This is an old revision of the document!

Tunneling with DreamCompute

These steps set up remote access to a home network using an ssh tunnel to a DreamCompute host.

At the DreamCompute Access and Security panel…
1. Create a Security Group ruleset. Add rules to open the desired ports (e.g., port 12345):
```
Manage Rules
Add Rule: Custom TCP Rule, Ingress, Open Port 12345, Remote CIDR = 0.0.0.0/0.
```
2. Create a key pair, download the public key (e.g., cloud.pem), and put it in the home server '.ssh' directory.
Create a DreamCompute server instance.
Using ssh from home machine, connect to Dreamhost instance. Edit /etc/ssh/sshd_config and add this at the end (assuming default user is ubuntu):
```
ClientAliveInterval 30
ClientAliveCountMax 3

Match User ubuntu
    GatewayPorts yes
```
Create an A-type DNS record for the DreamCompute IP address with a name like casa.example.com.
To create and test the tunnel use the command below on the home server, then try to connect to port 12345 on casa.example.com.
```
$ ssh -NR '*:12345:192.168.1.123:54321' casa.example.com
```

On home server, create a ~/.ssh/config file with something like this…

Host tunnel
HostName casa.example.com
User ubuntu
IdentityFile ~/.ssh/cloud.key
BatchMode yes
EscapeChar none
RemoteForward *:9190 192.168.1.190:2190
RemoteForward *:9191 192.168.1.191:2191
RemoteForward *:9999 192.168.1.192:2222

Add this line to crontab:
```
@reboot autossh -fN tunnel
```

References

DreamCompute instance
sshd_config manpage
autossh manpage