anyone around with the expertise to setup a reverse SSH server for:
CentOS7-Rockstor?
Support will be needed and I’ll like to talk about it.
My Idea is to get Subscription Rockstor license to each server to store video files around the states at each of my friends video production studio. But as they don’t have any tech Knowledge on IT stuff. I want to give the some support in case of future updates and such.
Will anyone help me setup a 10x Plus server remote or Reverse SSH solution for my approach?
So the goal is to be able to login to the server in case of issues?
Not sure why you wouldn’t be able to use plain old SSH here, or how you envision “reverse SSH” to work better or anything.
As an alternative, you could take a peek at Cockpit (can do a bit more than just SSH, I love it to bits) or Guacamole.
Maybe I’m misunderstanding what the exact goal is, what you’re trying to achieve. Feel free to give a bit more information and background.
It because I have no information and/or access credential to firewall from remote locations. I tough that I can make a persistent connection from each Rockstor to one main public server. Each remote Rockstor will them register to public server from even behind the NAT. Then I can control them from the main public server without dealing with port forwarding nor public unknown IPs.
-I’m going to setup each of the servers on my location and then ship them to final user.
I’ll review what you just suggested. I wonder I that functionality can be setup to remotely monitor each Rockstor I’m working on?
Allright, that’s a bit more to work on.
I wouldn’t go with the permanently-open SSH-connection, since you can’t guarantee (I think) that that connection is always going to be stable. So the tunnel would be broken, which means you’d need something on the remote sites to babysit the connection and re-establish it whenever it goes down. Doesn’t sound like fun to me.
If poking holes in the firewall really is an issue, then you could look into ngrok. You could use that for either the web interfaces I mentioned - heck, you could use it to access the Rockstor interface - or an SSH daemon. You’d run ngrok on each of the remote systems, but since that’s a simple process, that’s a bit easier to keep running through systemd. There’s a free option that has some limitations, or a paid option that gives you more breathing room.
Before you start rolling out solutions like this, though, make sure you are aware of the fact that you’re opening up a server to the internet at large, and that you should make sure the services you open up are sufficiently secure!