How to ssh to device wich is connected via vpn to server












2














I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?






ssh vpn







share|improve this question



























    2














    I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?






    ssh vpn







    share|improve this question

























      2












      2








      2







      I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?






      ssh vpn







      share|improve this question













      I have laptop, server(static IP) and PC (dynamic IP). PC is connected to server via openvpn service. I want to use this to SSH from my laptop to this PC via server. I assume this is the easiest way to SSH to this computer given it uses dynamic IP address. Is it possible? If yes, how it can be done?






      ssh vpn




      ssh vpn






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jul 25 '17 at 16:49









      Артур Мурадянц

      1112




      1112






















          2 Answers
          2






          active

          oldest

          votes


















          0














          Since the PC has a dynamic address, it must be assigned a hostname.




          1. If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.

          2. If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.


          Once your PC has a proper hostname, you can setup your server as the SSH jumphost:




          1. Install your laptop's public SSH key in the server and the PC.


          2. In your laptop's ~/.ssh/config, add the following



            Host <PC_hostname>
            
ProxyJump <server_hostname>



          There are 2 alternatives that don't use DDNS.



          Make the PC dump its IP in the server:




          1. PC dumps its IP in user@server:~/pc-ip-addr.txt at 1-minute intervals.

          2. In the laptop, read the file and SSH to the PC's IP.


          Make PC maintain a permanent SSH connection to server:




          1. In the PC, ssh user@server -R 2222:localhost:2222

          2. In the laptop, ssh user@server "ssh user@localhost -p2222"






          share|improve this answer























          • I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
            – Артур Мурадянц
            Jul 26 '17 at 11:31










          • It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
            – Eugene Chow
            Jul 27 '17 at 1:39



















          0














          When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.



          It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.






          share|improve this answer





















            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1234328%2fhow-to-ssh-to-device-wich-is-connected-via-vpn-to-server%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            Since the PC has a dynamic address, it must be assigned a hostname.




            1. If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.

            2. If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.


            Once your PC has a proper hostname, you can setup your server as the SSH jumphost:




            1. Install your laptop's public SSH key in the server and the PC.


            2. In your laptop's ~/.ssh/config, add the following



              Host <PC_hostname>
              
ProxyJump <server_hostname>



            There are 2 alternatives that don't use DDNS.



            Make the PC dump its IP in the server:




            1. PC dumps its IP in user@server:~/pc-ip-addr.txt at 1-minute intervals.

            2. In the laptop, read the file and SSH to the PC's IP.


            Make PC maintain a permanent SSH connection to server:




            1. In the PC, ssh user@server -R 2222:localhost:2222

            2. In the laptop, ssh user@server "ssh user@localhost -p2222"






            share|improve this answer























            • I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
              – Артур Мурадянц
              Jul 26 '17 at 11:31










            • It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
              – Eugene Chow
              Jul 27 '17 at 1:39
















            0














            Since the PC has a dynamic address, it must be assigned a hostname.




            1. If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.

            2. If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.


            Once your PC has a proper hostname, you can setup your server as the SSH jumphost:




            1. Install your laptop's public SSH key in the server and the PC.


            2. In your laptop's ~/.ssh/config, add the following



              Host <PC_hostname>
              
ProxyJump <server_hostname>



            There are 2 alternatives that don't use DDNS.



            Make the PC dump its IP in the server:




            1. PC dumps its IP in user@server:~/pc-ip-addr.txt at 1-minute intervals.

            2. In the laptop, read the file and SSH to the PC's IP.


            Make PC maintain a permanent SSH connection to server:




            1. In the PC, ssh user@server -R 2222:localhost:2222

            2. In the laptop, ssh user@server "ssh user@localhost -p2222"






            share|improve this answer























            • I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
              – Артур Мурадянц
              Jul 26 '17 at 11:31










            • It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
              – Eugene Chow
              Jul 27 '17 at 1:39














            0












            0








            0






            Since the PC has a dynamic address, it must be assigned a hostname.




            1. If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.

            2. If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.


            Once your PC has a proper hostname, you can setup your server as the SSH jumphost:




            1. Install your laptop's public SSH key in the server and the PC.


            2. In your laptop's ~/.ssh/config, add the following



              Host <PC_hostname>
              
ProxyJump <server_hostname>



            There are 2 alternatives that don't use DDNS.



