Right on, (K)Bob! Good answer. I think this is the thread that TimH meant to reply to... however you are correct: they must open *some* port if a high port were to work, as Tim suggested. The "less correct" solution of using outgoing (from them) ssh connections is an interesting one... maybe a cron job could be set up, to carefully re-connect to your own system during your normal work hours, if the connection is dropped, too.
There was a reference to some interesting tidbits on slashdot Monday: http://slashdot.org/article.pl?sid=02/11/18/2032225&mode=thread&tid=172 mostly about some neat new tools called "Paketto": http://www.doxpara.com/read.php/docs/pk_english.html PDF about pushing OpenSSH to the limits: http://www.doxpara.com/Advanced_OpenSSH.pdf latest PPT slides:: http://www.doxpara.com/Black_Ops_Hivercon.ppt Oh, sorry to get a bit off-topic... SSH is cool, I am wondering though if it'd be worth it to hack up some other sort of trigger system to start that outgoing connection to yourself... It'd be a pain. Can you get anything through to them, like a ping? Other non-data packets, hummmm? benb On Tue, 2002-11-19 at 11:41, Bob Miller wrote: > Bob Crandell wrote: > > > Another client is with an ISP that will not open any ports. The have a linux > > server. This client is almost an hour away. I'd rather not have to drive it every > > time they have an issue. > > > > Question: > > > > Is there something like ssh that I can use to connect to me from > > there that will allow be to work on them from here? > > The right answer is to get them a non-broken ISP. > > A less right answer is to use an outgoing ssh connection, and > tunnel an incoming ssh connection through it. > > At the client's host: > > ssh -n [EMAIL PROTECTED] -R1234:localhost:22 sleep 100000000 > > Then to log in from somehost.assuredcomp.com, type this. > > ssh -p 1234 localhost > > Then set up the ssh authorization so you don't have to type a password > to set up the outgoing connection. And set up someuser so he has zero > privileges. > > Once you get that working, you figure out how to keep the connection > alive by generating a little traffic, and you figure out how to bring > the connection up at boot time and restart it when it goes down. > > I keep an ssh connection up to tivo's gateway, and I run this script > from my .profile on that machine. > > #!/bin/sh -e > while echo "Waiting - hit INTERRUPT..." > do sleep 600 > done > > That prints one line of text every five minutes, which is sufficient > to keep the connection from dropping. > > An alternative to keeping the connection up is to give the client a > script to run or a button to click that will start the outbound ssh > connection. You still log in through the tunneled ssh. -- Ben Barrett <[EMAIL PROTECTED]> counterclaim _______________________________________________ Eug-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
