On Thu, Oct 04, 2012 at 08:38:10PM +0100, Keith Edmunds wrote:
On Thu, 4 Oct 2012 10:44:57 +0100, cl@isbd.net said:
I don't want it to provide any sort of access from outside, I just want to be able to reverse tunnel down the connection to access port 80 on the system on the boat.
In my opinion, you are making life unnecessarily complicated for yourself. The easy way to do this is to set up a VPN (OpenVPN is reasonably straightforward) from the boat to wherever you want, using multiple VPN connections if necessary. Then you can firewall incoming connections over the VPN to allow access from only those places you specify.
You may be right, I've just taken a look at OpenVPN and it looks do-able.
However it's not immediately clear if it can actually do what I need. I would install OpenVPN server on my desktop here at home, lots of space, adequate CPU etc. and its accessible from the Internet via a firewall on which I can open up the necessary ports - so far so good.
If I then run an OpenVPN client on the system on the boat will I be able to do what I want:-
1 - Run the OpenVPN client on the boat without user intervention? It's a minimal Ubuntu server installation, no GUI, little space, etc.
2 - Having done 1 can I then access the *client* from the server?
3 - security of the client system is unimportant really, if someone hacks into it and takes it completely apart I don't really care, however security of my home system *is* more important.
So, I fear that 3 rather hits this on the head as if someone gets into the system on the boat (even simply breaks into the boat, not difficult) they would have access to my home system via the VPN wouldn't they?