How to access cell-connected PC from internet

[LouisVanAlphen]

Hi not sure if this is the correct section to post this quesiton.

I have a remote ubuntu based PC with GSM modem connected to the internet. I need to access this remote PC from my home PC. Is this possible and how do I do that? Do I have to create a VPN on the remote PC and then enable my home PC to log into this VPN?

Thanks

 

[The_Unbeliever]

First off, if you're with either Vodacom, MTN or CellC, you have to apply for an unrestricted APN. Without an unrestricted APN you won't be able to connect.

If with 8ta, it's already unrestricted.

Then you can either :

1. Enable VNC (not recommended)
2. Enable and use PPTP/openVPN on Ubuntu (recommended). There is a lot of material regarding this on the Ubuntu forums.

 

[dadecoza]

First off, if you're with either Vodacom, MTN or CellC, you have to apply for an unrestricted APN. Without an unrestricted APN you won't be able to connect.

If with 8ta, it's already unrestricted.

Then you can either :

1. Enable VNC (not recommended)
2. Enable and use PPTP/openVPN on Ubuntu (recommended). There is a lot of material regarding this on the Ubuntu forums.

3. SSH + X11 Forwarding

 

[The_Unbeliever]

3. SSH + X11 Forwarding

I assume you can have the SSH daemon listen on any nonstandard port and still have X11 forwarding?

 

[dadecoza]

I assume you can have the SSH daemon listen on any nonstandard port and still have X11 forwarding?

Yep. But why not keep it 22?

 

[RoganDawes]

I assume you can have the SSH daemon listen on any nonstandard port and still have X11 forwarding?

Of course. Not sure I'd do X11 over the internet, though. I'd simply allow a port forward through the SSH connection to the VNC daemon running on localhost.

 

[The_Unbeliever]

Yep. But why not keep it 22?

Because script kiddiots will go for port 22. If you make it a nonstandard port, they won't know.

 

[bin3]

Try TeamViewer: Should be a version for Ubuntu as well ....

Otherwise welcome to the world of dynamic dns, port forwarding and restrictive apn's ...

 

[RoganDawes]

Because script kiddiots will go for port 22. If you make it a nonstandard port, they won't know.

Which is not a security mechanism, but simply stops them wasting your bandwidth doing password guessing attacks if they can't find you. If they DO find you, you could still be in trouble. Make sure you are only allowing SSH Key-based auth, and disable passwords entirely.

 

[ponder]

Yes Teamviewer will also work on a 3G connection.

 

[LouisVanAlphen]

Thanks for the replies. I need to run my own software there e.g. embedded HTTP server. I guess I will not be able to prevent DDoS etc?

A bit more about what I am doing. This is actually an internet appliance that I need to access from my home PC or any of my client's PCs. The machine-to-machine method of comms will be HTTP GET and POST both ways.

So it looks like there serious security risks. What if I keep it resctricted APN but then host a VPS in Vodacom Business domain and route all trafiic both ways through the VPS

 

[dadecoza]

Why not use some cheap hosting like http://serv.co.za/ ?