remote firewall advice
Martin Schwenke
martin at meltin.net
Tue Feb 4 16:29:10 EST 2003
Hi Bob,
>>>>> "Bob" == Robert Edwards <Robert.Edwards at anu.edu.au> writes:
Bob> Has anyone done anything like this - set up a remote dial-out
Bob> machine that can be administered remotely? Anyone have any
Bob> links to similar projects? Anyone got any advice on how to
Bob> implement a button to establish the dial-out connection (he
Bob> can't leave the machine permanently online for various
Bob> reasons, including financial). Am I thinking in the right
Bob> direction, or is there an easier way (I don't play with
Bob> dial-out much at all, so this is all a bit new for me)?
I've done this twice before, but I used lower tech solutions. :-)
* I put a web server on the gateway with a CGI script that ran
ifconfig. If I needed to get it I would call a specified person
sitting at a Windows box and asked them to hit a bookmark in their
browser. They then read out the address for me.
* When someone I know wants help with their Linux box, they send me
e-mail. If I get the mail soon enough I try SSHing to the address
their machine had when they sent the mail.
Like I said, low-tech, but close to no time investment for either of
them. Neither of them will work if the connection is NATed.
The alternative is, if you have a fixed IP, get the box to SSH to you
with a reverse tunnel (via -R option), so you can connect back down to
the SSH port. I seem to remember the problem I've noticed for this is
that, if you do this for a few hosts, the host key for localhost tends
to change a lot.. :-)
peace & happiness,
martin
More information about the linux
mailing list