Re: Connecting to Linux machine remotely

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 09/10/03 

Date: Wed, 10 Sep 2003 04:44:41 +0000 (UTC)

]I have been trying to get more info on doing this and security concerns and
]so on, which how to would explain how to do this better and the details and
]all that good stuff? as well can it be done threw a proxy server?

I think you really need to give more information.

a) The way to connect to a machine from a remote location is via ssh.
This is a secure (passwords are sent encrypted, or no password, but a
secure authentication method is used) way of connecting.

b) If your worry is that your machine keeps changing its IP address, you
could set up your system so that it would connect to the other computer
each time it came up, and reported its IP address to taht computer. You
could then put that IP address and the name into /etc/hosts, so you
could connect. The big problem is that although your provider knows the
new IP address of the dynamically allocated machine, that address is not
propagated for up to week to anywhere else.

In my case my machine is given a fixed host name by my ISP which it
always retains. I then have a cron job on the other machine that I will
want to connect from which queries the dns server of my ISP every 5 min
for the IP of that hostname, and stores it in /etc/hosts.

Equivalently you could have the machine that gets the new IP send a
message to the other machine when it gets a new IP address.
(unfotulately this does not work for emails, since they do NOT query
/etc/hosts for the MX record needed for mail)

Here is the script which I use with telus.net to query the IP for the
host name (changed to protect the guilty)
(209.53.4.130 is the dns server for my ISP, telus.net, while
abc123fr34fgh.bc.hsia.telus.net is the name which telus.net knows my
machine as.

_____________________________________________

#!/bin/bash

IP=`host abc123fr34fgh.bc.hsia.telus.net 209.53.4.130|grep 'has address'|awk '{print $4}'`

echo $IP
if [ "$IP" ]; then
  vi -c :/wormhole/d -c :wq /etc/hosts
  echo "$IP wormhole wormhole.physics.ubc.ca" >>/etc/hosts
fi

]Thanks :-)

]Arron

]"David Efflandt" <efflandt@xnet.com> wrote in message
]news:slrnbloe3c.me9.efflandt@typhoon.xnet.com...
]> On 2 Sep 2003 12:39:33 -0700, Eireann Kelly <eireannkelly@hotmail.com>
]wrote:
]> > I have been set-up to connect to my work machines though the firewall
]> > from home, however my ipaddress has changed....I do however have a ssh
]> > connection.
]> > What file do i update/change so that i can put my new ip address in
]> > there, to allow me to listen on our private newsgroups, GUI's etc...
]>
]> Are you trying to access work from home, home from work, and what is it
]> that you need to update for a changing IP? If you know what ports you
]> need you can forward tcp ports through ssh.
]>
]> Use dynamic DNS to find my home PC on dynamic adsl. Do a web search for
]> 'dns hosting'. I use no-ip.com (I run their DNS update client
]> automatically from /etc/ppp/ip-up for pppoe).
]>
]> By tunneling whatever ports are required for specific tasks you can
]> connect to the near side of the tunnel just as though you were on the far
]> end. For example I can ssh to our company smtp server and forward ports
]> to access our HP3000 computer, or access the JetDirect web interface on
]> our office printer (3400 mi round trip to California back through our WAN
]> to Illinois), etc. ~/.ssh/config example for HP3000 terminal program:
]>
]> Host company-vtmgr
]> Hostname mail.ourcompany.domain
]> User methere
]> GatewayPorts yes
]> LocalForward 1537 192.168.1.2:1537
]> LocalForward 1570 192.168.1.2:1570
]>
]> Then I just connect Reflection on a Win98 box to my Linux LAN IP and I am
]> connected to factory LAN computer.
]>
]> --
]> David Efflandt - All spam ignored http://www.de-srv.com/
]> http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
]> http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

Relevant Pages

  • Re: Issue with port blocking on public DNS server
    ... I am talking about the "Destination Ports" in the "Responses to local DNS ... names (other then the domain names in my own DNS server) on the servers. ... Filtering outbound requests on port 53 FROM the DNS to the Internet ...
    (microsoft.public.windows.server.dns)
  • Re: Connecting to Linux machine remotely
    ... need you can forward tcp ports through ssh. ... Use dynamic DNS to find my home PC on dynamic adsl. ... connected to factory LAN computer. ...
    (comp.os.linux.networking)
  • Re: ZONe transfer
    ... > tell my w2k DNS to pull from the ISPs DNS servers zone?? ... It's a "zone transfer" so yes, you have to create the Zone internally ... on your DNS server with the SAME NAME and give it a "master" ... Ports for DNS must be open, ...
    (microsoft.public.win2000.dns)
  • Re: Firewall & Port Questions
    ... >> What ports should I NOT block that would still allow web browsing? ... > only to your isp's dns server, for name resolution) if you surf directly ... > If you're using a proxy, you'll need to allow the proxy port (could be ... You could also have an internal cache DNS running on a cheap ...
    (comp.security.firewalls)
  • Re: dns server behind a firewall?
    ... I only have one public address, and there was no firewall before. ... No additional changes on my w2k dns console? ... > (DNS server) address on ports 53. ...
    (microsoft.public.windows.server.dns)