Support #829
Updated by Daniel Curtis over 8 years ago
This is a guide for setting up a persistent reverse SSH tunnel using AutoSSH on Arch Linux. h2. Prepare the Environment * Switch to the root user: <pre> sudo -s </pre> * Make sure the system is up to date: <pre> pacman -Syu </pre> * Generate a root ssh keypair: <pre> ssh-keygen -t ed25519 </pre> * Copy the ssh public key to the remote host: <pre> ssh-copy-id bob@ssh.example.com </pre> h2. AutoSSH * Install autossh: <pre> pacman -S autossh </pre> h3. Host Config * Create a .ssh config file: <pre> nano ~/.ssh/config </pre> #* And add the following: <pre> Host remote-tunnel-home HostName ssh.example.com User bob Port 7022 IdentityFile ~/.ssh/id_ed25519 RemoteForward 5000 localhost:22 ServerAliveInterval 30 ServerAliveCountMax 3 </pre> h3. Systemd Service * Create the autossh reverse tunnel service file: <pre> nano /etc/systemd/system/autossh-reverse-tunnel-home.service </pre> #* And add the following: <pre> [Unit] Description=AutoSSH tunnel to remote SSH host on local port 5000 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -f -T -N remote-tunnel-home [Install] WantedBy=multi-user.target </pre> Refresh the systemd units: <pre> systemctl daemon-reload </pre> *Start and enable the service at boot: <pre> systemctl start autossh-reverse-tunnel-home.service systemctl enable autossh-reverse-tunnel-home.service </pre> h2. Resources * https://raymii.org/s/tutorials/Autossh_persistent_tunnels.html * https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/ * https://blog.sleeplessbeastie.eu/2014/12/23/how-to-create-persistent-reverse-ssh-tunnel/ * https://wiki.archlinux.org/index.php/Secure_Shell#Run_autossh_automatically_at_boot_via_systemd