How to ssh to device wich is connected via vpn to server
I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?
ssh vpn
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
add a comment |
I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?
ssh vpn
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
add a comment |
I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?
ssh vpn
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?
ssh vpn
ssh vpn
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
asked Jul 25 '17 at 16:49
Артур Мурадянц
1112
1112
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Since the PC has a dynamic address, it must be assigned a hostname.
- If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.
- If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.
Once your PC has a proper hostname, you can setup your server as the SSH jumphost:
- Install your laptop's public SSH key in the server and the PC.
In your laptop's
~/.ssh/config, add the following
Host <PC_hostname>
ProxyJump <server_hostname>
There are 2 alternatives that don't use DDNS.
Make the PC dump its IP in the server:
- PC dumps its IP in
user@server:~/pc-ip-addr.txtat 1-minute intervals. - In the laptop, read the file and SSH to the PC's IP.
Make PC maintain a permanent SSH connection to server:
- In the PC,
ssh user@server -R 2222:localhost:2222
- In the laptop,
ssh user@server "ssh user@localhost -p2222"
answered Jul 26 '17 at 1:45
Eugene Chow
1217
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
add a comment |
When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.
It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1234328%2fhow-to-ssh-to-device-wich-is-connected-via-vpn-to-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Since the PC has a dynamic address, it must be assigned a hostname.
- If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.
- If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.
Once your PC has a proper hostname, you can setup your server as the SSH jumphost:
- Install your laptop's public SSH key in the server and the PC.
In your laptop's
~/.ssh/config, add the following
Host <PC_hostname>
ProxyJump <server_hostname>
There are 2 alternatives that don't use DDNS.
Make the PC dump its IP in the server:
- PC dumps its IP in
user@server:~/pc-ip-addr.txtat 1-minute intervals. - In the laptop, read the file and SSH to the PC's IP.
Make PC maintain a permanent SSH connection to server:
- In the PC,
ssh user@server -R 2222:localhost:2222
- In the laptop,
ssh user@server "ssh user@localhost -p2222"
answered Jul 26 '17 at 1:45
Eugene Chow
1217
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
add a comment |
Since the PC has a dynamic address, it must be assigned a hostname.
- If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.
- If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.
Once your PC has a proper hostname, you can setup your server as the SSH jumphost:
- Install your laptop's public SSH key in the server and the PC.
In your laptop's
~/.ssh/config, add the following
Host <PC_hostname>
ProxyJump <server_hostname>
There are 2 alternatives that don't use DDNS.
Make the PC dump its IP in the server:
- PC dumps its IP in
user@server:~/pc-ip-addr.txtat 1-minute intervals. - In the laptop, read the file and SSH to the PC's IP.
Make PC maintain a permanent SSH connection to server:
- In the PC,
ssh user@server -R 2222:localhost:2222
- In the laptop,
ssh user@server "ssh user@localhost -p2222"
answered Jul 26 '17 at 1:45
Eugene Chow
1217
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
add a comment |
Since the PC has a dynamic address, it must be assigned a hostname.
- If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.
- If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.
Once your PC has a proper hostname, you can setup your server as the SSH jumphost:
- Install your laptop's public SSH key in the server and the PC.
In your laptop's
~/.ssh/config, add the following
Host <PC_hostname>
ProxyJump <server_hostname>
There are 2 alternatives that don't use DDNS.
Make the PC dump its IP in the server:
- PC dumps its IP in
user@server:~/pc-ip-addr.txtat 1-minute intervals. - In the laptop, read the file and SSH to the PC's IP.
Make PC maintain a permanent SSH connection to server:
- In the PC,
ssh user@server -R 2222:localhost:2222
- In the laptop,
ssh user@server "ssh user@localhost -p2222"
answered Jul 26 '17 at 1:45
Eugene Chow
1217
Since the PC has a dynamic address, it must be assigned a hostname.
- If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.
- If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.
Once your PC has a proper hostname, you can setup your server as the SSH jumphost:
- Install your laptop's public SSH key in the server and the PC.
In your laptop's
~/.ssh/config, add the following
Host <PC_hostname>
ProxyJump <server_hostname>
There are 2 alternatives that don't use DDNS.
Make the PC dump its IP in the server:
- PC dumps its IP in
user@server:~/pc-ip-addr.txtat 1-minute intervals. - In the laptop, read the file and SSH to the PC's IP.
Make PC maintain a permanent SSH connection to server:
- In the PC,
ssh user@server -R 2222:localhost:2222
- In the laptop,
ssh user@server "ssh user@localhost -p2222"
answered Jul 26 '17 at 1:45
Eugene Chow
1217
edited Jul 27 '17 at 1:38
answered Jul 26 '17 at 1:45
Eugene Chow
1217
answered Jul 26 '17 at 1:45
Eugene Chow
1217
answered Jul 26 '17 at 1:45
Eugene Chow
1217
1217
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
add a comment |
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
– Артур Мурадянц
Jul 26 '17 at 11:31
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
– Eugene Chow
Jul 27 '17 at 1:39
add a comment |
When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.
It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
add a comment |
When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.
It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
add a comment |
When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.
It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.
It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
answered Jul 27 '17 at 5:06
davidgo
42.1k75086
42.1k75086
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1234328%2fhow-to-ssh-to-device-wich-is-connected-via-vpn-to-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
