I wanted to improve the security of a TV connecting to a server on a different LAN, and one approach I thought of is to use a RPi on the network to look after the secure connection.

So the pi could connect to the remove server through SSH, and forward the port locally. I thought this port could then be opened, and the TV can then be pointed at the pi on the local network.

Port forwarding to the pi works but I can’t connect to it from another device, even after setting firewall settings.

Basically the firewall rule is ufw allow from 192.168.1.0/24 port 1234

Does this idea work, or is there a better approach? Am I missing something in the setup?

  • eksb@programming.devEnglish
    4·
    10 hours ago

    ssh -L 1234:localhost:1234 remote_server binds the RPi’s localhost:1234 to remote_server’s localhost:1234. You want to bind the port to something on the RPi that the TV can hit, so something like ssh -L 192.168.1.5:1234:localhost:1234 remote_server, where 192.168.1.5 is the RPi’s address.

    I think you also want -N on the ssh command.

    • eyesaremosaics@lemmy.zipOPEnglish
      1·
      2 hours ago

      That worked thanks, I didn’t know you could put an address like that in the -L command, and the -N is correct here too