Edit/Solved: Thank you for all the great input! Both on alternative solutions and on security implications. I’m going to make a draft on how I would setup the e-mail method as securely as possible as a programming/scripting exercise, but will IRL probably end up using either some reverse tunnel/shell variant.

Edit 2: or, as a hardware solution, install an extra NIC that I expose to the opennet - thus enabling remote port forwarding - while binding all my sensitive processes/traffic to my encrypted NIC.

I cannot ssh into my Linux box from outside of my LAN since I’m behind a VPN that doesn’t support port forwarding. Is it possible to make my Linux box receive, interpret and execute commands through e-mail instead? I’ve tried looking for answers through DuckDuckGo’s search engine, to no avail. If I may dream, I would like to setup an e-mail server with a systemd service or just run a script that continuously downloads the emails, prints their content to stdin and executes, perhaps through command substitution, whatever is in stdin.

  • Dave.@aussie.zone
    6·
    2 days ago

    If you can arrange a fixed IP address externally (or dynamic DNS that follows your IP around) you can set up a reverse SSH connection instead.

    Basically your server connects to your external computer via SSH and then sets up port forwarding so that when you connect to localhost:2222 or similar on your PC, you’re actually connecting back to the server.

    • emotional_soup_88@programming.devOPEnglish
      2·
      2 days ago

      Now THAT sounds like a smart solution! I’ll look into it! :) I can ask my ISP to give me a static address for my home. But something needs to prompt the ssh command “at home” to connect to my second computer, right (actually Termux on my Android phone)?

      • Dave.@aussie.zone
        3·
        1 day ago

        It can be a Cron job that runs every minute. Run a script that:

        • Checks for the existence of a file, if it exists, exit.
        • (Optional) ping your end, if it’s up, continue, otherwise exit
        • Touches said file.
        • Runs SSH to try and connect to your end. If the connection is made everything halts here until the connection drops.
        • Cleans up said file.
        • Exits.
        • 0t79JeIfK01RHyzo@lemmy.mlEnglish
          1·
          9 hours ago

          I just use autossh for it.

          I run an ssh connection to a VPS I pay like $5, which forwards a port there. The screen in the following command isn’t required, but I have it so I don’t have to keep the terminal window open.

          screen -d -m -S autossh.eastusa.keepalive autossh -M 33333 -R VPS_IP_HERE:5555:localhost:22 root@VPS_IP_HERE

          Then from other computers, to connect back

          ssh -L 5555:localhost:5555 root@VPS_IP_HERE
ssh root@localhost -p 5555

          For remote computers connecting back, the first ssh connects to the VPS and forwards a port to the remote computer. Then the 2nd ssh connection uses the forwarded port to complete the ssh connection to the computer behind the IP that can’t port forward.