[geeks] SSH Forwarding a non-local server / OpenVPN

Jonathan Katz jon at jonworld.com
Mon Jun 8 09:26:26 CDT 2015


There are windows-based SSH daemons which you can tweak to be fairly
solid so you won't have shell access. I of course forgot the name of
the product, but I can dig it up.

You can set it up so it is only accessible if there is a public key
which corresponds to a client private key on the client, so no matter
who connects, it won't work unless it's the specific client.

Don't disparrage the horrible TP-Link option. I bought a newer TP-Link
and threw dd-wrt on it, which is full OpenVPN/enterprise capable and
it works great.

On Mon, Jun 8, 2015 at 4:22 PM, Mark Benson <md.benson at gmail.com> wrote:
> Hi,
>
> You recall I asked last week about VPN/SSH options with a non-VPN
> router. I decided to explore SSH tunneling and can find plenty of
> information on setting up tunnels to remote *nix machines which is
> grand, by the end of the year our whole system will be Linux based so
> nothing to worry about here. However there is a short-term fly in the
> ointment. Our production systems currently run on a Windows Server box
> (I am slowly attempting to migrate it to a Linux VM but I keep getting
> other stuff land on my plate). I can't SSH into the box (I dare not
> expose any ports on an old Windows Server anyway!) as it has no SSH.
>
> I only need access to port 80 on it. Is there any way to forward it's
> port 80 to a point on Linux VM/server I can SSH forward? Is this a
> nightmare that's more effort than it's worth?
>
> Alternatively, does anyone have a good tutorial/hardware platform
> recommendation for building a robust OpenVPN to make a router that
> will take a WAN connection and route Internet traffic in to the LAN
> (any outgoing, plus selected in incoming) and offer a VPN gateway to
> connect to the LAN from a remote point also? Or does an affordable
> version of this exist to buy that's not by someone horrible like
> TP-Link? :)
>
> Thanks, as always, for any help,
>
> --
>
> Mark Benson
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks



-- 
-Jon
+32 0 486 260 686


More information about the geeks mailing list