Has anyone on this list tried using autossh [1] to keep a persistent SSH
tunnel going? Or do you have a different / better approach to this or the
following scenarios?
Scenario 1:
Where I live my router doesn't have access to a public IP - so I can't use
openvpn like I used to for VPN connection to home. But, I need to have
remote access to my file server at home, which is behind my router (NAT)
which is behind another router for our building's network (also NAT). I
would like my home (Alpine) file server (or possibly my Alpine router) to
keep a persisten ssh connection to a remote (public) server that I have.
Then when I'm remote I could ssh to my home file server (or router) through
that public server.
I suppose I might even be able to port forward OpenVPN (or similar...
suggestions?) ports through this SSH tunnel so that I could connect vpn to
the public server, which is really forwarding that traffic back to my home
network.. giving me access to SMB file systems and printing remotely like I
used to have.
Scenario 2:
I'm migrating an application from a single server to multiple servers soon
for a friend. One server will be a web application server. The other will
do background processing of files, reporting, etc. So, between the two I
need: shared file system access, MySQL replication, and a connectivity
between a couple other ports like ActiveMQ, etc. ActiveMQ could probably
just be a firewall rule that only allows traffic between ServerA and
ServerB. But for MySQL replication (and MySQL client access on port 3306)
I'll want a secure tunnel. I don't want those ports open on the firewall at
all. For the file mount between servers I was thinking of using sshfs.
So, I'll need to at least set up a port forwarding tunnel for MySQL
replication and client access. Do you have suggestions? AutoSSH? Other?
Also, I don't have any real-world experience with sshfs. Any suggestions
there? (These boxes will unfortunately not be Alpine, but all the ones in
Scenario 1 above are Alpine boxes).
[1] http://www.harding.motd.ca/autossh/
Many Thanks!
Jeremy Thomerson
Hi Jeremy,
On 10/15/2011 06:13 PM, Jeremy Thomerson wrote:
> Has anyone on this list tried using autossh [1] to keep a persistent SSH
> tunnel going? Or do you have a different / better approach to this or
> the following scenarios?
>
> Scenario 1:
OpenVPN with the "client-to-client" configuration setting.
All clients can then see each other, no need for an extra ssh process -
you should have native IP connectivity between the two clients.
>
> Scenario 2:
I've seen a GRE tunnel used things like that; actually OpenNHRP + IPSec
does /exactly/ what you are wanting to do.
Or you can just go with OpenVPN "client-to-client" again.
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---