This is an old revision of the document!
Reverse SSH tunnel to connect to device with dynamic IP
Project owner: | Overdrive |
Interested: | |
Related: | [Project Single Boards] |
References: | http://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnel |
Materials: | dynamic IP device aka PICKA, static IP device aka RemoteHost, ssh able to connect between devices by keys |
License: | Uveďte původ-Zachovejte licenci; CC BY-SA |
Legend:
- Picka = bannanaPi, raspberryPi, any othere device on dynamic IP
- RemoteHost = server with static host, Picka can ssh to and you can ssh to that server from anywhere
What we want to achieve?
- we have some Picka on dynamic IP, but we want to connect to that even we do not know what IP it have at the moment
- we have RemoteHost, that we can see from anywhere and Picka is able to SSH to that server
- we will build ssh tunnel from Picka to RemoteHost
- RemoteHost and Picka should be able to reach each other by certificate, not by passwd
on Picka do
ssh -N -R 2222:localhost:22 serverUser@RemoteHost
explanation of parameters of tunnel:
ssh - shell command -N do not execute anything when connection successful -R bind port 22 on remote server [192.168.1.1] to 2222
so now connect to RemoteHost and
ssh -l pickaUser -p 2222 localhost
explanation of functionality
Why did this work? The RemoteHost is listening on port 2222 for incoming ssh connections. If it receives one, it will forward all traffic it receives into the previous ssh connection that was established already. That is essentially what the remote tunnel does.