This tutorial will present you how to open a remote connection (via SSH) to a network that don't allow it. And more generally to a computer without a public IP address.
You have access to inside, outside and middle but cannot access inside from the outside because of a firewall you don't control. In order to gain such access you need to open a permanent connection from inside to middle. Then make middle forward every connection from outside to inside via the permanent connection previously established.
On inside machine (Unix-like)
On middle machine (Unix-like)
On any outside machine (Any platform)
On middle :
edit
/etc/ssh/sshd_config
and add/modify the following lines :
TCPKeepAlive yes ClientAliveInterval 30 ClientAliveCountMax 99999 GatewayPorts yes
On inside :
create a public key (choose default options):
ssh-keygen -t rsa
copy the public key to middle :
ssh-copy-id <middle-username>@<middle-hostname>
create a file launch-reverse-ssh-tunneling.sh and add the following lines to it :
a=(`ps -ef | grep 19999 | grep -v grep`) if [ ! "$a" ]; then ssh -fN -R 19999:localhost:22 <middle-usename>@<middle-hostname> fi
make the file executable:
chmod +x /path/to/your/script/launch-reverse-ssh-tunneling.sh
edit the Cron tabs :
crontab -e
add the following line :
* * * * * /path/to/your/script/launch-reverse-ssh-tunneling.sh
this will test every minute if the tunnel is alive and re-launch it in case it died
you should now be able to access to inside from outside via a connection to 'middle
' :
ssh <inside-username>@<middle-hostname> -p 19999
enjoy ! ;)