ssh tunnels are magical
After getting the Pi connected upstairs, I figured it would be nice to be able to connect to it when I’m out and about. Now, I don’t have a static IP, and don’t really want to open ports to the Internet anyway, but I do have a shell account on the Oxford
linux.ox.ac.uk machine. SSH tunnels to the rescue!
Add linux.ox.ac.uk to the Pi’s ssh config
~/.ssh/configon the Pi
Host ox User <me> HostName linux.ox.ac.uk
Tell the Pi to autossh to ox on boot, and forward port 3141 there to port 22 here
/etc/rc.localon the Pi
su - pi -c 'autossh -f -N -R 3141:localhost:22 <me>@linux.ox.ac.uk'
Add a ProxyCommand on my machine that tells ssh “if you want to ssh to pi, instead of making the TCP connection yourself instead do this.”
~/.ssh/configon my machine
Host pi User pi ProxyCommand ssh raven nc -q0 localhost 3141
ssh pi on my local machine now connects to the Pi via linux.ox.ac.uk.
Bonus: you can tell SSH to reuse connections by adding the following to config
ControlMaster auto ControlPath .../.ssh/connections/%h_%p_%r