Skip to content

Instantly share code, notes, and snippets.

@thomasfr

thomasfr/autossh.service

Last active January 5, 2024 08:11
Show Gist options
  • Save thomasfr/9707568 to your computer and use it in GitHub Desktop.
Save thomasfr/9707568 to your computer and use it in GitHub Desktop.
Download ZIP
Systemd service for autossh
Raw
autossh.service
[Unit]
Description=Keeps a tunnel to 'remote.example.com' open
After=network.target
[Service]
User=autossh
# -p [PORT]
# -l [user]
# -M 0 --> no monitoring
# -N Just open the connection and do nothing (not interactive)
# LOCALPORT:IP_ON_EXAMPLE_COM:PORT_ON_EXAMPLE_COM
ExecStart=/usr/bin/autossh -M 0 -N -q -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -p 22 -l autossh remote.example.com -L 7474:127.0.0.1:7474 -i /home/autossh/.ssh/id_rsa
[Install]
WantedBy=multi-user.target
@mikkorantalainen
Copy link

mikkorantalainen commented Mar 22, 2023
edited

For completeness, you should also add:

ExecStop=kill -9 autossh

Without it systemctl stop autossh won't do anything.

I think it would be better idea to add

KillMode=control-group

to the .service file because that will kill everything that was started (recursively) and nothing more. In addition, it will first send SIGTERM and use SIGKILL only if the process will not stop nicely.

If you randomly kill one or all autossh processes in the system, you might kill more than expected if autossh is used for other stuff, too.

See https://www.freedesktop.org/software/systemd/man/systemd.kill.html#KillMode= for details

@MestreLion
Copy link

MestreLion commented Jun 16, 2023
edited

@jotakar :

What I see is that service stop autossh every few minutes, why? where is the error?

Don't use -f when using autossh as a systemd simple service. It will fork autossh (put in the background) and confuse systemd into thinking it ended.

@ScumCoder

Of course you do, without it autossh will give up if the very first connection attempt fails.

Systemd's Restart=always and RestartSec=60 can take care of that. You usually want autossh to fail fast if it can't do the first connection, as it usually means misconfiguration or authentication issues, and giving up after first attempt helps highlighting that on the journalctl logs.

@stokito
Copy link

stokito commented Jul 4, 2023

JFYI: I created an SSH tunnel SystemD service that works without the autossh github.com/yurt-page/sshtunnel

@zhangw
Copy link

zhangw commented Dec 31, 2023

@jotakar :

What I see is that service stop autossh every few minutes, why? where is the error?

Don't use -f when using autossh as a systemd simple service. It will fork autossh (put in the background) and confuse systemd into thinking it ended.

@ScumCoder

Of course you do, without it autossh will give up if the very first connection attempt fails.

Systemd's Restart=always and RestartSec=60 can take care of that. You usually want autossh to fail fast if it can't do the first connection, as it usually means misconfiguration or authentication issues, and giving up after first attempt helps highlighting that on the journalctl logs.

Yes, I just remove the '-f' option, it seems fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment