank you howtoforge). Say you want to access from a machine, which we call second_machine. From your machine at work you type (as root):
# ssh -R 19999:localhost:22 user@second_machine
From second_machine you can now access your machine at work:
ssh localhost -p 19999
By default this reverse tunnel should stay alive with the ssh session from your machine at work to the second_machine. You can change the time this session stays alive in second_machine:/etc/ssh/sshd_config with
ClientAliveInterval n. Default is 0, which means there is no automatic logout. You may also use autossh to automatically restart the ssh tunel.If you copy files by scp use the
-P switch to specify the port. With rsync, rsync ... -e 'ssh -p 19999' ....
Posts
Subscribe to replies to this post
This conversation is missing your voice. Your feedback is appreciated.
Post a Comment
You can use some HTML tags, such as <b>, <i>, <a>
You can follow the discussion of this post by subscribing.
You are free to include information from this article on your own site if you provide a backlink. You can use the following markup: