Ssh remote connect to server - proxied

I created a script to connect with ssh to my server, using cloudflare API to retreive my real IP address, without exposing any of my personal addresses. They remain all proxied.


# connect via cloudflare API to get real IP of home server
IP=$(curl -s -X GET "" \
     -H "X-Auth-Email: [email protected]" \
     -H "X-Auth-Key: API TOKEN" \
     -H "Content-Type: application/json" | jq -r '.result[].content')

# use recovered IP Address to connect on server from remote.
ssh -i ~/.ssh/myCustomIdRsa [email protected]"$IP" -p portNumber 

Hope that helps someone
I have changed the approach a little bit to access with ssh and rsync as i do for the rest.
I have changed the above file to an executable utility, I named the file cloudflare and i put it in /usr/local/bin.


zoneID="get the Zone ID from cloudflare personal account"
# change with your domain or subdomain
# I use to keep an A record with my domain, everything else as CNAME
authKey="get the AUTH KEY from (API Token)"
authMail="[email protected]"

# connect via cloudflare API to get real IP of home server
IP=$(curl -s -X GET "$cloudflareUrl/$zoneID/dns_records?$params" \
     -H "X-Auth-Email: $authMail" \
     -H "X-Auth-Key: $authKey" \
     -H "Content-Type: application/json" | jq -r '.result[].content')

echo $IP

Then in .bash_aliases of home directory of the user i added 2 aliases as functions that do changes to connect on ssh or with rsync if is MY_SERVER i want to connect to

function rs(){
	if [[ [email protected] == *'MY_SERVER:'* ]]; then
		 command rsync -auvzhP -e "ssh -p 2000 -i ~/.ssh/id_rsa_MY_SERVER" "${@/MY_SERVER/[email protected]$(cloudflare)}";
		command rsync -auvzhP --no-super "[email protected]";

function ssh(){
	if [[ [email protected] == *'MY_SERVER'* ]]; then
      command ssh -o "HostName=$(cloudflare)" "[email protected]";
      command ssh "[email protected]";

In these aliases i check if my command includes the key word MY_SERVER; if it does i change the behavior of my ssh command or my rsync command (that i gave an extra alias as i normally do).
Keeping in mind that in ~/.ssh/config file there is configuration set for my server

  Port 3333
  User user
  IdentityFile ~/.ssh/id_rsa_MY_SERVER 

if i type the command


it will translate as follows

$(cloudflare) gives real IP address of my server
ssh -i ~/.ssh/id_rsa_MY_SERVER  [email protected]{REAL IP} -p 3333 

On the other hand if i type ssh any other configuration, will execute as usual.
For the rsync command, i already had an alias on it

alias rs="rsync -auvzhP --no-super"

so the change included the possibility i want to sync with my server.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.