| Linode Forum https://forum.linode.com/ |
|
| Multiple SSH Tunnel Access https://forum.linode.com/viewtopic.php?f=19&t=3910 |
Page 1 of 2 |
| Author: | nsajeff [ Thu Feb 19, 2009 10:16 am ] |
| Post subject: | Multiple SSH Tunnel Access |
I have a bit of a mess I'm trying to accomplish. I'll layout my setup first: Home Machine *Dynamic IP* SSH Tunnel to *Web Server #1*(active at all times) *Web server #1* *Static IP* SSH Tunnel to *Web Server #2*(active when connection received from *Workstation Office* *Workstation office* Behind a scary government firewall(I work for the government). So, to clarify, I want to SSH from *Workstation office* to *Webserver #2* which should then active an SSH tunnel to *Webserver #1* and forward me to that machine and in doing so forwards me to *Home Machine*. Its a very complicated setup and am willing to simplify. However, I do NOT have access to the router at my home location(not my permanent residence) so cannot configure a dyndns account(reason for SSH tunnel). Any ideas? Yes, the webservers are Linodes and unfortunately, I can't divulge the reason for the hop between the two webservers. Sorry about that. |
|
| Author: | pclissold [ Thu Feb 19, 2009 10:40 am ] |
| Post subject: | |
I'm not sure it's safe for us to help you tunnel out of a big, creepy organisation like the National Securit&^$3#.0(* NO CARRIER |
|
| Author: | nsajeff [ Thu Feb 19, 2009 10:42 am ] |
| Post subject: | |
pclissold wrote: I'm not sure it's safe for us to help you tunnel out of a big, creepy organisation like the National Securit&^$3#.0(* NO CARRIER
See, you brought that on yourself. Now I have to come up with some excuse to 'deal' with your family.... 
|
|
| Author: | Stever [ Thu Feb 19, 2009 12:12 pm ] |
| Post subject: | |
Just my $.02, but I don't think scary government firewalls are the best place for you to learn... |
|
| Author: | nsajeff [ Thu Feb 19, 2009 12:20 pm ] |
| Post subject: | |
Stever wrote: Just my $.02, but I don't think scary government firewalls are the best place for you to learn...
I'll certainly take that under advisement but that's not my question. |
|
| Author: | Stever [ Thu Feb 19, 2009 12:32 pm ] |
| Post subject: | Re: Multiple SSH Tunnel Access |
nsajeff wrote: Any ideas?
I only saw one question, and I think my answer is appropriate 
You don't actually say which part of your setup you have a problem with, or what you want to be able to access on the Home Machine, so all I could comment on was that I thought it was a bad idea :> |
|
| Author: | nsajeff [ Thu Feb 19, 2009 1:02 pm ] |
| Post subject: | |
I'll simplify this I suppose. How feasible is it to accomplish a tunneled SSH connection/SSH forwarding to access a /home partition on my home machine from my workstation using the 2 web servers as hops/forwards? |
|
| Author: | Stever [ Thu Feb 19, 2009 1:30 pm ] |
| Post subject: | |
I think if you can get out of your scary firewall, then it is just a matter of repeating the same ssh tunnel to your second webserver. The connection from home may be tricky if it is not 100% reliable - then you'll need a script to reconnect as needed. If it were me, I would use OpenVPN from home to webserver since it will automatically reconnect whenever the ip changes or the connection times out. |
|
| Author: | nsajeff [ Thu Feb 19, 2009 1:48 pm ] |
| Post subject: | |
Stever wrote: I think if you can get out of your scary firewall, then it is just a matter of repeating the same ssh tunnel to your second webserver. The connection from home may be tricky if it is not 100% reliable - then you'll need a script to reconnect as needed. If it were me, I would use OpenVPN from home to webserver since it will automatically reconnect whenever the ip changes or the connection times out.
Interesting idea. I'll try OpenVPN with a script to maintain the connection. I'm curious though, once I get from my workstation to Server #1, how would I access my home machine? P.S. I'm through the work firewall...helps when you control it I suppose...
|
|
| Author: | SteveG [ Thu Feb 19, 2009 2:14 pm ] |
| Post subject: | |
Quote: I'm curious though, once I get from my workstation to Server #1, how would I access my home machine?
With OpenVPN, you set up a whole new subnet with (fixed) private IPs, like 192.168.25.1. So your home machine now has a fixed IP, and you just SSH (or whatever) to it. IMO, OpenVPN really is the right solution for this, and BTW, you don't have to script to keep the link up, OpenVPN takes care of it. |
|
| Author: | Stever [ Thu Feb 19, 2009 2:50 pm ] |
| Post subject: | |
If you set up Web Server 1 as an OpenVPN server, then both your Home Machine and Workstation Office can connect to it and share a private IP space as SteveG mentioned. If you really need the connection from work to be ssh and you must have the extra hop, then set up an ssh tunnel from work to Server 2 for the OpenVPN port. Now, you'll have ssh traffic from work to server 2, and OpenVPN traffic between home, server 1, and server 2. If you must have ssh between server 1 and server 2, another ssh tunnel is as simple as the first one. In either case, with this setup you would have full network connectivity between work and home computers. |
|
| Author: | nsajeff [ Thu Feb 19, 2009 2:55 pm ] |
| Post subject: | |
Very neat stuff. I'll start tinkering with that immediately. Should be quite the challenge. Thanks again everyone. |
|
| Author: | eld101 [ Thu Feb 19, 2009 5:16 pm ] |
| Post subject: | |
hrmmmm NSAjeff ??? |
|
| Author: | Xan [ Fri Feb 20, 2009 2:38 am ] |
| Post subject: | |
Has the NSA been infiltrated by a double-agent, attempting to use Linode to get classified data out of the building?? |
|
| Author: | bd3521 [ Fri Feb 20, 2009 1:22 pm ] |
| Post subject: | |
hamachi worked great for me in the past. but cant get it to work on the linode centos distros. |
|
| Page 1 of 2 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|