Edit : See wiki page created as a result of this thread's discussion. http://wiki.maemo.org/Reverse_ssh

Hello!

I am looking for a solution.

Problem : I would like to be able to SSH to my phone from everywhere, while it is connected to the "3G Internet".
The IP is a private one, 10.137 something, and I can't reach it from outside. Furthermore there are no NAT configurations available by the ISP (cellular company).

What I have :
- I have a PC at home, running windows 7, 24/7 with constant IP.
- I have N900 always connected.

I am looking for some application which will run on my computer at home, and on my N900, which will allow me to connect from anywhere, to my N900, via my home.

Anyone has any ideas?

Thanks!

Running Linux at home, I've got the N900 to continually ssh home and use port forwarding to create a "backwards" tunnel through which you can connect, regardless of NAT etc.

It went something like:

On N900 (the loop helps if connection drops)
while true; do ssh -N -C -R 2222:127.0.0.1:22 myhomepc.net; sleep 5; done

On PC:
ssh root@127.0.0.1 -p 2222

Of course for this to work under Windows you'd need an SSH server installed. I've used the cygwin one on Windows before but you may find something simpler.
You also need to put the N900's public key into the PC's authorized_keys file for the continual "phone home" to work without requiring a prompt.

And bear in mind if you're doing this as an anti-theft project: the 1st thing I will do when I lose my N900 is remove the N900's entry from my home PC's authorized_keys file... your average thief probably isn't going to know how to exploit it, but no point taking chances.

[edit: root user only by default on N900's sshd]

I think that only thing that works (that I am aware of) is reverse ssh. Your phone simply ssh into your server (or some server you have access to).
Then you can access the N900 by first ssh into that server and then initiate another ssh locally on that server into the reverse port..
I have tested it, it works. I made a script on the N900 side to speed things up.

N900:

ssh -Nf -R 2210:localhost:22 user@server.com

where you'd replace 2210 with the local port you want to use and user@server.com with your username and the domain name of the server you want to ssh into (or ip).

Then, you ssh into your server (or if you are sitting at the server, simply open a terminal).
Then you open then n900 ssh session with:

ssh -p 2210 root@localhost

(again replace 2210 with the port you want to use) and then if you want to access as yourself as regular user replace 'root' with 'user' and you'll be fine. Maybe you will have to set the 'user' account password on the n900 first,. For root, you specified that when you installed openssh server.

Good luck.

hmm.. shouldn't no-ip.com work? I have not tested it as do not need it for my phone (always with me).. I set it up in CLI on my Ubuntu machine. So if there are a armel or all package out there it should install on the n900 too but would not be optified.

http://www.openvpn.net/index.php/ope...ion/howto.html

@Spanner & @Larswad!

This is exactly what I am looking for! I dislike cygwin.
Do any of you have an idea for a nice windows SSH server that will let me do this? or it should work with any ssh server I find?

Edit : Trying Freesshd

@Spanner & @Larswad!

On my server (which will be the man in the middle) I am running SSH server on port 5000, and also got my router to forward TCP 5000 to internal 5000 to my machine.
I am able to SSH to it from outside.

My questions is :
When I run the command on my N900 :

while true; do ssh -N -C -R 2222:127.0.0.1:22 myhomepc.net; sleep 5; done

Where does port 5000 come to play in this command?
Also, to get the N900 public key, Do I need to generate a new pair? or can I use the existing one?

The default SSH port is 22, so replace 22 in my example with 5000

The ssh server must be configured to allow port forwarding, it may be configured to do it by default but check that if you have problems.

I think you can probably use the existing key pair.

Hi again!

I was able to use the "ssh -R..." command to connect to my server, but! I got an error right after the banner, "Warning: unable to set port forwarding" something.
I check in freesshd settings, and there is 1 tab called tunneling, where I selected both "Port forwarding" and "Tunneling" to be enabled.

It still doesn't work. Any ideas on how to set my windows PC to do this right? I tried looking for other ssh servers for PC, without installing cygwin or a VM - But couldn't find one.
Any ideas?

Thanks!
Eitam.

Sounds like you're doing the right thing. I've never used freesshd so can't help you there, or troubleshoot Windows firewall problems for you. Maybe try the freesshd forums or google the exact error message.