[kwlug-disc] Getting around firewalls

CrankyOldBugger crankyoldbugger at gmail.com
Tue Jan 20 10:55:37 EST 2015 

If it's just the laptop and the Pi, then Port Forwarding isn't relevant
here.

My guess is that since you have root on the Raspi, first make a backup copy
of the /etc/ssh/sshd_config file, then in there change the port to an
unblocked port (look for Port 22 then change the 22 to whatever), then do
the ssh ... -p on your laptop as I mentioned earlier.

On the other hand...  I'm not overly familiar with the Raspi, but would an
ad-hoc network be a consideration?



On Tue Jan 20 2015 at 10:21:59 AM Keefer Rourke <keefer.rourke at gmail.com>
wrote:

> I'm actually trying to SSH into a Raspberry Pi that is on the same network
> as my laptop. The only time the two machines need to connect is when they
> are both at the school, and in the same room, since my laptop will just be
> used as a remote control station to send commands to the pi to make the
> robot do things (that was probably poorly explained, but hopefully you get
> the gist). Though I'm not very familiar with the concept, I don't think
> port forwarding is really an option?
>
> If it makes a difference, I have complete root access to the Raspberry Pi
> which is running Arch Linux ARM (for the sole reason that the package
> manager actually works on the school network), so I can change anything on
> the machine as necessary.
>
> On 20 January 2015 at 10:10, CrankyOldBugger <crankyoldbugger at gmail.com>
> wrote:
>
>> I take it that you're trying to SSH to a computer that you own?  If
>> that's the case you can just set up Port Forwarding on your router.  Then
>> you can pick some wild port number, up to 65535, I think, and have your
>> home router redirect that port to port 22 on your home computer.
>>
>> I've got all of my home Linux boxes set up this way, then I use DynDNS to
>> get the names straight.  So if I'm at work (which seem to like blocking the
>> useful ports for some reason), I can SSH to my Ubuntu desktop using:
>>
>> ssh user at ubuntubox.org -p 45678
>>
>> So I'm using port 45678 to get out of the office.  Then on my home
>> router, port forwarding knows that port 45678 should be forwarded to my
>> Ubuntu box's internal IP (192.168.x.x), using port 22 between the router
>> and the desktop.
>>
>> You just need to do some playing around to see if port "45678" (or any
>> other port over 1024) is open at the school.
>>
>> Now if you're trying to connect to a machine that someone else owns, well
>> that's a different story... I wonder if you could set up a proxy server at
>> home that points back out to the internet?
>>
>>
>>
>>
>> On Tue Jan 20 2015 at 9:58:10 AM Keefer Rourke <keefer.rourke at gmail.com>
>> wrote:
>>
>>> For some strange reason, I've found high school institutions to be
>>> *extremely* *NIX-phobic. And they, or at least my particular school,
>>> seem to be becoming increasingly so. Previously I had only noticed
>>> firewalls in place which block all traffic from major Linux package
>>> managers like apt and yum, though this never affected me as I've never had
>>> an issue updating my Arch Linux installation while on the school network.
>>>
>>> However, things appear to have changed as SSH connections are now also
>>> blocked. Before the winter holidays I could use secure shell at school to
>>> my heart's content, but now that people in my computer engineering class
>>> are beginning to use it more often so they can remotely connect to their
>>> headless Raspberry Pis (with which we're supposed to be controlling
>>> robots), the protocol has conveniently stopped working (I'm guess the board
>>> discovered this "unusual" traffic and decided to block it). I now find
>>> myself needing a way to get around this problem, or my summative project
>>> will have come to an effective halt.
>>>
>>> As a suggested work-around, I tried changing the default port on the
>>> host (the pi) from 22, to 443, and establishing a connection to that port
>>> from my laptop, but the connection still times out after a few minutes. I'm
>>> wondering if, either I'm doing something wrong with the port configurations
>>> (though the verbose output from SSH would suggest otherwise), or if there
>>> is another solution to getting around the WRDSB's apparent hatred of free
>>> technology.
>>>
>>> My teacher suggested that we create a subnetwork between the two
>>> machines, which I will try today, but if there are any alternative
>>> solutions, I'd love to know of them. Anyone else run into problems like
>>> this?
>>>
>>> --
>>> Cheers,
>>> Keefer
>>>  _______________________________________________
>>> kwlug-disc mailing list
>>> kwlug-disc at kwlug.org
>>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>>
>>
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>>
>
>
> --
> Cheers,
> Keefer
>  _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20150120/daca297f/attachment.htm>

More information about the kwlug-disc mailing list