Follow this tutorial until step five-ish
If the test does not work because of "public key" issues, run sudo passwd sshtunnel
on the server to change the password of the user. (If sudo tail -f /var/log/auth.log
says the account is locked, this will be the issue.)
authorized_keys
should look a little like:
no-agent-forwarding,no-user-rc,no-X11-forwarding,no-pty,command="/bin/echo do-not-send-commands" ssh-rsa KEYHERE
sudo vi /etc/systemd/system/autossh-ssh-tunnel.service
- Add this to the contents (replacing
SERVERHERE
appropriately):[Unit] Description=AutoSSH reverse ssh tunnel After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -vNR 2201:localhost:22 SERVERHERE User=sshtunnel [Install] WantedBy=multi-user.target
systemctl daemon-reload
to tell systemd we've changed the configsystemctl start autossh-mysql-tunnel.service
to start the servicesystemctl stop autossh-mysql-tunnel.service
to stop the servicesystemctl status autossh-mysql-tunnel.service
to check the status of the servicesystemctl enable autossh-mysql-tunnel.service
to ensure the service starts on boot