Re: SSH server with SBC DSL and DynDNS

From: David Efflandt (efflandt_at_xnet.com)
Date: 08/04/05


Date: Thu, 4 Aug 2005 12:01:26 +0000 (UTC)

On Wed, 03 Aug 2005 17:43:46 -0700, Matthew Denny <matt77245@yahoo.com> wrote:
> Hi all,
>
> I'm thinking about getting SBC DSL service (dynamic IP), but I'd like to
> be able to log into one of my Linux boxes using SSH. I'm told that an
> effective (and cheap) alternative to static IP service is to use DynDNS
> I was wondering if the following setup below will do what I want.
> AFAIK it should, but I'd like a second opinion before I shell out the
> $$$ for DSL service...

I have used a broadband router with dynamic SBC DSL, but for years have
been using an Linux on an old PC (currently Celeron 300) as
pppoe/firewall/router. Although, I have not set any internal forwarding,
so if I want to ssh to a PC on LAN, I ssh to router, then ssh from there
to private PC.

> - How long does it typically take for the dynDNS changes to propagate to
> other DNS servers? Is it on the order of minutes? hours? days?

I can't speak for dynDNS because I am using no-ip.com for that. My
no-ip.com (Unix) update client is run automatically from /etc/ppp/ip-up
whenever Linux pppoe gets a new IP. TTL is 60 seconds, so any compliant
DNS cache will expire it within a minute. So update appears to be
immediate if your last DNS query was over a minute ago.

> - Are there any other complications with tunneling the SSH connections
> in terms of hostname authentication or anything else?

Another reply answered. But regardless of how you do it, if reconnected
with a different IP, any previously running ssh session or tunnel would be
dead. Keepalives can help removing those dead sessions.

> - Is SBC OK with me keeping long running SSH sessions running (e.g. on
> the order of days), provided they don't take up much bandwidth?

Depending upon when they do maintenence and reboot their equipment (on the
average every 2 weeks), I have occasionally been connected to SBC for
months at a time.

They rarely block any ports except a couple related to nasty Windows
worms. If they do block your outbound port 25, you can get that
unblocked by request.



Relevant Pages

  • RE: [Full-Disclosure] Automated SSH login attempts? Related Cross post from incidents.org
    ... [Intrusions] Linux SSH scanning - test/guest ... There is also a multithreaded SSH bruteforcer called "haita" ... Automated SSH login attempts? ...
    (Full-Disclosure)
  • Re: [SLE] [General] Rules for firewall?
    ... > One Linux server with NFS ... except the windows boxes unless you run cgywin ... > The firewall is to be locked down for user login only via ssh. ... > Any pointers on where to start learning? ...
    (SuSE)
  • Re: What kind of user authentication / password encryption am I using?
    ... On February 7, 2004 08:19 am, Ken Rossman wrote: ... > I have managed to inherit a rather broken Linux/Solaris environment, ... I am hoping to make the NIS environment on the Linux side be ... needed to install the commercial ssh client on my workstation (I then used 2 ...
    (RedHat)
  • Re: some attack to fedora machine .
    ... Please check below link for antivirus program download for linux. ... F8 installation last December. ... Each and every time the invader came in through ssh. ...
    (Fedora)
  • Re: PPPoE on Linux box
    ... > I'm going to visit my Mom in California, and she uses SBC DSL, which ... > connects via a PPPoE client using a password. ... Can I hook my Linux ... Specifics depend on the distro and the version of the distro you're ...
    (comp.os.linux.misc)