Create a template service file at /etc/systemd/system/secure-tunnel@.service
. The template parameter will correspond to the name
of target host:
[Unit]
Description=Setup a secure tunnel to %I
After=network.target
[Service]
Environment="LOCAL_ADDR=localhost"
EnvironmentFile=/etc/default/secure-tunnel@%i
ExecStart=/usr/bin/ssh -NT -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -L ${LOCAL_ADDR}:${LOCAL_PORT}:localhost:${REMOTE_PORT} ${TARGET}
# Restart every >2 seconds to avoid StartLimitInterval failure
RestartSec=5
Restart=always
[Install]
WantedBy=multi-user.target
We need a configuration file (inside /etc/default
) for each target host we will be creating tunnels for. For example, let's assume we want to tunnel to a host named jupiter
(probably aliased in /etc/hosts
). Create the file at /etc/default/secure-tunnel@jupiter
:
TARGET=jupiter
LOCAL_ADDR=0.0.0.0
LOCAL_PORT=20022
REMOTE_PORT=22
Note that for the above to work we need to have allready setup a password-less SSH login to target (e.g. by giving access to a non-protected private key).
Now we can start the service instance:
systemctl start secure-tunnel@jupiter.service
systemctl status secure-tunnel@jupiter.service
Or enable it, so it get's started at boot time:
systemctl enable secure-tunnel@jupiter.service
Hi, i am using the version that uses the /etc/default/secure-tunnel.config file and able to get connection when i run the command from shell. But when i try to start it from systemctl (on a Debian 9 system), i receive a failed response as follow:
● secure-tunnel@ackt0.service - Setup a secure tunnel to ackt0
Loaded: loaded (/etc/systemd/system/secure-tunnel@.service; disabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Wed 2020-04-01 14:51:07 UTC; 1s ago
Process: 10744 ExecStart=/usr/bin/ssh -F /etc/default/secure-tunnel.config -NT ackt0 (code=exited, status=255)
Main PID: 10744 (code=exited, status=255)
Apr 01 14:51:07 pfmw-traveller1 systemd[1]: secure-tunnel@ackt0.service: Unit entered failed state.
Apr 01 14:51:07 pfmw-traveller1 systemd[1]: secure-tunnel@ackt0.service: Failed with result 'exit-code'.
Does someone can help me to figure out what this status 255 means? Thanks.