Reaching a Linux server with a private IP without VPN

Solution 1:

You could leave a reverse ssh tunnel open to this "cloud" endpoint.

Assuming that box A is your desktop, box P is the server with the private IP, and box C is the cloud server:

on P, open the tunnel:

P% ssh C -R 2200:localhost:22

Leave that session running.

To connect later from A:

A% ssh C
C% ssh localhost -p 2200
P%    # you're now logged into P

This only works as long as noone interrupts that first ssh session from P to C, but as long as they don't, it does work.

Solution 2:

I've done the "tunnel through an accessible server" plenty of times; but recently found much easier to just use IPv6. Just install Miredo, (or activate Teredo on windows), and you got your own globally-accessible IPv6 address. Since it's prone to change, set a dynamic DNS, and you're set.

Solution 3:

You could try n2n from ntop to establish the connectivity without modifying the firewall.

Solution 4:

The ssh solution posted by MadHatter is the easiest one, I think. Also, depending on what you mean by "no VPN", you may be able to set up an OpenVPN client on the machine with the private IP, and OpenVPN server on the intermediary. OpenVPN client will present with just outgoing UDP traffic to the intermediary, but you should be able to go to the intermediary and have full access to the private machine across the tunnel. For that matter, with the right OpenVPN server configuration on the intermediary, your remote workstation can be configured as another OpenVPN client, and you can just connect to the server and see the private machine transparently.