Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
AutoSSH reverse tunnel service config for systemd
[Unit]
Description=AutoSSH reverse tunnel service for jump.you.io 100022 -> 22
After=network.target
[Service]
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NR 10022:127.0.0.1:22 user@jump.you.io -i /home/root/.ssh/id_rsa
[Install]
WantedBy=multi-user.target
@ntrepid8

This comment has been minimized.

Copy link
Owner Author

@ntrepid8 ntrepid8 commented Oct 7, 2016

Place this file at:

/etc/systemd/system/autossh-jump-rtunnel.service

Also don't forget to generate a key-pair for root and put the public key in the authorized_keys file on the jump box.

@ntrepid8

This comment has been minimized.

Copy link
Owner Author

@ntrepid8 ntrepid8 commented Oct 7, 2016

My inspiration for this reverse tunnel came from the standard tunnel in this example:

@ntrepid8

This comment has been minimized.

Copy link
Owner Author

@ntrepid8 ntrepid8 commented Oct 13, 2016

Looks like for this to work after a restart the following lines need to be added to to the ~/.profile file:

ecryptfs-mount-private
cd "$HOME"
@ntrepid8

This comment has been minimized.

Copy link
Owner Author

@ntrepid8 ntrepid8 commented May 1, 2017

To enable to service unit in systemd do the following:

$ sudo systemctl daemon-reload
$ systemctl start autossh-jump-rtunnel.service
$ systemctl enable autossh-jump-rtunnel.service
@Iiridayn

This comment has been minimized.

Copy link

@Iiridayn Iiridayn commented Feb 8, 2018

I've munged something based on this, though I'm using /root/.ssh/config to manage most of the connection options. I ran into some trouble because I had left the -f option on the autossh command I'd been running manually before. Removing that fixed it. My line is ExecStart=/usr/bin/autossh -M 0 -NT tunnel. I have this all set up because I am tunneling through a bastion host to get to the actual machine I want to port forward from.

@phgachoud

This comment has been minimized.

Copy link

@phgachoud phgachoud commented Feb 18, 2019

As https://unix.stackexchange.com/a/379991/47775 mentioned you could change the After target with network-online.target

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.