I wanna connect from a computer A, which have an independent IP, to a computer B in a LAN. If port mapping is possible, I can simply use ssh to connect to computer B. Since I don’t want to inform the administrator, I have to find other ways to solve it.

The article [SSH reserve tunnel] shows the method to complete the mission.

In computer B, execute the command:

ssh -f -N -R [remote port]:[LAN IP]:[local ssh port] [remote user]:[remote IP]

the option[man page]:

-f: run in background
-N: port forwarding only, not execute remote command
-R: a tunnel between the two computer

After the tunnel is built by computer B, execute the command in computer A.

ssh [LAN user]@localhost -p [remote port]

what is the parameters?

[remote port]: the port of computer A, used by ssh tunnel.
[LAN IP]: the IP address of computer B.
[local ssh port]: the port of computer B, used for listening ssh to connection. Default value is 22.
[remote user]: the username in computer A.
[remote IP]: the IP address of computer A.
[LAN user]: the username of computer B.


More to do?
use a domain name to replace the remote ip?
A script to run the reserve tunnel automatically? [MikeyMcKay's Hacktivate blog]