[clug] For dyndns junkies

Bob Edwards bob at cs.anu.edu.au
Tue Aug 22 04:22:18 UTC 2017 

On 22/08/17 14:19, Hal Ashburner wrote:
> I love this idea and being a part of it excites me, thanks!
>
> My home ip is behind an isp nat. How do all of you recommend I ssh to a
> server in my house via the vps with some known, public addressable IP?
> ssh reverse proxy?
>

OpenVPN, in "road-warrior" mode, running on your VPS. Have it listen on
a port other than 22 so that you can differentiate SSH to the VPS and
SSH to your home server.

cheers,

Bob Edwards.

>
>
> On 22 Aug. 2017 12:14 pm, "Bob Edwards via linux" <linux at lists.samba.org
> <mailto:linux at lists.samba.org>> wrote:
>
>     On 21/08/17 20:10, Andrew Janke via linux wrote:
>
>         #! /bin/sh
>
>         IP=$(wget -O - http://icanhazip.com/ -o /dev/null)
>
>
>         So many good things available out there that I am yet to find.  This
>         one courtesy of:
>
>            https://github.com/AntonioCS/no-ip.com-bash-updater.git
>         <https://github.com/AntonioCS/no-ip.com-bash-updater.git>
>
>
>         a
>
>
>     Of course, you can also run your own dyndns service, as I do as
>     as sub-domain of my own domain, for multiple devices.
>
>     (side-story: turns out that it is cheaper to hire a VPS in a
>     data-center in Sydney, with a static IPv4 address, than it is to
>     get a static IPv4 address on NBN...)
>
>     In this case, I use an SSH forced-command on my publicly-facing
>     server to run a script which uses the client IP(v4) address and
>     nsupdate to update the bind DNS server.
>
>     The client just does this (regularly, in a cron job):
>     ssh -i <some key> -p $PORT $USER@$MY_DYNDNS_SERVICE nsupdate.sh
>
>     and the server has this script (called from another script which
>     does all the SSH sanity checking):
>
>     #!/bin/bash
>     # by Robert (Bob) Edwards, May 2017
>
>     MYNAME="my-name.dyn.example.org <http://my-name.dyn.example.org>"
>     NSKEYFILE="/path/to/a_key.+157+24468.private"
>     SERVER=1.2.3.4
>     TTL=300
>
>     read IPADDR OUTPORT INPORT <<< $SSH_CLIENT
>
>     echo "IP address is $IPADDR"
>
>     cat << EOF | nsupdate -k ${NSKEYFILE}
>     server $SERVER
>     update add $MYNAME $TTL A $IPADDR
>     send
>     quit
>     EOF
>
>     And one more comment: using VPNs means that I don't actually care
>     that much anymore what my dynamic IP address is.
>
>     cheers,
>
>     Bob Edwards.
>
>     --
>     linux mailing list
>     linux at lists.samba.org <mailto:linux at lists.samba.org>
>     https://lists.samba.org/mailman/listinfo/linux
>     <https://lists.samba.org/mailman/listinfo/linux>
>

More information about the linux mailing list