            Make the PC dump its IP in the server:




            1. PC dumps its IP in user@server:~/pc-ip-addr.txt at 1-minute intervals.

            2. In the laptop, read the file and SSH to the PC's IP.


            Make PC maintain a permanent SSH connection to server:




            1. In the PC, ssh user@server -R 2222:localhost:2222

            2. In the laptop, ssh user@server "ssh user@localhost -p2222"






            share|improve this answer














            Since the PC has a dynamic address, it must be assigned a hostname.




            1. If the dynamic IP is internal to your network and you control the DHCP/DNS server such as Dnsmasq, you can make it assign a hostname.

            2. If the dynamic IP is ISP-assigned, use a DDNS service such as DynDNS to assign your PC a hostname.


            Once your PC has a proper hostname, you can setup your server as the SSH jumphost:




            1. Install your laptop's public SSH key in the server and the PC.


            2. In your laptop's ~/.ssh/config, add the following



              Host <PC_hostname>
              
ProxyJump <server_hostname>



            There are 2 alternatives that don't use DDNS.



            Make the PC dump its IP in the server:




            1. PC dumps its IP in user@server:~/pc-ip-addr.txt at 1-minute intervals.

            2. In the laptop, read the file and SSH to the PC's IP.


            Make PC maintain a permanent SSH connection to server:




            1. In the PC, ssh user@server -R 2222:localhost:2222

            2. In the laptop, ssh user@server "ssh user@localhost -p2222"







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Jul 27 '17 at 1:38

























            answered Jul 26 '17 at 1:45









            Eugene Chow

            1217




            1217












            • I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
              – Артур Мурадянц
              Jul 26 '17 at 11:31










            • It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
              – Eugene Chow
              Jul 27 '17 at 1:39


















            • I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
              – Артур Мурадянц
              Jul 26 '17 at 11:31










            • It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
              – Eugene Chow
              Jul 27 '17 at 1:39
















            I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
            – Артур Мурадянц
            Jul 26 '17 at 11:31




            I heard that connecting via VPN is similar to connecting device to your local network. So I thought I can use VPN connection instead of dynamic dns. Is it possible? Is it possible to do with out services like dynnds?
            – Артур Мурадянц
            Jul 26 '17 at 11:31












            It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
            – Eugene Chow
            Jul 27 '17 at 1:39




            It's true that a VPN connection makes your device "local". Since your IP is dynamic, your your laptop needs a way to identify the PC. I've edited the answer above to include 2 DDNS-free methods. Tell me which you prefer and I'll provide more details.
            – Eugene Chow
            Jul 27 '17 at 1:39













            0














            When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.



            It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.






            share|improve this answer


























              0














              When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.



              It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.






              share|improve this answer
























                0












                0








                0






                When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.



                It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.






                share|improve this answer












                When you set up an OpenVPN connection it creates an additional IP address on each device. The easiest way would be to establish the OpenVPN address of the PC and connect to it on that IP address after establishing OpenVPN.



                It may also be possible to instruct the OpenVPN to advertise the internal LAN routes across the VPN, and connect to the computers Internal IP address - the difficulty you will have here is establishing what the computers Internal IP address is - you probably cant use dynamic DNS services here because they will pick up the external IP address rather then the computers internal IP address. You could always statically assign an address to the computer - either directly or by instructing the router to dynamically assign a static IP address to the computer based on its MAC address.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Jul 27 '17 at 5:06









                davidgo

                42.1k75086




                42.1k75086






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1234328%2fhow-to-ssh-to-device-wich-is-connected-via-vpn-to-server%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Сан-Квентин

                    Image
                    Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но...
                    Read more

                    8-я гвардейская общевойсковая армия

                    Image
                    8-я гвардейская общевойсковая ордена Ленина армия Награды: Войска: РККА → Советская армия → СВ России Род войск: Формирование: 1943 Расформирование (преобразование): 1992 Предшественник: 62-я армия (1942—43) → 8-я гвардейская общевойсковая армия (1943—92) → 8-й гвардейский армейский корпус (1992—98) Боевой путь Изюм-Барвенковская операция Донбасская операция Запорожская операция Битва за Днепр Днепропетровская операция Березнеговато-Снигирёвская операция Одесская операция Люблин-Брестская операция Варшавско-Познанская операция Восточно-Померанская операция Берлинская наступательная операция У этого термина существуют и другие значения, см. 8-я армия. Фотография Гвардейского Красного Знамени (лицевая сторона) 8-й гвардейской армии , образца 1943 года. Фотография Гвардейского Красного Знамени (оборотная сторона) 8-й гвардейской армии , образца 1943 года. 8-я гвардейская общевойсковая ордена Ленина армия  — гвардейское фор...
                    Read more

                    Алькесар

                    Image
                    Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове...
                    Read more