Never really had a need to set up remote ssh until I moved out of my parents house and in doing so, my rsnapshot server is no longer connected since it was set up to handle local machines on the network. I'd like to keep the rsnapshot server at my parents' house so that it would serve as a remote backup, however I see several issues with this all stemming from dynamic IP addresses on both sides. They don't change that frequently so I'm okay with changing hosts.allow, sshd.config, and rsnapshot.config manually, though if there was a way to automate this I'd like to hear.

I would go with teamviewerfor this situation

Use a free DNS updating service and use DNS names. I use http://freedns.afraid.org/. Then set up key-based login and disable password based login in SSH. The second step is optional, but I guarantee you'll have a constant barrage of brute-force password guessing directed at port 22.

1 members found this post helpful.

I did pretty much the same thing as you're trying to do with DynDNS http://www.dyndns.com and, to keep the kiddies and bad actors out of my pants, with DenyHosts http://denyhosts.sourceforge.net/. I can highly recommend both.

DynDNS runs a a daemon and actively changes its address for you (you get to make up host names) when you, oh, turn of the modem or whatever that causes the ISP to give you a new address. It's a freebie.

DenyHosts also runs as a daemon and watches /var/log/syslog (or whatever you like) where remote connections are logged and automagically adds entries to /etc/hosts.deny (or IPTABLES or...) to refuse connections from folks that attempt to log in as root, wheel and other "privileged" user accounts (with failed passwords). It also shares with world-wide users' experiences (if you want) and downloads other DenyHosts users banned site addresses. This one I like -- it works, it's invisible to you and it puts a stop to a lot of nonsense from a whole lot of places.

You can, of course, remap the SSH address to an alternative port; this requires you to add that port number to the SSH connection (as in ssh snafu:12345).

It's pretty simple, your ISP changes your address, DynDNS uploads that to the DynDNS server and life is good.

Hope this helps some.

1 members found this post helpful.

I use DynDNS but ddclient is terribly unreliable.

I did use DynDNS and my router was supposed to update but it didn't check in often enough or something and my domain name expired. Now when I look on their site I don't see a free option.
I'd recommend changing the port for SSH. It may sound like security through obscurity but it makes it a darn sight easier to check your logs for intrusion attempts than if it's left on 22.

It works a lot better if you configure like this (routers don't do a good job of this):
Mine's been running for years like this, zero problems.

Hope this helps some.

1 members found this post helpful.

Thanks tronayne, I have used something similar in the past and it worked fine. The problems I'd have now are that I don't currently have an always on machine and, as I mentioned, I don't see a free offering from DynDNS any more. I don't currently need it though, so I'll investigate further if/when I do.
That said, I agree if there's a free option still this would be a good idea to solve the dimm0k's question.

Yet another way to use dynamic DNS is Hurricane Electric Free DNS service, though you have to provide your own domain name.