Difference between revisions of "Ssh reverse tunnel"
From Teknologisk videncenter
(Created page with "To ssh to a host behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should...") |
m |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | To ssh to a | + | To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname. |
=Remote server= | =Remote server= | ||
To allow login without password create public/private rsa key pair and | To allow login without password create public/private rsa key pair and | ||
| + | <source lang=bash> | ||
| + | ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21 | ||
| + | </source> | ||
| + | Establishing the reversed tunnel from a scriptfile. You probably needs to install '''autossh'''. | ||
| + | <source lang=bash> | ||
| + | #!/usr/bin/bash | ||
| + | # See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9 | ||
| + | REMOTE_HOST="192.168.1.84" # "93.166.84.21" | ||
| + | REMOTE_PORT="9000" | ||
| + | REMOTE_USER="heth" | ||
| − | + | autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER} | |
| + | </source> | ||
Latest revision as of 16:23, 28 June 2025
To ssh to a Linux server behind a firewall that doesn't allow incoming connections, a reverse ssh tunnel can be created from the server to a known client host. The client host should have a static IP address or a DNS hostname.
Remote server
To allow login without password create public/private rsa key pair and
ssh -o TCPKeepAlive=yes -R 9000:localhost:22 heth@93.166.84.21
Establishing the reversed tunnel from a scriptfile. You probably needs to install autossh.
#!/usr/bin/bash
# See: https://medium.com/@souri.rv/autossh-for-keeping-ssh-tunnels-alive-5c14207c6ba9
REMOTE_HOST="192.168.1.84" # "93.166.84.21"
REMOTE_PORT="9000"
REMOTE_USER="heth"
autossh -M 0 -gNC $1 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" -R ${REMOTE_PORT}:localhost:22 ${REMOTE_USER}@${REMOTE_USER}