Skip to content

Instantly share code, notes, and snippets.

@rbellamy

rbellamy/socks-create.sh

Forked from AfroThundr3007730/socks-create.sh
Created July 11, 2021 22:57
Show Gist options
  • Save rbellamy/752f4aa5213b481b0d0bdcbbb72cfd32 to your computer and use it in GitHub Desktop.
Save rbellamy/752f4aa5213b481b0d0bdcbbb72cfd32 to your computer and use it in GitHub Desktop.
Download ZIP
Create an on-demand SSH-based SOCKS5 proxy via systemd socket activation
Raw
socks-create.sh
#!/bin/bash
# These steps will allow the setup of an on-demand SSH proxy
# Three unit files will be created to serve this purpose:
# ssh-socks-helper.socket - The listening socket providing activation
# ssh-socks-helper.service - A systemd proxy to pass the socket fd
# ssh-socks.service - The actual SSH service providing the tunnel
cat <<'EOF' > ~/.config/systemd/user/ssh-socks-helper.socket
[Unit]
Description=Proxy Helper Socket for Bastion SOCKS5 Proxy
[Socket]
ListenStream=1080
[Install]
WantedBy=sockets.target
EOF
cat <<'EOF' > ~/.config/systemd/user/ssh-socks-helper.service
[Unit]
Description=Proxy Helper Service for Bastion SOCKS5 Proxy
Requires=ssh-socks-helper.socket
BindsTo=ssh-socks.service
After=ssh-socks.service
[Service]
ExecStartPre=/bin/sleep 5
ExecStart=/lib/systemd/systemd-socket-proxyd 127.0.0.1:10080
TimeoutStopSec=5
[Install]
WantedBy=multi-user.target
EOF
cat <<'EOF' > ~/.config/systemd/user/ssh-socks.service
[Unit]
Description=On-Demand Bastion SOCKS5 Proxy Service
[Service]
ExecStart=/usr/bin/ssh -aqND 10080 your.bastion.host
[Install]
WantedBy=multi-user.target
EOF
systemctl --user enable ssh-socks.service
systemctl --user enable ssh-socks-helper.service
systemctl --user enable ssh-socks-helper.socket
systemctl --user start ssh-socks-helper.socket
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment