[clug] For dyndns junkies
Bob Edwards
bob at cs.anu.edu.au
Tue Aug 22 04:22:18 UTC 2017
On 22/08/17 14:19, Hal Ashburner wrote:
> I love this idea and being a part of it excites me, thanks!
>
> My home ip is behind an isp nat. How do all of you recommend I ssh to a
> server in my house via the vps with some known, public addressable IP?
> ssh reverse proxy?
>
OpenVPN, in "road-warrior" mode, running on your VPS. Have it listen on
a port other than 22 so that you can differentiate SSH to the VPS and
SSH to your home server.
cheers,
Bob Edwards.
>
>
> On 22 Aug. 2017 12:14 pm, "Bob Edwards via linux" <linux at lists.samba.org
> <mailto:linux at lists.samba.org>> wrote:
>
> On 21/08/17 20:10, Andrew Janke via linux wrote:
>
> #! /bin/sh
>
> IP=$(wget -O - http://icanhazip.com/ -o /dev/null)
>
>
> So many good things available out there that I am yet to find. This
> one courtesy of:
>
> https://github.com/AntonioCS/no-ip.com-bash-updater.git
> <https://github.com/AntonioCS/no-ip.com-bash-updater.git>
>
>
> a
>
>
> Of course, you can also run your own dyndns service, as I do as
> as sub-domain of my own domain, for multiple devices.
>
> (side-story: turns out that it is cheaper to hire a VPS in a
> data-center in Sydney, with a static IPv4 address, than it is to
> get a static IPv4 address on NBN...)
>
> In this case, I use an SSH forced-command on my publicly-facing
> server to run a script which uses the client IP(v4) address and
> nsupdate to update the bind DNS server.
>
> The client just does this (regularly, in a cron job):
> ssh -i <some key> -p $PORT $USER@$MY_DYNDNS_SERVICE nsupdate.sh
>
> and the server has this script (called from another script which
> does all the SSH sanity checking):
>
> #!/bin/bash
> # by Robert (Bob) Edwards, May 2017
>
> MYNAME="my-name.dyn.example.org <http://my-name.dyn.example.org>"
> NSKEYFILE="/path/to/a_key.+157+24468.private"
> SERVER=1.2.3.4
> TTL=300
>
> read IPADDR OUTPORT INPORT <<< $SSH_CLIENT
>
> echo "IP address is $IPADDR"
>
> cat << EOF | nsupdate -k ${NSKEYFILE}
> server $SERVER
> update add $MYNAME $TTL A $IPADDR
> send
> quit
> EOF
>
> And one more comment: using VPNs means that I don't actually care
> that much anymore what my dynamic IP address is.
>
> cheers,
>
> Bob Edwards.
>
> --
> linux mailing list
> linux at lists.samba.org <mailto:linux at lists.samba.org>
> https://lists.samba.org/mailman/listinfo/linux
> <https://lists.samba.org/mailman/listinfo/linux>
>
More information about the linux
mailing list