Project

General

Profile

Feature #808

Updated by Daniel Curtis over 4 years ago

This is a guide on how I setup an automatic reverse SSH tunnel that connects back to a server using Arch Linux.

* Start by creating an SSH keypair; this guide uses the user *bob* (replace as necessary):
<pre>
ssh-keygen -t ed25519
</pre>

* Copy the key over +to the server+ and add it to the @~/.ssh/authorized_keys@ file.

* Create the systemd *tunnel-home.service* unit file:
<pre>
sudo vi /etc/systemd/system/tunnel-home.service
</pre>
#* And add the following:
<pre>
[Unit]
Description=Reverse SSH Tunnel Service
ConditionPathExists=|/usr/bin
After=network.target

[Service]
User=bob
ExecStart=/usr/bin/ssh -NTC -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no -i %h/.ssh/id_ed25519 -p 10000 -R 12345:localhost:22 bob@server.example.com

# Restart every >2 seconds to avoid StartLimitInterval failure
RestartSec=3
Restart=always

[Install]
WantedBy=multi-user.target
</pre>
*NOTE*: This connects to server.example.com as the user bob on port 10000, creating port 12345 on the remote server to connect back to.

* Start and enable it at boot:
<pre>
sudo systemctl daemon-reload
sudo systemctl
enable tunnel-home.service
sudo systemctl start tunnel-home.service
</pre>

h2. Resources

* http://blog.kylemanna.com/linux/2014/02/20/ssh-reverse-tunnel-on-linux-with-systemd/
* http://blog.philippklaus.de/2013/03/start-autossh-on-system-startup-using-systemd-on-arch-linux/

Back