The transmission of these parameters is made in uncoded form.
I would like the transmission to tunnel port 162 over SSH. Of course, I can use the following command (on both sites):
- Code: Select all
ssh -p666 -f -L162:my_LAN_server_IP:162 root@my_friend_name.ddns.net -N
Port 666 it is my friends and my SSH port on server (instead 22).
This system works 24/7/365. Both sites uses dynamic IP. The application of which I wrote, must be run with root privileges (unfortunately) and listen on all available IP`s in server, including loopback interface.
- Code: Select all
tcp 0 0 0.0.0.0:162 0.0.0.0:* LISTEN
SSH authentication is done by SSH keys, without password.
My questions are:
1 - how can I re-establish SSH connection automatically after changing IP address of our Internet links or after temporary Internet link breakdown. Cron "watchdog" possible but maybe somebody know more "intelligent" solution?
2 - And most important issue. Because mentioned application works with root privileges, both sites must give SSH root access to both servers. Is it possible to limit access for other site only to the service available on port 162? I mean about situation that somebody will ssh to my server (and vice versa) and will have full access to server. Is it possible? I dont want to use any VPN because one of mentioned measurement device is "server independent" doing it works autonomously. It has SSH build in but not VPN and I have no access to firmware.
3 - Thanks in advance for help