Create a gist now

Instantly share code, notes, and snippets.

Denver Clojure Meetup, remote pairing

#-*- mode: org -*-

Remote pairing and tunneling

I am using ‘x’ as a remote server that both parties have access to.

This document’s url:



For all purposes, tmux > screen, therefore I am skipping screen.



Ubuntu: sudo apt-get install tmux OSX: brew install tmux (via homebrew: Windows: I’m sorry, I can’t help you. I don’t think anyone can.


(for all commands, the default prefix bindkey is ctrl-b, however my configuration sets the prefix to ctrl-z)

Start a new tmux:


List tmux sessions:

tmux ls

Attach to a current tmux (same user):

tmux attach

However, a lot of the time we need a different user to connect to the same tmux, so we need to start tmux with a socket we actually know about:

tmux -S /tmp/leemux

Chmod it so others have access (feel free to limit only to a certain group)

chmod 777 /tmp/leemux

Then, as any other user, you can do:

tmux -S /tmp/leemux attach

To detach from a tmux session, use <prefix> d (so ctrl-b, then ‘d’ for the default tmux configuration)


tmux cheatsheet - my tmux configuration -





To SSH to a machine, setting up a reverse tunnel back to your machine:

ssh -nNT -R 4444:localhost:22 x

Then, when another user is on the ‘x’ machine:

ssh -p 4444 user@localhost

Or, if you want to have a easy way to automaticall do it, add this to ~/.ssh/config:

Host mytunnel
  User username
  ProxyCommand ssh -q x nc -q0 localhost 4444

and the following will work from your machine (not x):

ssh mytunnel

This will connect them to your machine, without either person actually having to set up port forwarding, DNS or knowing IPs


man ssh



Ubuntu: sudo apt-get install autossh OSX: brew install autossh Windows: …


AutoSSH behaves almost exactly like SSH, except it will automatically recreate connections if they stop responding after a timeout.

First, set how long the timeout should be (20 seconds):

export AUTOSSH_POLL=20

Then, use `autossh` similar to the way you use ssh, the -M option telling autossh what (local) port to use for polling this connection (just set it to whatever you feel like):

autossh -M 22000 -nNT -R 4444:localhost:22 x

This establishes the same tunnel as in the ssh section, but it will recreate the tunnel in the event the connection is lost (wifi dropped or you closed your laptop)



Advanced tunneling, when absolutely must have a way to get traffic out. Socat can do all sorts of crazy stuff, check out the documentation.

It’s been a while since I’ve done this, so ymmv.


Ubuntu: sudo apt-get install socat OSX: brew install socat Windows: …


Socat can be used to poke tunnels through draconian firewalls, as well as for regular tunnels and reverse tunnels

Assuming you have a .pem file (certificate), on a machine you plan to tunnel to that doesn’t currently use HTTPs for things:

sudo socat -d -d OPENSSL-listen:443,cert=host.pem,verify=0 TCP4:localhost:22,fork

Now, on a machine behind a draconian firewall (you’ll need the same .pem file on both machines):

sudo socat -d -d TCP4-listen:6666,fork,cert=host.pem,verify=0

You can use the tunnel to connect to the target machine via ssh:

ssh -p 6666 user@localhost

You can also tunnel traffic through the socat tunnel:

ssh -ND 9999 user@localhost -p 6666

Port 9999 is now set up to tunnel all traffic as if coming from the non-firewalled machine.



How to generate a .pem file (self-signed cert):

No comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment