SSH tunneling to hosts deployed behind firewalls [on hold]
up vote
0
down vote
favorite
I'm working on a deployment that will require me to place Ubuntu servers that monitor industrial equipment at various sites that will be behind customer firewalls that are out of my control. I need to be able to keep SSH access to the servers to perform maintenance and updates, but am struggling on how to securely accomplish this.
Port forwarding and creating firewall pinholes are not options, so I can't quite get my head around what to do. Is there some system that I could use to maintain the ability to open an SSH tunnel to these machines from the outside world?
I saw this post (initiate ssh connection from server to client) but am wondering if there is a method to do this at a larger scale (50 machines and not just a single one)...
ssh ssh-tunneling
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by JigglyNaga, Archemar, elbarna, Jeff Schaller, G-Man Nov 29 at 3:17
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
0
down vote
favorite
I'm working on a deployment that will require me to place Ubuntu servers that monitor industrial equipment at various sites that will be behind customer firewalls that are out of my control. I need to be able to keep SSH access to the servers to perform maintenance and updates, but am struggling on how to securely accomplish this.
Port forwarding and creating firewall pinholes are not options, so I can't quite get my head around what to do. Is there some system that I could use to maintain the ability to open an SSH tunnel to these machines from the outside world?
I saw this post (initiate ssh connection from server to client) but am wondering if there is a method to do this at a larger scale (50 machines and not just a single one)...
ssh ssh-tunneling
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by JigglyNaga, Archemar, elbarna, Jeff Schaller, G-Man Nov 29 at 3:17
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
1
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
1
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I'm working on a deployment that will require me to place Ubuntu servers that monitor industrial equipment at various sites that will be behind customer firewalls that are out of my control. I need to be able to keep SSH access to the servers to perform maintenance and updates, but am struggling on how to securely accomplish this.
Port forwarding and creating firewall pinholes are not options, so I can't quite get my head around what to do. Is there some system that I could use to maintain the ability to open an SSH tunnel to these machines from the outside world?
I saw this post (initiate ssh connection from server to client) but am wondering if there is a method to do this at a larger scale (50 machines and not just a single one)...
ssh ssh-tunneling
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm working on a deployment that will require me to place Ubuntu servers that monitor industrial equipment at various sites that will be behind customer firewalls that are out of my control. I need to be able to keep SSH access to the servers to perform maintenance and updates, but am struggling on how to securely accomplish this.
Port forwarding and creating firewall pinholes are not options, so I can't quite get my head around what to do. Is there some system that I could use to maintain the ability to open an SSH tunnel to these machines from the outside world?
I saw this post (initiate ssh connection from server to client) but am wondering if there is a method to do this at a larger scale (50 machines and not just a single one)...
ssh ssh-tunneling
ssh ssh-tunneling
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
edited Nov 28 at 6:53
Rui F Ribeiro
38.3k1476127
38.3k1476127
asked Nov 28 at 4:01
Neal L
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Nov 28 at 4:01
Neal L
1
asked Nov 28 at 4:01
Neal L
1
1
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Neal L is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as too broad by JigglyNaga, Archemar, elbarna, Jeff Schaller, G-Man Nov 29 at 3:17
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
put on hold as too broad by JigglyNaga, Archemar, elbarna, Jeff Schaller, G-Man Nov 29 at 3:17
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
1
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
1
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19
add a comment |
1
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
1
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19
1
1
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
1
1
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
1
Possible duplicate of SSH to multiple servers [Access denied]
– cryptarch
Nov 28 at 6:35
1
Have you explained your requirements to the people maintaining the firewalls? If they don't want the servers to be reachable, then a (correctly configured) firewall means you can't reach them, and shouldn't try. If they understand that you need to do this, then they should be able to tell you which mechanism to use.
– JigglyNaga
Nov 28 at 13:19