Support #829
Updated by Daniel Curtis over 7 years ago
This is a guide for setting up a persistent reverse SSH tunnel using AutoSSH on Arch Linux. Once completed, the service that will autostart at boot will open port 5000 on the remote SSH connection that will allow SSH connections back to the originating host. h2. Prepare the Environment * Switch to the root user then switch to the: user: <pre> sudo -s </pre> * Make sure the system is up to date: <pre> pacman -Syu </pre> * Generate a root ssh keypair: <pre> ssh-keygen -t ed25519 </pre> * Copy the ssh public key to the remote host: <pre> ssh-copy-id bob@ssh.example.com </pre> h2. AutoSSH * Install autossh: <pre> pacman -S autossh </pre> h3. Host Config * Create a .ssh config file: <pre> nano ~/.ssh/config </pre> #* And add the following: <pre> Host remote-tunnel-home HostName ssh.example.com User bob Port 7022 IdentityFile ~/.ssh/id_ed25519 RemoteForward 5000 localhost:22 ServerAliveInterval 30 ServerAliveCountMax 3 </pre> h3. Systemd Service * Create the autossh reverse tunnel service file: <pre> nano /etc/systemd/system/autossh-reverse-tunnel-home.service </pre> #* And add the following: <pre> [Unit] Description=AutoSSH tunnel to remote SSH host on local port 5000 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -N remote-tunnel-home [Install] WantedBy=multi-user.target </pre> * Refresh the systemd units: <pre> systemctl daemon-reload </pre> * Start and enable the service at boot: <pre> systemctl start autossh-reverse-tunnel-home autossh-reverse-tunnel-home.service systemctl enable autossh-reverse-tunnel-home autossh-reverse-tunnel-home.service </pre> h2. Resources * https://raymii.org/s/tutorials/Autossh_persistent_tunnels.html * https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/ * https://blog.sleeplessbeastie.eu/2014/12/23/how-to-create-persistent-reverse-ssh-tunnel/ * https://wiki.archlinux.org/index.php/Secure_Shell#Run_autossh_automatically_at_boot_via_systemd