yangxuan8282/README.md

## README.md

      
    Raw
  

              README.md
            
          
    PortForwarding with ssh tunnel

you need install autossh first
you can edit bash scripts then run it, or paste systemd templates to your /etc/systemd/system path, and check bash scripts to finish rest step

  
## http-tunnel.service
[Unit]
Description=Reverse tunnel for http
After=network.target

[Service]
User=pirate
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -oExitOnForwardFailure=yes \
                                -oStrictHostKeyChecking=no \
                                -oServerAliveInterval=30 \
                                -oServerAliveCountMax=2 -N -i /path/to/ssh/key -R 80:localhost:80 root@SERVER_IP -p SERVER_SSH_PORT
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target

## https_tunnel.sh
#!/bin/bash
#
# bash scripts to setup ssh tunnel, for expose 80 and 443 port to remote server with public IP
# before run this scripts, you have to edit three value in line 10-12:
# remote server root user ssh key path(absolute path) after "SSH_KEY="
# remote server ip after "SERVER_IP="
# remote server ssh port "SERVER_SSH_PORT="
# only root user on remote server can forwarding 80 && 443 port

SSH_KEY=
SERVER_IP=
SERVER_SSH_PORT=

echo "Match User root
   GatewayPorts yes" | ssh -i $SSH_KEY root@$SERVER_IP -p $SERVER_SSH_PORT "tee --append /etc/ssh/sshd_config"

ssh -f -i $SSH_KEY root@$SERVER_IP -p $SERVER_SSH_PORT "service ssh restart"

echo "[Unit]
Description=Reverse tunnel for http
After=network.target

[Service]
User=pirate
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -oExitOnForwardFailure=yes -oStrictHostKeyChecking=no -oServerAliveInterval=30 -oServerAliveCountMax=2 -N -i $SSH_KEY -R 80:localhost:80 root@$SERVER_IP -p $SERVER_SSH_PORT
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target"| sudo tee /etc/systemd/system/http-tunnel.service

echo "[Unit]
Description=Reverse tunnel for ssl
After=network.target

[Service]
User=pirate
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 65500 -oExitOnForwardFailure=yes -oStrictHostKeyChecking=no -oServerAliveInterval=30 -oServerAliveCountMax=2 -N -i $SSH_KEY -R 443:localhost:443 root@$SERVER_IP -p $SERVER_SSH_PORT
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target"| sudo tee /etc/systemd/system/ssl-tunnel.service


sudo systemctl daemon-reload
sudo systemctl start http-tunnel
sudo systemctl start ssl-tunnel
sudo systemctl status http-tunnel
sudo systemctl status ssl-tunnel
sudo systemctl enable http-tunnel
sudo systemctl enable ssl-tunnel

## ssl-tunnel.service
[Unit]
Description=Reverse tunnel for ssl
After=network.target

[Service]
User=pirate
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 65500 -oExitOnForwardFailure=yes \
                                    -oStrictHostKeyChecking=no \
                                    -oServerAliveInterval=30 \
                                    -oServerAliveCountMax=2 -N -i /path/to/ssh/key -R 443:localhost:443 root@SERVER_IP -p SERVER_SSH_PORT
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target
	[Unit]
	Description=Reverse tunnel for http
	After=network.target

	[Service]
	User=pirate
	Environment="AUTOSSH_GATETIME=0"
	ExecStart=/usr/bin/autossh -M 0 -oExitOnForwardFailure=yes \
	-oStrictHostKeyChecking=no \
	-oServerAliveInterval=30 \
	-oServerAliveCountMax=2 -N -i /path/to/ssh/key -R 80:localhost:80 root@SERVER_IP -p SERVER_SSH_PORT
	Restart=always
	RestartSec=60

	[Install]
	WantedBy=multi-user.target
	#!/bin/bash
	#
	# bash scripts to setup ssh tunnel, for expose 80 and 443 port to remote server with public IP
	# before run this scripts, you have to edit three value in line 10-12:
	# remote server root user ssh key path(absolute path) after "SSH_KEY="
	# remote server ip after "SERVER_IP="
	# remote server ssh port "SERVER_SSH_PORT="
	# only root user on remote server can forwarding 80 && 443 port

	SSH_KEY=
	SERVER_IP=
	SERVER_SSH_PORT=

	echo "Match User root
	GatewayPorts yes" \| ssh -i $SSH_KEY root@$SERVER_IP -p $SERVER_SSH_PORT "tee --append /etc/ssh/sshd_config"

	ssh -f -i $SSH_KEY root@$SERVER_IP -p $SERVER_SSH_PORT "service ssh restart"

	echo "[Unit]
	Description=Reverse tunnel for http
	After=network.target

	[Service]
	User=pirate
	Environment="AUTOSSH_GATETIME=0"
	ExecStart=/usr/bin/autossh -M 0 -oExitOnForwardFailure=yes -oStrictHostKeyChecking=no -oServerAliveInterval=30 -oServerAliveCountMax=2 -N -i $SSH_KEY -R 80:localhost:80 root@$SERVER_IP -p $SERVER_SSH_PORT
	Restart=always
	RestartSec=60

	[Install]
	WantedBy=multi-user.target"\| sudo tee /etc/systemd/system/http-tunnel.service

	echo "[Unit]
	Description=Reverse tunnel for ssl
	After=network.target

	[Service]
	User=pirate
	Environment="AUTOSSH_GATETIME=0"
	ExecStart=/usr/bin/autossh -M 65500 -oExitOnForwardFailure=yes -oStrictHostKeyChecking=no -oServerAliveInterval=30 -oServerAliveCountMax=2 -N -i $SSH_KEY -R 443:localhost:443 root@$SERVER_IP -p $SERVER_SSH_PORT
	Restart=always
	RestartSec=60

	[Install]
	WantedBy=multi-user.target"\| sudo tee /etc/systemd/system/ssl-tunnel.service


	sudo systemctl daemon-reload
	sudo systemctl start http-tunnel
	sudo systemctl start ssl-tunnel
	sudo systemctl status http-tunnel
	sudo systemctl status ssl-tunnel
	sudo systemctl enable http-tunnel
	sudo systemctl enable ssl-tunnel