Support #834
Updated by Daniel Curtis over 8 years ago
This is a guide for setting up a persistent reverse SSH tunnel using AutoSSH on FreeBSD.
Once completed, the service that will autostart at boot will open port 5000 on the remote SSH connection that will allow SSH connections back to the originating host.
h2. Prepare the Environment
* Switch to the root user:
<pre>
sudo -s
</pre>
* Make sure the system is up to date:
<pre>
pkg update && pkg upgrade
</pre>
* Generate a root ssh keypair:
<pre>
ssh-keygen -t ed25519
</pre>
* Copy the ssh public key to the remote host:
<pre>
ssh-copy-id bob@ssh.example.com
</pre>
h2. AutoSSH
* Install autossh:
<pre>
pkg install autossh
</pre>
h3. Host Config
* Create a .ssh config file:
<pre>
vi ~/.ssh/config
</pre>
#* And add the following:
<pre>
Host remote-tunnel-home
HostName ssh.example.com
User bob
Port 7022
IdentityFile ~/.ssh/id_ed25519
RemoteForward 5000 localhost:22
ServerAliveInterval 30
ServerAliveCountMax 3
</pre>
h3. Start Tunnel at Boot
* Edit the rc.local file:
<pre>
vi /etc/rc.local
</pre>
#* And add the following: following to the end of the file:
<pre>
#!/bin/sh
/usr/bin/autossh -M 0 -N remote-tunnel-home &
</pre>
* Run the script to start the tunnel without rebooting:
<pre>
sh /etc/rc.local
</pre>
h2. Resources
* https://raymii.org/s/tutorials/Autossh_persistent_tunnels.html
* https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/
* https://blog.sleeplessbeastie.eu/2014/12/23/how-to-create-persistent-reverse-ssh-tunnel/