I am playing with setting up a private logmein clone to manage a hand full of roaming raspberry pi boxes. Internally I have been reasonably successful with openvpn + tightvnc server on the pi and openvpn + apache + novnc on my internal server.
But my test server isn't accessible to the outside world, and my VPS provider refuses to provide me tun/tap support. So does anyone know of a good replacement for openvpn that doesn't require a kernel module?
I have been playing with ssh and port forwarding with only minor stability issues. But when I scale this up to hundreds of deployed devices I don't want to have to manually assign ports for each device and maintain an assignment list to avoid port forwarding conflicts.
So far my experiments have suggested that SSH would require a script to log in with no port forwarding so that it could see what ports are available and then restart the connection with new port forwarding rules or open a second connection with port forwarding before registering with the management system.
Ultimately my goal is that no matter what network the device is attached to, and whether or not it is behind a NAT gateway. It can log into my management host and register itself. And that the connection is as reliable/robust/secure as possible.
[link][3 comments]