From owner-freebsd-questions@FreeBSD.ORG Wed Mar 26 17:30:38 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E874C106564A for ; Wed, 26 Mar 2008 17:30:38 +0000 (UTC) (envelope-from matthias.apitz@oclc.org) Received: from hunter.Sisis.de (hunter.sisis.de [193.31.11.194]) by mx1.freebsd.org (Postfix) with ESMTP id 533F68FC14 for ; Wed, 26 Mar 2008 17:30:37 +0000 (UTC) (envelope-from matthias.apitz@oclc.org) Received: (from mail@localhost) by hunter.Sisis.de (8.8.8/8.8.8) id SAA17879; Wed, 26 Mar 2008 18:23:15 +0100 (CET) (envelope-from matthias.apitz@oclc.org) Received: from ppp-82-135-67-50.dynamic.mnet-online.de(82.135.67.50) by hunter.Sisis.de via smap (V2.1) id xma017781; Wed, 26 Mar 08 18:22:37 +0100 Received: (from guru@localhost) by rebelion.Sisis.de (8.14.2/8.13.8/Submit) id m2QHTnBJ001693; Wed, 26 Mar 2008 18:29:49 +0100 (CET) (envelope-from matthias.apitz@oclc.org) X-Authentication-Warning: rebelion.Sisis.de: guru set sender to matthias.apitz@oclc.org using -f Date: Wed, 26 Mar 2008 18:29:49 +0100 From: Matthias Apitz To: Elliot Finley Message-ID: <20080326172949.GA1634@rebelion.Sisis.de> References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.0-RELEASE (i386) Cc: User Questions Subject: Re: making FreeBSD phone home via SSH X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Matthias Apitz List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2008 17:30:39 -0000 El día Wednesday, March 26, 2008 a las 10:54:41AM -0600, Elliot Finley escribió: > Hello all, > > I have an interesting project. I have several FreeBSD servers that I > will be deploying to remote locations. They will be sitting behind a > NAT. I would like them to make a SSH connection to a local server > sitting on a public IP. I need them connected in a way that will give > me remote shell access. > > Has anyone done this before? I'd rather not re-invent the wheel. Yes, I :-) You can make SSH connection from the remote servers to your server (bring them up at boot with RSA auth) and tunnel in them reverse the SSH port, check the -R flag of ssh(1). You can also setup OpenVPN as client on the remotes and server on the your side. mattihas -- Matthias Apitz Manager Technical Support - OCLC GmbH Gruenwalder Weg 28g - 82041 Oberhaching - Germany t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e - w http://www.oclc.org/ http://www.UnixArea.de/ b http://gurucubano.blogspot.com/ Don't top-post, read RFC1855 http://www.faqs.org/rfcs/rfc1855.html A: Because it messes up the order in which people normally read text. Q: Why is it such a bad thing? A: Top-posting. Q: What is the most annoying thing on Usenet and in e-mail?