ssh tunnels are magical
After getting the Pi connected upstairs, I figured it would be nice to be able to connect to it when I’m out and about. Now, I don’t have a static IP, and don’t really want to open ports to the Internet anyway, but I do have a shell account on the Oxford linux.ox.ac.uk
machine. SSH tunnels to the rescue!
-
Add linux.ox.ac.uk to the Pi’s ssh config
~/.ssh/config
on the PiHost ox User <me> HostName linux.ox.ac.uk
-
Tell the Pi to autossh to ox on boot, and forward port 3141 there to port 22 here
/etc/rc.local
on the Pisu - pi -c 'autossh -f -N -R 3141:localhost:22 <me>@linux.ox.ac.uk'
-
Add a ProxyCommand on my machine that tells ssh “if you want to ssh to pi, instead of making the TCP connection yourself instead do this.”
~/.ssh/config
on my machineHost pi User pi ProxyCommand ssh raven nc -q0 localhost 3141
Et voilà, ssh pi
on my local machine now connects to the Pi via linux.ox.ac.uk.
Bonus: you can tell SSH to reuse connections by adding the following to config
ControlMaster auto
ControlPath .../.ssh/connections/%h_%p_%r