How do I login ssh to an IPv6 server from an IPv4 internet connection?

How do I login ssh to an IPv6 server from an IPv4 internet connection?

Goals

  • Not everybody has an IPv6 address (see IPv6 adoption per country):
Source Google IPv6 adoption per country
  • Given a valid account (ssh), allow a user on an IPv4 connection ssh to an IPv6 server running on an IPv6 host. Let's get tunnelling!
  • Critical goals: To the user, they should still be able to simply ssh <username>@<hostname> because we don't want to re-invent, confuse, or add cognitive load in avoidable anyway

Code example

As part of this research the following repo was created.

With this you can:

  • ssh to an ipv6 server from an ipv4 address from within a web browser
  • Need: You need to spin up a intermediary server (e.g. VPS) which speaks both ipv4 and ipv6 (aka dual stack) for this to work, see the repo below:
GitHub - KarmaComputing/ipv4-ssh-to-ipv6-server: ssh to an ipv6 server from an ipv4 address from within a web browser
ssh to an ipv6 server from an ipv4 address from within a web browser - GitHub - KarmaComputing/ipv4-ssh-to-ipv6-server: ssh to an ipv6 server from an ipv4 address from within a web browser

Example ssh_config IPv4 to IPv6 server using ProxyCommand

Host ipv6host
  User root
  ProxyCommand ssh <ip-forwarder-hostname> 'nc -6 2a01:4f9:c010:beda::1 22' 

Host ipv6hosttwo
  User root
  ProxyCommand ssh <ip-forwarder-hostname> 'nc -6 2a01:4f9:c012:70c2::1 22'
Where <ip-forwarder-hostname> is the host or ip address of a server which speaks both IPv4 and IPv6 (aka 'is Dual-stacked) and has a route to the destination Host. Credit to https://backreference.org/2010/02/26/jump-in-with-ssh-and-netcat/index.html for help working this out as a cross-platform solution

Questions

Does a IPv4 DNS request receive AAAA responses?

Assumptions

  • I can connect to intermediate host (intermediate), then I want that host to forward my ssh connection (proxy) to the destination.

Credits

Thanks to

  • https://backreference.org/2010/02/26/jump-in-with-ssh-and-netcat/index.html

Related

We've been writing a lot about ipv6 of late as ipv6 is becoming more commonplace.

Setup an IPv6 connection over IPv4 via Wireguard VPN (How to get IPv6 when you only have an IPv4 internet connection)
If you don’t have IPv6 at home, sometimes you want to be able to test IPv6 only services- you need to tunnel a IPv6 connection somehow from your IPv4 internet connection to a server which does have IPv6 enabled. You can achieve that by using a combination of: * A cheap
IPv6 Only Web Services Becoming Commonplace
IPv6 connectivity (native) continues to shoot up: This trend started as a slow “it won’t happen” almost joke within the IT community with efforts such as the 2012 “World IPv6 launch days” The economic incentive for IPv6 is here now What we’re seeing now is the economic incentive stepping in
Using systemd-nspawn containers with publicly routable ips (IPv6 and IPv4) via bridged mode for high density testing whilst balancing tenant isolation
If you’re tight for time and want to build this right away see the “Tutorial” heading for how to setup systemd-nspawn with bridge mode and public ip addressing. There’s also an accompanying systemd-nspawn repo with a scripted process to deploy everything in this article automatically: GitHub - Kar…
Collect recurring payments with Subscribie - Try Now