Remote Access

OpenSSH VPN

OpenSSH 4.2 and above now have true vpn functionality using tun(4) devices. Unfortunately this functionality has not yet made it into the portable version (not in Linux at least). Don't panic though, you don't need tun to use SSH as a VPN 
 
UPDATE 
 * OpenSSH 4.3p1 added support for FreeBSD, NetBSD and Linux tun devices.

GPGSesame

GPGSesame is a perl script that collects and verifies Open PGP signed / encrypted mail and allows access through a Linux Netfilter firewall. This enables you to remotely open holes in your iptables by simply sending a GPG email to authenticate yourself. The version here opens acess to the SSH port, but you're free to modify the script if you want to change that.
 

DDNS Firewall Holes

One method I've used for accessing my home box from the interweb is to use a dynamic DNS account. I have a script that is run from cron that does a lookup on a certain hostname and updates an iptables chain whenever the IP changes. 
 
 
I don't need to leave SSH open, I just carry the username/password for the ddns account and update it whenever I need access from somewhere. Within a few minutes a hole is opened through the firewall and I can log in.
 
Subscribe to RSS - Remote Access