My friend wanted access to a computer at college because he was working on his college project where they had to create a cloud farm using OpenStack.
He wanted to work from home (that is one of the perk if you are a software person). The computer was behind the college NAT. So, doing something like this would need the SysAdmin and presumably a convoluted process.
I found this nice remote forwarding flag in the SSH command.
[-R [bind_address:]port:host:hostport] [-S ctl_path]
So, in fact you can forward any services from your machine not just SSH, set host port to 80, 9418 or whatever.
Here’s how to do it:
1) Create a Virtual Linux machine on the Cloud (I love AWS, they do have a free tier). Say its IP is 126.96.36.199. I’ll call this “Cloud Machine” and the machine you need access to as “Access Machine”
2) Install OpenSSH on the “Access Machine” if you haven’t. Easiest way on Ubuntu is
sudo apt-get install taskel sudo taskel
3) Get the SSH key and place it somewhere in the “Access Machine”. Make necessary changes in the following shell script and make sure it is executed at startup. In Ubuntu you can paste this at “/etc/rc.local” (This is a shell script file)
#!/bin/bash port=2000 # any port greater than 1024, lets call this "local port" keyfile=/home/somewhere/key.pem username=ubuntu # The user in the cloud machine IP=188.8.131.52 # The IP of cloud machine timeout=300 # The timeout for the connect back while [ true ] do sudo ssh -R $port:localhost:22 -i $keyfile $username@$IP sleep $timeout done exit 0
* If you are on a brain dead Firewall system that blocks port 22 (SSH), set the SSH port to port 80 on your Cloud machine and use “-p” flag on your connection command. This can be done at “/etc/ssh/sshd_config”
* If you are sharing your cloud machine with someone else, you can maybe create a new user and give no file access to that user.
3) Now, every time you need to connect to the “Access Machine”, connect to the “Cloud Machine”,
sudo ssh -i $keyfile $username@$IP
then, inside it
ssh [local username in Access Machine]@localhost -p [the local port defined in shell script]
And of course, the “Access Machine” must be up and running.