[arch-general] "Automatic" upgrade

Al O'Nerd leandro at alonerd.net
Tue Feb 11 08:49:56 EST 2014

You could setup a cron job on that server that checks for a specific code
in a dropbox directory, or in an email account, and when received, it
deletes the {mail|file} and activates a SSH tunnel or a VPN with which you
can connect to.
All you should have to do when you want to connect is send the email / put
the file, wait a bit and then connect to the server.
You'll have to close the tunnel when you disconnect however, or perhaps the
same cron job can close it upon receiving another code.

L'ignoranza è un male curabile, è sufficiente la volontà.

On 11 February 2014 13:35, Ismael Bouya <ismael.bouya at normalesup.org> wrote:

> (Tue, Feb 11, 2014 at 01:29:30PM +0100) Constantin :
> > You could establish a VPN/tunnel originating from the server you want to
> > update. That way, from the machine's view, it is an outgoing connection
> > and might not be restricted by the firewall. You can then use the
> > existing tunnel to ssh back to the machine.
> > Of course this would require an accessible server somewhere outside.
> Sure, that's what I understood in the former message, and already thought
> of doing it. The problem that I have (maybe it wasn't clear in my message)
> is that then I give an "obvious" *permanent* entry point to a network that
> is willingly closed. If anything happens (even if I'm quite confident with
> the security of the machine, we never know), it's my responsibility, and I
> don't want that.
> --
> Ismael

More information about the arch-general mailing list