Update: If the hourly connection check doesn't work for you (as in an hour is too long to wait for it to re-connect), take a look at autossh. The whole script on the debian server would be replaced with a proper autossh
command in cron's @reboot
or similar fashion.
Reverse SSH is your friend. You need an SSH server for this to work. I will give you two approaches for this, the first assumes you can open and run an SSH server from your machine at home. I will provide a way that tries to re-connect automatically hourly so your PC at home doesn't have to be always online. Since this can be either impossible or difficult sometimes, I will add an easier and safer solution too, which requires you to have a linux VPS though. They are usually just $2/month-ish.
Solution 1 - Using just your PC at home - Assuming static IP:
Preparation on the debian server:
I'm assuming you have cron
installed and running. Create a new file in /etc/cron.hourly
with the following content: (don't forget to chmod +x
the file!)
#!/bin/bash
cstate=$(netstat -na | grep "tcp" | grep "<IP-of-home-machine>:22" | tr -s " " | cut -d " " -f 6 | head -n 1)
cdate=$(date "+%Y-%m-%d %H:%M:%S")
if [[ $cstate == "ESTABLISHED" ]] || [[ $cstate == "TIME_WAIT" ]]
then
echo "[$cdate] SSH connection up. ($cstate)" >> /var/log/check-ssh-relay.log
else
echo "[$cdate] SSH connection broken. ($cstate) Reconnecting..." >> /var/log/check-ssh-relay.log
ssh -N -f -R 12122:localhost:22 <username>@<IP-of-home-machine>
fi
This will check hourly if the connection is up and tries to re-connect if it isn't. Useful when your PC at home isn't always on. It writes log information to /var/log/check-ssh-relay.log
. Authentification is done via SSH-keys so make sure you got that setup properly in advance.
On your computer at home:
Assuming you have openssh-server setup properly, all you need to do now is:
$ ssh <server-username>@localhost -p 12122
To create the SSH connection. SCP, SFTP and co. works too of course.
Solution 2 - Using another VPS as relay:
I use this solution personally. Mostly because I do not have a static IP at home.
Preparation on the debian server:
Exactly like in solution 1, except for instead of <IP-of-home-machine>
you use the VPS' IP here.
Preparation on the VPS:
All you need to do here is run the following command as root user:
$ ssh -g -f -N -L 0.0.0.0:13122:localhost:12122 root@localhost
The -g
is important here to allow global inbound connections for this port-forward.
On your PC at home (or literally anywhere):
Simply connect to your VPS now using the port 13122
(as specified above):
$ ssh <username>@<VPS-IP> -p 13122
How to connect to a machine across a NAT I don't control