30 June 2020
A simple Bash script and helper to accept incoming SSH traffic using port forwarding on a router, with a dynamic DNS through DigitalOcean.
Following: DigitalOcean DDNS Guide
- DigitalOcean account
- API token for DNS updates
- A local machine with SSH server enabled ("Remote Login")
- Router capable of port forwarding (example: Apple Airport Base Station)
Create a Personal Access Token
Example: Use O-R-G as your project name.
Point basement.o-r-g.net to your IP.
This DNS record will be updated by a local Bash script.
Use the get-dns-id.sh script:
./get-dns-id.shAdd the DNS record ID and API token to .zshrc as enviroment variables then run update-dns.sh:
nano /Users/me/.zshrc
./update-dns.shKeep the DigitalOcean DNS record updated every 5 minutes:
crontab -eAdd the following line:
*/5 * * * * /usr/local/bin/update-do-ddns >> /Users/me/log.txtFollowing Apple Discussions: Port Mapping
- Reserve a DHCP static IP for the local computer.
- Forward external port 22 to this static IP.
- MAC address (System Preferences → Network).
- Static local IP.
List all local IPs and MAC addresses:
arp -aExample output:
xx:xx:xx:xx:xx:xx
10.0.1.x
Set up port forwarding:
- Choose "Remote Login - SSH" (public TCP, port 22 points to local static IP).
- Restart the Base Station.
Set static ip for local computer with MAC address specified in Step 7: System Settings : Network : Wifi : Details : TCP/IP : Configure IPv4 : Using DHCP with Manual Address
Ensure sshd is running locally ("Remote Login" enabled in Sharing).
Connect using:
ssh someone@somewhere.comcp update-do-ddns.sh /usr/local/bin/update-do-ddnsRun on startup:
caffeinate -d✅ Your system should now accept incoming SSH traffic dynamically using DDNS and port forwarding.