however, if you are talking about connection to your laptop (or from your laptop with the ssh tunnel already set up, anyway) anywhere, even behind proxies and stuff (as in when you are at a private LAN), then you need both computers (rpi and laptop) on a different set up. If your laptop has a public IP address then you should not have any problem at all. This all depends on the laptop being reachable from the rpi. If you ssh with a reverse tunnel from your rpi to your laptop (the ssh connection0 then a port will be open on the laptop so that when you connect to said port of the laptop (either from the laptop itself or another computer that has access to the laptop, it really depends on how you try to set up the reverse tunnel and the ssh service restrictions on the laptop) then you will connect to some host/port on the rpi side (which very well could be some service of the rpi itself). Even after reboots, the Pi3 will connect to it's target. Perfect to keep the tunnel(s) up when possible. Tunnel Persistence:įor the Pi3 to stay accessible, if you go with reverse-tunnelling, you can use something like autossh combined with cron-jobs. And setting options to ignore traffic (for an hour or two) from any IP with more than 5 or 6 failed login-attempts in 15 minutes (just an example). Like allowing ONLY pubkey authentication, No external root logins. If that third party has shitty security, you're better off forwarding an external port at home, to port 22 on the Pi3.Īnd securing the Pi3. It has to be something that accepts ssh connections, and that can forward traffic both to, and from both the Pi and Laptop back through those connections. Has to be somewhere that both your laptop and your Pi3 can connect to at any time. If you don't have both those points sorted. The Pi3 can ssh (connect) to you, and then you use that connection to connect to what ever you want at home. The same IP all the time (or a very fast ddns). That means your ISP can't see what the packages contain.ġ. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |