In practice I regularly discovered situations where it would be advantageous to be able to access a locale computer which neither has a static IP nor configured DDNS. In general I see 3 possible solutions.
- Buy a static IP for that PC (cost money)
- Use DDNS (access to the router is serviceable)
- Use a reverse-ssh-tunnel (access to another machine with static IP or DDNS is necessary)
I’ll gonna talk about the third option (reverse-ssh-tunnel) because it’s fast, cheap and doesn’t require you to have control over the local network. This solution requires the router to allow outgoing ssh-connections and access to a remote machine with static IP or configured DDNS.
Assume the following setup, a server (server) with static IP (serverIP) and a user named admin as well as a second PC without static IP (client) and a user named priv. Therefore we need to create a stable ssh-tunnel from client to server which should be easy due to the servers static IP. To get a more stable connection we use autossh which can be installed on Ubuntu using
sudo apt-get install autossh.
autossh admin@serverIP -p 22 -L 4048:localhost:22222 -R 22222:localhost:22 -N
The above command command does 2 important things:
-L 4048:localhost:22222creates a local tunnel from the client port 40048 to the server port 22222.
-R 22222:localhost:22creates a remote tunnel from server port 22222 to client port 22.
-Nno remote command should be executed (only port forwarding)
This way we built a stable tunnel from server 22222 to client 22 which can now be used to connect to client without the client having a static IP or DDNS.
To connect from the server to the client use:
ssh priv@localhost -p 22222
Congratulations, you just constructed an easy and stable ssh-remote access to the client machine which neither has DDNS nor static IP.