FAQ

"How do I know I will really connect to my server?"

When you connect to your server through the sshreach.me tunnel all you see is forwarding server address and a port like in this example.

ssh -p port_number my_name@fwN.sshreach.me

You might be wondering if this address really leads to your server. You wouldn't like to send your password to some unknown server. Before the connection is established you will be sent an ssh signature key like in this example:

The authenticity of host '[fw1.sshreachme-trial.com]:10012 ([139.162.161.211]:10012)' can't be established.

RSA key fingerprint is SHA256:Gp7S+U3v9OfkkNkW8aONO4nVGyrFWa7sQEtl8kZas94.

Are you sure you want to continue connecting (yes/no)?

This is the signature of the server you are connecting to. You should continue connecting only if you recognize the signature.

"Which client script should I use?"

The basic idea behind creating the sshreach.me service was to have a client Python script that can run on any system. However, since it uses https protocol, a drawback is fairly high data consumption - around 100 MB per client per day - which is a significant amount of data for clients on metered connection.

Because of this, we also have a version of the script that uses sockets for communication with our servers. It transfers 200 times less data during operation - daily usage does not exceed 0.5 MB.

However, the sockets script only works on systems with Python 3.6 or higher installed.

Https script is more likely to work on any firewall since it uses standard https port. The sockets script uses port 8400 and they might be blocked by some firewalls.

If you have an older system with only Python 2.7, or your outbound connections might be blocked by the firewall we suggest that you use the https script as it offers better compatibility.

If you are on a metered internet connection and you have system with Python 3.6 or newer you can use sockets script but check that your outbound connections on ports 8400 are not blocked.

"Can sshreach.me see my password?"

No, it can not. When you make a connection to your server (which is identified by an ssh signature explained in previous question) and are asked for a password an encrypted tunnel has already been made and your password is not visible to anyone.

"How to ensure sshreachme.py is started upon reboot?"

There are various ways to do it depending on your distribution. If you have crontab enabled on your machine the easiest way is to add the following line to your crontab:

@reboot python /path/to/sshreachme/sshreachme.py /path/to/id_rsa

Or you can activate this script in crontab every few minutes: 


# this goes in crontab, checks if sshreachme.py is active and starts it if it is not active
# */2 * * * * /home_dir/sshreachme/check_if_sshreachme_is_alive.sh
#

# check_if_sshreachme_is_alive script starts here
if ! pgrep -f "sshreachme.py" > /dev/null ;
then
       # do some basic logging
       echo "sshreachme.py started by check_if_sshreachme_is_alive at " $(date) > /home_dir/sshreachme/is_alive_`date +%Y%m%d%H%M%S%N`.log
       python3 /home_dir/sshreachme/sshreachme.py /home_dir/sshreachme/id_rsa &
fi

"Why is trial period so short?"

After a series of abuses by some trial users who have used our service to distribute viruses and malware we have - unfortunately - decided to cut our trial period from three months to 5 days.

We are aware of the fact that five days are usually not enough time for trying our service and if you need longer trial period just contact us though our contact form and we will increase your trial period.