Skip to content

Instantly share code, notes, and snippets.

@maietta

maietta/OpenWrt SSH tunnel.md

Forked from ssalonen/OpenWrt SSH tunnel.md
Created November 11, 2021 01:39
Show Gist options
  • Save maietta/3e2a7e627e60955d4364bcf4cb99a981 to your computer and use it in GitHub Desktop.
Save maietta/3e2a7e627e60955d4364bcf4cb99a981 to your computer and use it in GitHub Desktop.
Download ZIP
OpenWrt SSH tunnel
Raw
OpenWrt SSH tunnel.md

Short how-to for creating a reverse ssh tunnel to a remote server. Useful for breaking NATted connection for example.

  1. At OpenWrt:
opkg update
opkg install sshtunnel
  1. At remote server: create client ssh keys
ssh-keygen -b 2048 -t rsa

Move the resulting private key to OpenWrt /root/.ssh/id_rsa, and assign chmod 600.

  1. At remote server: Authorize OpenWrt client at remote server (authorized_keys)

  2. At OpenWrt: Store remote host public key as known host

ssh MYUSER@REMOTEHOST
# accept yes, and press ctrl + c
  1. At OpenWrt: Enable service (Start on bootup)
/etc/init.d/sshtunnel enable
  1. At OpenWrt: Start service
/etc/init.d/sshtunnel start
  1. At OpenWrt: configure sshtunnel

See https://wiki.openwrt.org/doc/uci/sshtunnel for more information

Example configuration

config server myremote
	option user	myuser
	option hostname	remotehost
	option IdentityFile	/root/.ssh/id_rsa
	option retrydelay	5
	option ServerAliveInterval	30
	option ServerAliveCountMax	3
	option LogLevel		DEBUG1

config tunnelR sshtunnel
	option server	myremote
	option remoteport	44423
	option remoteaddress	*
	option localport	22
	option localaddress	127.0.0.1

/etc/init.d/sshtunnel reload

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment