Peter M. Jansson wrote: > On Oct 9, 2009, Doug Hughes wrote: > > >> Anybody have some recommendations for setting up an automatic outbound >> ssh with reverse tunnels on windows? One that will launch and >> reconnect >> automatically when the session gets disconnected for whatever reason? >> This is going to run across a VZW connection, so it has to be setup >> this >> way. >> > > PuTTY has a command-line executable called PLINK.EXE (I'm not > yelling! I just always see it spelled in upper case) that you could > use within a batch file. Also, batch files have a "goto" statement > that can be used to create a loop. > > Can I put in my vote that this is a terrible idea? I realize there > may be other constraints that force this particular use of > technologies, but if the SSH server is so dodgy that you have to have > some facility to keep the session running, and you're using a mobile > broadband connection anyway, it seems to me that IPSec would be much > more reliable and secure. If the data volume is substantial, IPSec > will also be faster, since SSH2 has the stuck-sliding-window thing. > >
It's a totally temporary connection and the only thing we can do quickly to the space for some inbound access to a particular server that needs to be setup for building automation control access is install a cheap wireless access point that can take a VZW PCMCIA card and turn it into a router, but VZW doesn't allow servers, so an outbound ssh with reverse tunnel is the quickest way to do it. THe more long term option involves full fiber access, but it's probably not going to be ready for use until December. VPN would be nice, but would take longer to setup than the vzw/wireless bridge. While more secure, security isn't paramount for the short term. The only thing tunneled back through will be a remote access protocol that will be password protected on the destination machine. Also, for various geo-political reasons, IPSEC would involve an extensive and difficult setup time, possibly taking as long or longer as having the actual network installed there in December. the ssh connection is likely to be dodgy because it will be running over a lossy (VZW) connection with various interuptions per day likely depending upon various factors. PLINK sounds like an interesting backup to auto-ssh. Thanks. _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
