2

Basically I have two networks connected together with the internet, lets call them N1 and N2. On each network, there is a computer, C1 (in N1) and C2 (in N2). There is no port-forwarding between any of the network routers (R1 and R2) and the computers.

C2 also runs an ssh server. The whole purpose of my post is, how would C1 be able to connect to C2 via SSH? As mentioned there is no port forwarding, so even if any of the networks N1 and N2 had static ips, it wouldn't work.

The following network graphic should help clear the situation: Network

Legend:

  • N1 - First network.
  • N2 - Second network, on the other side of the internet :)
  • C1 - The computer an admin uses to SSH into C2.
  • C2 - The target computer an admin may need to manage, probably would have sshd running
  • S1 - The server that might coordinate the system.
  • R1 - A router that provides an IP for C1 and port forwards some ports to S1. External IP address is static.
  • R2 - Regular home network setup, router provides IP to C2 for internet connectivity. External IP address is dynamic.
  • Yellow Lines - Physical connections.
  • Green Lines - The virtual SSH connection - green line C1-R1 might actually need to be C1-S1-R1 instead.

A main aspect of this system is that an administrator can be on any PC within the R1 network to administer C2. As such, there cannot be any port forward between R1 and any PC in N1 (because it defeats the purpose of being able to use any computer on N1 to administer C2).

Christian
  • 485
  • 6
  • 24

1 Answers1

2

One simple way is to use a third server which is accessible on the Internet (having a public IP address). Do a reverse connection from C2 to this server (I'll call it M for Middleman) (Use option -R). This will basically open a new port, say, port 8000 on M, whatever connects to M:8000 will be forwarded to C2 on port 22.

Next, simply connect to M:8000 to get to C2.

You can view this question for more information: SSH Port Forwarding

Community
  • 1
Pham Trung Nghia
  • 46