[clug] Local hosting providers for either SSH Tunnel or "Reverse VPN"

Wed Jul 28 04:26:30 UTC 2021

On 28/7/21 11:39 am, steve jenkin via linux wrote:
> I’d like to experiment with a publicly accessible website to control a local device with either a Raspberry Pi or Arduino micro-controller.
> 
> This is easy using an SSH tunnel to map a port on a remote host in the cloud - but I’ve no idea if cheap hosting services support SSH & tunnels this way.
> Digital Pacific mention SSH tunnels, but in the context of locally accessing a MySQL database on their host.
> 
> Alternatively, it seems the right term is “Reverse VPN”, but I’ve no idea of what (cheap) hosting plans support this.
> A full-blown Linux VPS is more than I want to step-up to just now. However, if that’s the answer, got to go there.

Hi Steve,

Not sure what you might mean by "full-blown Linux VPS"... I have a
hosted Linux VPS in Sydney that costs around $72/year. Lets me run
what ever services I can on a home Linux machine, including SSH
tunnels, DIY reverse proxy (using OpenVPN), web servers etc., all
simultaneously... At the time, this was cheaper than the difference
between a domestic and business NBN plan, let alone power, hardware
and other costs.

The other way to solve this is to run your web server at home and
use Dynamic DNS to keep it accessible remotely (unless you have a
static IP, like Brett). Both would need port-forwarding set up on
your home router. Some/many ISP plans still won't work as they
allocate private IPs for the last link to your home (ie. don't
support incoming TCP connections at all).

Also, you may want to look at using MQTT instead of SSH for your
comms, esp. if you have a number of devices to control and want
to keep things in sync.

OpenHAB and Home Assistant both support MQTT. See Wikipedia for more
details.

cheers,
Bob Edwards.

> 
> I’m not a fan of domestic Firewalls running a DMZ or setting up ‘pinholes’ to local hosts.
> Residential ISP plans don’t include fixed, public IP numbers - they’re sold in “business” plans at a premium price.
> 
> Jaycar had a project suggestion for a WiFi-linked controller, but only accessible over the local IP network.
> It’d be more usable to have such a controller accessible ‘from anywhere’, with proper security controls and authentication.
> 
> 	<https://www.jaycar.com.au/wifi-relay-controller>
> 
> If anyone has links to existing projects of this “relays controlled over the Internet”, please send those.
> 
> It’s hard to guess the critical search terms without already knowing them :(
> 
> --
> Steve Jenkin, IT Systems and Design
> 0412 786 915 (+61 412 786 915)
> PO Box 38, Kippax ACT 2615, AUSTRALIA
> 
> mailto:sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
> 
> 