Edit/Solved: Thank you for all the great input! Both on alternative solutions and on security implications. I’m going to make a draft on how I would setup the e-mail method as securely as possible as a programming/scripting exercise, but will IRL probably end up using either some reverse tunnel/shell variant.
Edit 2: or, as a hardware solution, install an extra NIC that I expose to the opennet - thus enabling remote port forwarding - while binding all my sensitive processes/traffic to my encrypted NIC.
I cannot ssh into my Linux box from outside of my LAN since I’m behind a VPN that doesn’t support port forwarding. Is it possible to make my Linux box receive, interpret and execute commands through e-mail instead? I’ve tried looking for answers through DuckDuckGo’s search engine, to no avail. If I may dream, I would like to setup an e-mail server with a systemd service or just run a script that continuously downloads the emails, prints their content to stdin and executes, perhaps through command substitution, whatever is in stdin.
You could, but I’m not sure that’s a good idea security-wise. Also how would you interact with commands that require interaction?
Hm… I’d run the script/service with root privileges and make the commands concise one-liners, maybe… I’m actually only looking at the
shutdowncommand , presuming that it doessyncandumountgracefully…Maybe I could reduce security risks by creating a user that can only run
shutdown. And make it so that only that user can access (download, print, execute) emails?Or don’t execute she’ll commands written in the email, and instead have a plain English command that, if detected, triggers a specific shell command. That way nobody could arbitrarily run code, only the commands you’ve built into the listener.
You could always sign the messages with GPG or S/MIME.