Support #829
Persistent Reverse SSH Tunnel Using AutoSSH on Arch Linux
Description
This is a guide for setting up a persistent reverse SSH tunnel using AutoSSH on Arch Linux.
Once completed, the service that will autostart at boot will open port 5000 on the remote SSH connection that will allow SSH connections back to the originating host.
Prepare the Environment¶
- Switch to the root user then switch to the:
sudo -s
- Make sure the system is up to date:
pacman -Syu
- Generate a root ssh keypair:
ssh-keygen -t ed25519
- Copy the ssh public key to the remote host:
ssh-copy-id bob@ssh.example.com
AutoSSH¶
- Install autossh:
pacman -S autossh
Host Config¶
- Create a .ssh config file:
nano ~/.ssh/config
- And add the following:
Host remote-tunnel-home HostName ssh.example.com User bob Port 7022 IdentityFile ~/.ssh/id_ed25519 RemoteForward 5000 localhost:22 ServerAliveInterval 30 ServerAliveCountMax 3
- And add the following:
Systemd Service¶
- Create the autossh reverse tunnel service file:
nano /etc/systemd/system/autossh-reverse-tunnel-home.service
- And add the following:
[Unit] Description=AutoSSH tunnel to remote SSH host on local port 5000 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -N remote-tunnel-home [Install] WantedBy=multi-user.target
- And add the following:
- Refresh the systemd units:
systemctl daemon-reload
- Start and enable the service at boot:
systemctl start autossh-reverse-tunnel-home systemctl enable autossh-reverse-tunnel-home
Resources¶
- https://raymii.org/s/tutorials/Autossh_persistent_tunnels.html
- https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/
- https://blog.sleeplessbeastie.eu/2014/12/23/how-to-create-persistent-reverse-ssh-tunnel/
- https://wiki.archlinux.org/index.php/Secure_Shell#Run_autossh_automatically_at_boot_via_systemd
Updated by Daniel Curtis over 7 years ago
- Description updated (diff)
- Status changed from New to Resolved
- % Done changed from 0 to 100