[NCLUG] AutoSSH And Connecting To Remote Systems
Bob Proulx
bob at proulx.com
Tue Feb 21 21:37:11 MST 2017
AutoSSH and Connecting to Remote Systems
At previous NCLUG meetings we have discussed the need to connect to
remote client devices that sit on random networks, getting random
addresses, on private networks behind NAT firewalls. You have some
Raspberry Pi camera server at an airport hangar, or an RPi thermostat
controller in Scotland at your parents house (Hello Hugh!), or some
other device that is getting a DHCP address. I want to be able to ssh
into them.
I like to use AutoSSH for connectivity to remote clients. I have the
client connect to my server machine. If the client is online it will
connect to my server and use ssh to create a tunnel back to itself. I
can then always follow through the tunnel to the remote device. I
have many of these remote clients set up in commercial environments at
mountain airports and other remote places. Works extremely reliably.
https://www.proulx.com/~bob/doc/autossh/autossh.html
Is this technique and my document of it perfect? No. Far from it.
Actually I am rather embarrassed by how jumbled this appears to me. I
have held off posting this for some time because I wanted to make it
more cohesive. I want to make it look pretty. I wanted to make it
read sensibly. In the end I have given up. I failed. But I still
think it is a good and useful tool in the toolbox and so am going to
persevere and post it anyway even knowing that more than half of you
will hate it.
Some of you will think this is overly complicated and want to run
screaming back to simplicity of OpenVPN. That's fine. OpenVPN is
awesome. I use OpenVPN too. I have another tutorial on OpenVPN too.
But I also feel very confident setting up AutoSSH on an already
running remote host with no danger of locking myself out of it. With
OpenVPN I need to modify routing tables and have locked myself out at
times. I have never done that with AutoSSH. In fact I usually set up
two AutoSSH connections for redundancy and rewire them one at a time
when needed.
If this document helps you then great! If not then you got what you
paid for it. I am hoping it is useful regardless. I think you will
find it a reliable connection method.
Bob
More information about the NCLUG
mailing list