Skip to content

Instantly share code, notes, and snippets.

Forked from thomasfr/autossh.service
Last active May 6, 2024 02:21
Show Gist options
  • Save ttimasdf/ef739670ac5d627981c5695adf4c8f98 to your computer and use it in GitHub Desktop.
Save ttimasdf/ef739670ac5d627981c5695adf4c8f98 to your computer and use it in GitHub Desktop.
Systemd service for autossh


curl -sSL | \
  sudo tee /etc/default/autossh@example
curl -sSL | \
  sudo tee /etc/systemd/system/autossh@.service

sudo useradd -g nogroup -s /bin/false -m tunnel
sudo -u tunnel mkdir -p ~tunnel/.ssh  # and copy your private key here
sudo -u tunnel nano ~tunnel/.ssh/config  # add host and key configs here
sudo -u tunnel ssh  # just make sure to add your host to `known_hosts`

# Add the hostname and forwards to /etc/default/autossh@example
sudo nano /etc/default/autossh@example
# ready to go!
systemctl start autossh@example.service

systemctl status autossh@example.service
journalctl -fu autossh@example
Description=Keeps an ssh tunnel to %I open ssh.service
# no monitoring
# Disable gatetime behaviour
# -NT Just open the connection and do nothing (not interactive, no tty alloc)
# use /usr/bin/ssh instead of autossh is good as well
ExecStart=/usr/bin/autossh -NT -o "ExitOnForwardFailure=yes" $SSH_OPTIONS ${TARGET_HOST} $FORWARDS
# Options for autossh@host1.service
# Place it at /etc/default
# Save all your credential/user/port related config in ~/.ssh/config is strongly recommanded
# Leave hostname here only
# can set multiple forwardings here
# === Settings below for ADVANCED users only ===
SSH_OPTIONS=-o "ServerAliveInterval=10" -o "ServerAliveCountMax=3"
Copy link

arno01 commented Sep 15, 2018

Useful, thank you!

Copy link

dotWee commented Apr 29, 2019

Basic and functional, thanks for sharing!

Copy link

@ttimasdf nice unit file, great improvements on the original with multiple hosts. Exactly what I was looking for!

I'm not so keen on setting the key / identity parameters with .ssh/config rather than etc/default as it just means another file to remember to edit. I tweaked yours slightly in to add SSH_USER and SSH_IDENTITY_FILE parameters to the env

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment