Re: Simple way to securely access remote machine that's behind a NAT?

[Brook Milligan <brook%nmsu.edu@localhost>]

> On Sep 25, 2018, at 12:55 PM, Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote:
> 
> On Mon, Sep 24, 2018 at 06:04:44PM -0700, Michael Cheponis wrote:
>> Hi,
>> 
>> I have a (linux raspberry pi) that's remotely located and NATted in such a
>> way that I cannot control that part of the infrastructure, although  do
>> have complete control of the machine otherwise (e.g. access to root).
>> 
>> What I'd like to do is access it from my local NetBSD system (which does
>> have a  'real' IPv4 address), something like this:
>> 
>> 
>> 1) Start some 'daemon' on the remote linux box that attempts a connection
>> to ...
>> 2) .. my local NetBSD box.
>> 
>> And
>> 
>> 3) some local NetBSD program that allows me to get a shell prompt of the
>> remote linux machine here on my NetBSD machine via the connection set up in
>> (1) and (2).
>> 
>> 
>> Clearly, if that remote machine had a Real IP Address, I could simply ssh
>> into it.
>> 
>> I've looked at VNC and it seems complicated for what I need.
>> 
>> 
>> Is there an 'easy' way to do this?   I'm ready to write some code otherwise.
> 
> One way to do this would be with ssh. setup appropriate keys and do
> ssh -n -R2022:localhost:22 netbsd_box
> on the RPI. Then you can do
> ssh -p 2022 localhost
> on the netbsd box to connect to the RPI.
> 
> Or, if you have root access on both end, setup a VPN between the two using
> openvpn, with the server on the NetBSD side.

Just curious, could one also use either gre or gif to create a tunnel or does NAT mess that up?

Cheers,
Brook