Francois Marier: Letting someone ssh into your laptop using Pagekite |
In order to investigate a bug I was running into, I recently had to give my colleague ssh access to my laptop behind a firewall. The easiest way I found to do this was to create an account for him on my laptop and setup a pagekite frontend on my Linode server and a pagekite backend on my laptop.
Setting up my Linode server in order to make the ssh service accessible and proxy the traffic to my laptop was fairly straightforward.
First, I had to install the
pagekite package (already in
Debian and Ubuntu) and open up a port on my firewall by adding the following
to both /etc/network/iptables.up.rules and
/etc/network/ip6tables.up.rules:
-A INPUT -p tcp --dport 10022 -j ACCEPT
Then I created a new CNAME for my server in DNS:
pagekite.fmarier.org. 3600 IN CNAME fmarier.org.
With that in place, I started the pagekite frontend using this command:
pagekite --clean --isfrontend --rawports=virtual --ports=10022 --domain=raw:pagekite.fmarier.org:Password1
After installing the pagekite and openssh-server packages on my laptop and creating a new user account:
adduser roc
I used this command to connect my laptop to the pagekite frontend:
pagekite --clean --frontend=pagekite.fmarier.org:10022 --service_on=raw/22:pagekite.fmarier.org:localhost:22:Password1
Finally, my colleague needed to add the folowing entry to ~/.ssh/config:
Host pagekite.fmarier.org
CheckHostIP no
ProxyCommand /bin/nc -X connect -x %h:10022 %h %p
and install the netcat-openbsd package since other versions of netcat don't work.
On Fedora, we used netcat-openbsd-1.89 successfully, but this newer package may also work.
He was then able to ssh into my laptop via ssh roc@pagekite.fmarier.org.
I was quite happy settings things up temporarily on the command-line, but it's also possible to persist these settings and to make both the pagekite frontend and backend start up automatically at boot. See the documentation for how to do this on Debian and Fedora.
http://feeding.cloud.geek.nz/posts/letting-someone-ssh-into-your-laptop-using-pagekite/
| Комментировать | « Пред. запись — К дневнику — След. запись » | Страницы: [1] [Новые] |
