Determine services with sub-addresses

0

Context

I'm trying to improve my working workflow.

Currently I have a desktop (that, basically, has a GPU) and a notebook. I want to exploit the desktop even when I'm working with the notebook remotely (they both run Linux)

In my university only the port 80 is open to outside connections.

Current solution

My desktop has an SSH server and I'm doing some port-forwarding in my NAT wanaddr:80 -> localaddr:22 to avoid the restriction in the University network.

Moreover, I'm deploying the code and running with a remote interpreter using IntelliJ IDEs, it works like a charm.

Problem

I have the need to use more services remotely, e.g. tensorboard, MLFlow, jupyter. The difficulties arise since I must use the port 80 on the WAN side, so I can't just port-forward other ports.

Attempted solution

Assuming that the domain name of my desktop is desktop.dev.

I'm trying to redirect specific sub-addresses to the correct services, e.g.

ssh.desktop.dev:80 -> <?> -> localhost:22
tensorboard.desktop.dev:80 -> <?> -> localhost:8888
jupyter.desktop.dev:80 -> <?> -> localhost:8000

I tried to use Caddy but later on I understood it supports only HTTP requests, I'm looking into Traefik but I'm not getting how to do it easily.

Can you point me in the right direction?

Luca

Posted 2019-06-27T11:39:49.993

Reputation: 113

Answers

0

Use SSH Port Forwarding (-L option). Of your home machine, only expose the ssh. It dosen't matter which port you'll end up connectiong to; 80 is acceptable. On home machine, run services on the loopback device or at least make them available from loopback.

Then connect there from your roaming station as: ssh -p home-port home.address -L 8888:localhost:8888 -L 8000:localhost:8000 etc.

(if you're under Windows putty is able to do this)

Then, on your roaming station, connect to localhost. ssh client will tunnel traffic to said ports on your home machine. If you make tcp connection to localhost:8888 on a roaming station, ssh client will accept, then make a connection to localhost:8888 at home machine and then proxy packets back and forth, so you'll end up like your home service appear on your roaming station.

You can also make a reverse forwards with -R option. You can access that isn't directly accessible from your roaming station if you forward destination will be not localhost, but anything else accessible from home: -L 7777:some.irc.server:6666, and connection to localhost:7777 will be as if you connected to some.irc.server:6666.

No matter what you do, over the wire only SSH traffic between your home and roaming station will be seen.

Nikita Kipriyanov

Posted 2019-06-27T11:39:49.993

Reputation: 505

Thank you, it's working! – Luca – 2019-06-28T07:45:26.083

Asked: 2019-06-27T11:39:49.993

Viewed: 27 times

Active: 2019-06-27T12:02:52.607