Re: Reverse tunnel and multiple interface

On Wed, 2008-10-29 at 10:59 -0700, Joseph Spenner wrote:
How about if you add a special route to your target via the PPP0 interface? If you know the IP where you're going to land, you could add a host route through the PPP interface. Then, ssh would respect that route.

Yes, but the problem is that if i do so, then the other apps will use
that route as well, and i don't want this to happens - the main app
connects to the same server as the one i would like to set-up the
reverse tunnel... :(

Perhpas, i din't give this detail, but actually i want the main app to
connect to the server through eth0/wifi/adsl, and the reverse ssh tunnel
to connect to the *SAME* server through ppp0 only.

I'm currently looking at iptables/iproute and stuff... but no solution
found so far! :(


--- On Wed, 10/29/08, Christian Gagneraud <cgagneraud@xxxxxxxxxxxx> wrote:

From: Christian Gagneraud <cgagneraud@xxxxxxxxxxxx>
Subject: Reverse tunnel and multiple interface
To: secureshell@xxxxxxxxxxxxxxxxx
Date: Wednesday, October 29, 2008, 10:51 AM
Hi all,

I have a box running embedded linux, which has 2 network
interfaces, the
first (eth0) is the "normal" interface, the other
one (ppp0) is used as
a back-up link (in case eth0 is down, we still want to be
able to
connect to the box).
The box is installed on the sea, few miles away from the
shore, the box
access internet through eth0 which is connected to a
transparent WIFI
bridge and finally to an ADSL router.

The ppp0 is a GPRS connection via a modem, as my provider
doesn't allow
incoming connection, i need to set up a reverse tunnel if i
want to be
able to connect remotely to the box.
I know i can set-up the reverse tunnel with something like
"ssh -CNR
middleuser@middleserver", we use this on
other projects that have only ppp0 to access internet, and
it works

It is critical for us to be able to access the box 24/7,
the services
provided by this box need a good bandwidth, that's why
we need a
broadband connection. The ppp0 will be only used in case of
eth0/internet failure to investigate the problem(s).
Actually the WIFI link is the weakness of the system, the
embedded WIFI
bridge can fail due to various reason including
misalignment (the system
can derived from its original position), corosion (sea
water is a
killer), power supply failures, ....

Finally, my problem is that i would like to simply force
the reverse
tunnel to use only ppp0. And at the same time i need the
default route
to go through eth0 (that is needed for the main programs
running on this

So, this is what i would like to achieve:

/----------- ppp0 --------| GPRS Modem |---{internet}
| /---- lo
| | /-- eth0 --------| ADSL router|---{internet}
| | |
| | |
| ssh daemon (2222), main apps
\-- ssh -CNR ...

I have the feeling that there's no way to tell ssh to
make a reverse
tunnel through a specific interface and ignore the default
route, and
that i will have to find a way via the kernel network
set-up, and i have
no clue on how to do this. I don't want to use an
route, because if my app try to use ppp0, then the link
will be stucked,
because this app is bandwith hungry and anyway this app
needs incoming

So, perhaps someone will come here with an idea using only

With best regards,

PS: Please CC me as i'm not subscribed to the list.