TIP: Click on subject to list as thread!

ANSI

echo:	rberrypi
to:	CHRIS GREEN
from:	MARTIN GREGORIE
date:	2020-10-27 15:40:00
subject:	Re: Anydesk on raspi
On Tue, 27 Oct 2020 12:34:48 +0000, Chris Green wrote: > Dr Eberhard Lisse wrote: >> >> On 27/10/2020 12:28, Chris Green wrote: >> > Jan Novak wrote: >> [...] >> > So you need to set up reverse tunnel outgoing connections from your >> > Pi, this you have to do with access to it of course. Then, once >> > that's done you can access it using ssh from 'outside'. >> > >> > If you want to know more then just ask. >> > >> > >> I might have use for something like this (for a host which I can access >> via AnyDesk, but not SSH, at the moment. >> >> Where can one read up on how to do this? >> > In various places, it's not really "all in one place". > > If you look for 'ssh reverse tunnel' you will find how to do the ssh > bit. Basically it uses the -R option of ssh so that a 'remote' system > you have connected to from your Pi using ssh can connect back through > the same connection to the Pi. > > The ssh man page explains it moderately well but you might want to try > searching for some examples as well, you do need a clear mind to set it > up right. :-) > > My Beaglebone Black (the system like a Pi) is on a boat in France behind > a commercial WiFi system, so I run the following on it:- > > ssh -nNT -R 51236:localhost:22 chris@ > > This connects port 22 (the sshd server port) on the Beaglebone to port > 51236 on myhost. Then all you need to do is connect to port 51236 on > myhost and you actually connect to the Beaglebone. I.e. you just do > 'ssh -p 51236 localhost' on myhost to connect through the reverse > tunnel. The 51236 is just a random port number, greater than 1024 so > that it can be used by a non-root process. > > > To make this more robust I use a litte utility called autossh on the > Beaglebone to make the outgoing connections, this restarts ssh if it > dies, etc. You can find out about that by searching too and it's rather > less confusing so I won't say any more here. Chris, Why not simply run sshd on the RPi? I do that on my LAN. ssh, git and gftp (using sftp protocol) all connect to my RPi successfully. Presumable So, why use the reverse SSH setup rather than running sshd behind a firewall on the RPi with the firewall configured to only accept connections from your other systems? Or configure the sshd server to only accept connections from IP addresses and/or hostnames that you control rather than using the firewall to do that? I'm not knocking your approach, simply curious about what problems reverse SSH solves that using a firewall or a suitably configured copy of sshd can't handle. -- -- Martin \| martin at Gregorie \| gregorie dot org --- SoupGate-Win32 v1.05 * Origin: Agency HUB, Dunedin - New Zealand \| FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.