Use Outgoing SSH to receive incoming SSH

ssh networking remote-access

I just copy/paste (slightly modified) part of @b_laoshi's answer from here:

In this case, you can configure your ssh tunnel from ComputerA -> ComputerB such it can tunnel reverse connections as well.

When establishing the ssh connection ComputerA -> ComputerB, do so with the -R option in the following manner: 

ssh ComputerBUser@ComputerB -R 2222:localhost:22

where ComputerBUser is the username for the account on ComputerB being authenticated and 2222 is a free port on ComputerB. We'll use this port to reverse-tunnel back to ComputerA from ComputerB.

Now from ComputerB, you can issue the scp command in the following manner to copy files from ComputerB -> ComputerA where ComputerAUser is your username on ComputerA: 

scp -P 2222 /path/to/file/on/ComputerB ComputerAUser@localhost:/path/to/drop/file/on/computerA

or 

ssh -p 2222 ComputerAUser@localhost

What's happening here?

It looks like we are simply telling ComputerB to send the file back to itself because we're passing localhost instead of ComputerA. We are indeed telling scp to pass the file back to ComputerB, but to port 2222. All connections to port 2222 on ComputerB get forwarded to port 22 (default ssh port) on ComputerA.

Thus, by tunneling backwards over the existing ssh connection, it doesn't matter that ComputerA is behind an NAT firewall.

EDIT: To allow to establish a SSH tunnel without the need for an active terminal window, one can add the -N parameter (before the -R) (as pointed out in the link provided by @steeldriver). Moreover, if one wants to automatically setup a permanent background ssh connection, Erik Torgesta's great article provides you with all the necessary steps.

Related topics:

  • How do I access the SSH client side from the SSH server side?
  • Access remote multiple servers behind NAT

Perhaps an easier way I have set up on my own server.

I have my server check its external ip address every 15 minutes (times between checks are customisable by cron) It then compares this with its most recent ip address and if it has changed, it emails me the new ip address.

I'm on my phone at the minute but can send the setup through if you like, it's really quite simple and pretty reliable except for the odd spurious email when the server can't reach the ip checker.

Update - here's the script. You obviously need a functioning email account running, personally I have mine set up to send from a dedicated gmail account using this guide

#!/bin/sh
IPADDRESS=$(curl https://wtfismyip.com/text)
if [ "$IPADDRESS" != "$(cat /home/will/scripts/.current_ip)" ]
then
    dt=$(date)
    echo "Your new IP address as of ${dt} is ${IPADDRESS} \r \r FTB" | mail -s "IP address change" [email protected]
    echo "$IPADDRESS" >| /home/will/scripts/.current_ip
    echo "$dt $IPADDRESS" >> /home/will/scripts/.iphistory
fi

I'd start off by touch .current_ip && touch .iphistory in the directory where you're going to store the files. It has the added advantage of keeping a record of IP changes, though I haven't found much use for it to be honest.

Set the script up to run as a cron job as often as you like. It's not very resource intensive.

Related

Belkin Wireless Adapter Card F9L1101V2 not Working on Ubuntu 14.04
Kernel panic - not syncing : attempted to kill int ! exit code=0x00007f00
Why are there multiple (6) swap partitions after Ubuntu clean install?
Can't run a shell script [duplicate]
How to install Side by Side Boot on Windows XP
Ubuntu Wallpapers
How to make Ubuntu 16.04 LTS remember the WiFi password through a shutdown then later restart?
What's the Best Operating System for Old Computer? Linux [closed]
ubuntu 18 hibernation using the power button
How to install Flash on opera browser on Ubuntu 16.10
W:Skipping acquire of configured file 'main/binary-1386/Packages' as repository... doesn't support architecture '1386' [duplicate]
Unable to update Ubuntu 12.10