11 May
2013
11 May
'13
9:34 a.m.
Russell Coker <russell@coker.com.au> writes:
As an aside, 3G Internet access is not designed for servers (unless you pay significant extra fees) and generally doesn't allow inbound connections. The way to solve this is to have a script run "ssh -R $NUMBER:localhost:22 mothership" when the system starts up. Then on the mothership host you run "ssh -p $NUMBER root@localhost" to login to the 3G connected system.
That can hit TCP-in-TCP resend fights. ssh -w/-L/-R useful for ad-hoc infrastructure, but recommend openvpn instead for long-term, permanent setup. Also had problems in field with ssh -w dying when either end dies; autossh was suggested as fix but it felt icky; switching to openvpn was easier. ipsec probably also good choice.