2020/01/15

Maintain ssh tunnel

Based on this: https://github.com/daradib/sidedoor

1. installation
sudo apt install sidedoor
2. create ssh public key and add to remote user ~/.ssh/authorized_keys
sudo ssh-keygen -t rsa -N '' -f /home/myaccount/id_rsa
cat /home/myaccount/id_rsa.pub | ssh myaccount@my.remote.server 'cat >> .ssh/authorized_keys'
3. modify /etc/sidedoor/config
Host my.remote.server
  # SSH private key to access the remote server.
  IdentityFile /home/myname/id_rsa

  # because I am using ddns, my IP might change, so I set it to no
  StrictHostKeyChecking no

  # SSH host key of the remote server.
  UserKnownHostsFile /dev/null

  # If tunneled traffic is encrypted (e.g., SSH),
  # it probably does not compress well.
  Compression no

  # Disable password authentication.
  BatchMode yes

  # Terminate if unable to set up port forwarding.
  ExitOnForwardFailure yes

  # Enable SSH keepalives.
  ServerAliveInterval 30

  # Disconnect after unresponsive SSH keepalives.
  ServerAliveCountMax 3

4. modify /etc/default/sidedoor
# Configuration for sidedoor service

# Arguments to pass to sidedoor, which are in turn passed to ssh.
# See man ssh for possible options.
# For example, uncomment the line below to create a remote port forward
# to the local SSH server (running on port 22, exposed on port 8022).
OPTIONS='-R 12345:localhost:9999'

# Remote SSH server to connect to, i.e., [user@]hostname.
REMOTE_SERVER=myaccount@my.remote.server

5. start up sidedoor service and check sidedoor status
sudo systemctl enable sidedoor.service
sudo systemctl restart sidedoor.service
systemctl status sidedoor.service

沒有留言:

張貼留言