Ssh remote connect to server - proxied

I created a script to connect with ssh to my server, using cloudflare API to retreive my real IP address, without exposing any of my personal addresses. They remain all proxied.

#!/bin/bash

# connect via cloudflare API to get real IP of home server
IP=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/zoneID/dns_records?type=A&name=example.com&match=all" \
     -H "X-Auth-Email: [email protected]" \
     -H "X-Auth-Key: API TOKEN" \
     -H "Content-Type: application/json" | jq -r '.result[].content')

# use recovered IP Address to connect on server from remote.
ssh -i ~/.ssh/myCustomIdRsa [email protected]"$IP" -p portNumber 

Hope that helps someone
EDIT
I have changed the approach a little bit to access with ssh and rsync as i do for the rest.
I have changed the above file to an executable utility, I named the file cloudflare and i put it in /usr/local/bin.

#!/bin/bash

zoneID="get the Zone ID from cloudflare personal account"
# change example.com with your domain or subdomain
# I use to keep an A record with my domain, everything else as CNAME
params="type=A&name=example.com&match=all"
authKey="get the AUTH KEY from https://dash.cloudflare.com/profile/api-tokens (API Token)"
cloudflareUrl="https://api.cloudflare.com/client/v4/zones"
authMail="[email protected]"

# connect via cloudflare API to get real IP of home server
IP=$(curl -s -X GET "$cloudflareUrl/$zoneID/dns_records?$params" \
     -H "X-Auth-Email: $authMail" \
     -H "X-Auth-Key: $authKey" \
     -H "Content-Type: application/json" | jq -r '.result[].content')

echo $IP

Then in .bash_aliases of home directory of the user i added 2 aliases as functions that do changes to connect on ssh or with rsync if is MY_SERVER i want to connect to

function rs(){
	if [[ [email protected] == *'MY_SERVER:'* ]]; then
		 command rsync -auvzhP -e "ssh -p 2000 -i ~/.ssh/id_rsa_MY_SERVER" "${@/MY_SERVER/[email protected]$(cloudflare)}";
	else
		command rsync -auvzhP --no-super "[email protected]";
	fi
}

function ssh(){
	if [[ [email protected] == *'MY_SERVER'* ]]; then
      command ssh -o "HostName=$(cloudflare)" "[email protected]";
  else
      command ssh "[email protected]";
  fi
}

In these aliases i check if my command includes the key word MY_SERVER; if it does i change the behavior of my ssh command or my rsync command (that i gave an extra alias as i normally do).
Keeping in mind that in ~/.ssh/config file there is configuration set for my server

Host MY_SERVER
  Hostname example.com
  Port 3333
  User user
  IdentityFile ~/.ssh/id_rsa_MY_SERVER 

if i type the command

ssh MY_SERVER 

it will translate as follows

$(cloudflare) gives real IP address of my server
ssh -i ~/.ssh/id_rsa_MY_SERVER  [email protected]{REAL IP} -p 3333 

On the other hand if i type ssh any other configuration, will execute as usual.
For the rsync command, i already had an alias on it
as

alias rs="rsync -auvzhP --no-super"

so the change included the possibility i want to sync with my server.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.