Use Outgoing SSH to receive incoming SSH
I just copy/paste (slightly modified) part of @b_laoshi's answer from here:
In this case, you can configure your ssh tunnel from ComputerA -> ComputerB such it can tunnel reverse connections as well.
When establishing the ssh connection ComputerA -> ComputerB, do so with the
-R
option in the following manner:ssh ComputerBUser@ComputerB -R 2222:localhost:22
where
ComputerBUser
is the username for the account on ComputerB being authenticated and2222
is a free port on ComputerB. We'll use this port to reverse-tunnel back to ComputerA from ComputerB.Now from ComputerB, you can issue the scp command in the following manner to copy files from ComputerB -> ComputerA where
ComputerAUser
is your username on ComputerA:scp -P 2222 /path/to/file/on/ComputerB ComputerAUser@localhost:/path/to/drop/file/on/computerA
or
ssh -p 2222 ComputerAUser@localhost
What's happening here?
It looks like we are simply telling ComputerB to send the file back to itself because we're passing
localhost
instead of ComputerA. We are indeed telling scp to pass the file back to ComputerB, but to port 2222. All connections to port 2222 on ComputerB get forwarded to port 22 (default ssh port) on ComputerA.Thus, by tunneling backwards over the existing ssh connection, it doesn't matter that ComputerA is behind an NAT firewall.
EDIT:
To allow to establish a SSH tunnel without the need for an active terminal window, one can add the -N
parameter (before the -R
) (as pointed out in the link provided by @steeldriver). Moreover, if one wants to automatically setup a permanent background ssh connection, Erik Torgesta's great article provides you with all the necessary steps.
Related topics:
- How do I access the SSH client side from the SSH server side?
- Access remote multiple servers behind NAT
Perhaps an easier way I have set up on my own server.
I have my server check its external ip address every 15 minutes (times between checks are customisable by cron) It then compares this with its most recent ip address and if it has changed, it emails me the new ip address.
I'm on my phone at the minute but can send the setup through if you like, it's really quite simple and pretty reliable except for the odd spurious email when the server can't reach the ip checker.
Update - here's the script. You obviously need a functioning email account running, personally I have mine set up to send from a dedicated gmail account using this guide
#!/bin/sh
IPADDRESS=$(curl https://wtfismyip.com/text)
if [ "$IPADDRESS" != "$(cat /home/will/scripts/.current_ip)" ]
then
dt=$(date)
echo "Your new IP address as of ${dt} is ${IPADDRESS} \r \r FTB" | mail -s "IP address change" [email protected]
echo "$IPADDRESS" >| /home/will/scripts/.current_ip
echo "$dt $IPADDRESS" >> /home/will/scripts/.iphistory
fi
I'd start off by touch .current_ip && touch .iphistory
in the directory where you're going to store the files. It has the added advantage of keeping a record of IP changes, though I haven't found much use for it to be honest.
Set the script up to run as a cron job as often as you like. It's not very resource intensive.