SSH reverse tunnel intermediate host

Question

I have a scenario of 3 machines (A, B, C) all on different locations. All of them are behind NAT, where only B can be accessed from the outside world through forwarded port 12345 on the router on site B.

A = Laptop (WIN 10)

B = Raspi (Raspbian 9 Strech)

C = Raspi (Raspbian 10 Buster)

What I have managed so far:

I can ssh A => B (putty, through forwarded port 12345) - no big deal

I can ssh C => B (ssh -N -R 2222:localhost:22 [email protected] -p 12345) - reverse ssh tunnel, setup with crontab to run automatically.

I can ssh B => C (ssh -p 2222 localhost)

I can ssh A => B => C (putty to B, then from there "ssh -p 2222 localhost" and I get to C)

What I really want is:

ssh A => C (putty)

I want to access other devices in network C (from A), like file systems of the devices in network C etc.

Any help would be greatly appreciated.

Answer 1

If I were you I would consider using a VPN such as OpenVPN to connected your three devices. You write that device B, while behind a NAT, has port forwarding to the outside world. I would use the same port forwarding but instead forward port 12345 to 1194 for VPN; or simply forward port 1194 on your router to device B. Then B would run a openvpn server, and both A and C would be VPN clients. You could set the VPN client up on C to auto start the VPN connections when it connects to it's local network.

Then when you are using your laptop (A), you can start the VPN client and then C will simply be another host on your VPN network.

This is not exactly an A => C connection, but it would be a robust way to interconnect these networks.