Difference between revisions of "Ssh reverse tunnel"
From Teknologisk videncenter
m |
m |
||
| Line 6: | Line 6: | ||
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21 | ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21 | ||
</source> | </source> | ||
| − | Establishing the reversed tunnel from a scriptfile | + | Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. |
<source lang=bash> | <source lang=bash> | ||
#!/usr/bin/bash | #!/usr/bin/bash | ||
Revision as of 13:57, 28 June 2025
To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.
Remote server
To allow login without password create public/private rsa key pair and
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21
Establishing the reversed tunnel from a scriptfile. You probably needs to install autossh.
#!/usr/bin/bash
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9
REMOTE_HOST="192.168.1.84" # "93.166.84.21"
REMOTE_PORT="9000"
REMOTE_USER="heth"
autossh -M 0 -gNC -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}