Re: Simple way to securely access remote machine that's behind a NAT?

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Mon, Sep 24, 2018 at 06:04:44PM -0700, Michael Cheponis wrote:
> Hi,
> 
> I have a (linux raspberry pi) that's remotely located and NATted in such a
> way that I cannot control that part of the infrastructure, although  do
> have complete control of the machine otherwise (e.g. access to root).
> 
> What I'd like to do is access it from my local NetBSD system (which does
> have a  'real' IPv4 address), something like this:
> 
> 
> 1) Start some 'daemon' on the remote linux box that attempts a connection
> to ...
> 2) .. my local NetBSD box.
> 
> And
> 
> 3) some local NetBSD program that allows me to get a shell prompt of the
> remote linux machine here on my NetBSD machine via the connection set up in
> (1) and (2).
> 
> 
> Clearly, if that remote machine had a Real IP Address, I could simply ssh
> into it.
> 
> I've looked at VNC and it seems complicated for what I need.
> 
> 
> Is there an 'easy' way to do this?   I'm ready to write some code otherwise.

One way to do this would be with ssh. setup appropriate keys and do
ssh -n -R2022:localhost:22 netbsd_box
on the RPI. Then you can do
ssh -p 2022 localhost
on the netbsd box to connect to the RPI.

Or, if you have root access on both end, setup a VPN between the two using
openvpn, with the server on the NetBSD side.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--