Oops, didn't see this reply before I replied.  This is the same thing as 
I was saying.

But I'll add to it, to get around outbound firewall access lists get 
creative and think about what ports might be allowed out and use them.  
Don't have a SSL server setup?  Use 443 for ssh.  Don't have ftp setup?  
Use 20 and 21 for ssh.

Or setup OpenVPN on your OpenWRT box (or an internal one) and setup a 
vpn into your internal network then you can do anything you want to any 
of the internal boxes.  I actually have my OpenVPN box listening on 443 
as most firewalls both allow that out and don't try to inspect or futz 
with it.

--j

Andrew Zbikowski wrote:
> Back when I had roomates who wanted SSH access to their box, we just
> setup the router to forward some high ports to the ssh port on the
> Linux machine.
>
> ie:
> Justin's Box was port 1022
> My Box was port 1033.
>
> Then we just used the wild card option in dyndns, so we were doing
>
> ssh -p 1022 kremer.geekapt.homeip.net
> ssh -p 1023 zibby.geekapt.homeip.net
>
> It worked out well enough until you hit a firewall that blocked
> outbound ports. ;)
>
> --
> Andrew S. Zbikowski | http://andy.zibnet.us
> SELECT * FROM users WHERE clue >0;
> 0 rows returned
>
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
>