I need to remotely open a port on a router (remote web access is off).
I have SSH access to a Raspberry PI (Debian) that is on the same LAN as the router.
Is there some way I can do that remotely from my Windows PC, through the SSH? I can only find how to do it through linux.
Sometimes the router web interface doesn't work over an SSH tunnel (in case it loads resources from a hardcoded IP). In this case, you can run a proxy like this:
ssh user@host -D 8080
Then you go into your browser settings and set a proxy:
From man ssh:
-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the local side, op‐
tionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is forwarded over the secure chan‐
nel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5
protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwardings can also be
specified in the configuration file.
IPv6 addresses can be specified by enclosing the address in square brackets. Only the superuser can forward privileged ports. By default,
the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to
a specific address. The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or
‘*’ indicates that the port should be available from all interfaces.
You can use a SSH tunnel to access it, so for a machine with IP 192.168.0.254 on port 80 within the same LAN as the SSH server:
# ssh <user>@<host> -L <local_port>:<distant_host>:<distant_port>
ssh user@host -L 8080:192.168.0.254:80
http://localhost:8080
hostname, so if unable to connect using localhost, replace with 127.0.0.1Slightly hacky alternate solution, but its saved me a few times(in other situations) and its worth considering as an alternative. YMMV, and its a little crunchy - but you run a browser that's usable over SSH on the pi. I'm running the binary versions not the docker container.
Its a simple download and unzip, I vaguely recall there was a prerequisite it needed, and once you're done you can just remove it.
Running it is as simple as ./carbonyl - there may be a prompt asking you to run it with a argument for no sandbox on some versions of linux. This appears permissions related, potentially due to apparmor. You can find steps to work around that in my question here
In theory you can use w3m in some cases, but carbonyl has much better support for the modern web.
I need to dig up the password for my router, and I can't promise to how usable it'll be but I've gotten as far as the login page for it
