On 01/11/2018 14:05, Chris Green wrote:
On Thu, Nov 01, 2018 at 09:40:56AM +0000, Andrew Hutchings wrote:
Hi Chris,
I believe reverse SSH tunneling may cover what you need here. You would just need some automated way of keeping the connection up.
I've thought long and hard about using SSH tunnels but I can't quite get my mind round how it would actually work.
The first problem is that it's non-trivial to automatically open an ssh tunnel using a ssh 'LocalCommand' run when doing the initial ssh from client to server (I do want to get the normal ssh connection as well). This probably can be managed though, I've done something similar before,
Then, how do you automate the file copy back through the reverse tunnel? It would need a passwordless ssh connection and I'm not to keen on that security-wise.
Doesn't need to be passwordless. see http://www.linuxproblem.org/art_9.html
I run backups from host_a as user_a to host_b by running a script on host_a which is started by user_b on host_b with: user_b@host_b ~ $ ssh user_a@host_a /home/user_a/bin/backup.sh
This runs without the need to enter the passwords as they are stored in the .ssh/authorized_keys files on each host. backup.sh basically runs rsync
Sorry if I've misunderstood the problem.
Nev