Created
January 10, 2025 19:14
-
-
Save DouglasdeMoura/e19eaec1be9e60f1469b3d35650b346f to your computer and use it in GitHub Desktop.
Connect to SSH server through VPN
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Configuration variables - modify these | |
| VPN_CONFIG="config.ovpn" # Set the path of the .ovpn file | |
| SSH_HOST="0.0.0.0" | |
| SSH_PORT="22" | |
| SSH_USER="ubuntu" | |
| LOCAL_PORT="2222" # Local port to forward SSH through | |
| # Function to check if required commands exist | |
| check_requirements() { | |
| local requirements=("openvpn" "ssh" "ip" "grep" "awk") | |
| for cmd in "${requirements[@]}"; do | |
| if ! command -v "$cmd" >/dev/null 2>&1; then | |
| echo "Error: Required command '$cmd' not found." | |
| exit 1 | |
| fi | |
| done | |
| } | |
| # Function to clean up VPN connection on script exit | |
| cleanup() { | |
| echo "Cleaning up..." | |
| if [ -f "/tmp/vpn-ssh.pid" ]; then | |
| local vpn_pid=$(cat "/tmp/vpn-ssh.pid") | |
| kill "$vpn_pid" 2>/dev/null | |
| rm -f "/tmp/vpn-ssh.pid" | |
| fi | |
| exit 0 | |
| } | |
| # Set up trap for cleanup on script termination | |
| trap cleanup EXIT INT TERM | |
| # Function to wait for VPN interface | |
| wait_for_vpn_interface() { | |
| local timeout=30 | |
| local counter=0 | |
| echo "Waiting for VPN interface to initialize..." | |
| while [ $counter -lt $timeout ]; do | |
| if ip link show | grep -q "tun[0-9]\|tap[0-9]"; then | |
| VPN_IFACE=$(ip link show | grep -o "tun[0-9]\|tap[0-9]" | head -n1) | |
| echo "Found VPN interface: $VPN_IFACE" | |
| return 0 | |
| fi | |
| echo -n "." | |
| sleep 1 | |
| counter=$((counter + 1)) | |
| done | |
| echo "Timeout waiting for VPN interface" | |
| return 1 | |
| } | |
| # Main script | |
| main() { | |
| # Check for root privileges | |
| if [ "$EUID" -ne 0 ]; then | |
| echo "Please run as root" | |
| exit 1 | |
| fi | |
| # Check for required commands | |
| check_requirements | |
| # Check if VPN config exists | |
| if [ ! -f "$VPN_CONFIG" ]; then | |
| echo "Error: VPN configuration file not found at $VPN_CONFIG" | |
| exit 1 | |
| fi | |
| # Make sure TUN module is loaded | |
| if ! lsmod | grep -q "^tun\s"; then | |
| echo "Loading TUN module..." | |
| modprobe tun | |
| fi | |
| # Check if TUN/TAP device exists, create if not | |
| if [ ! -e /dev/net/tun ]; then | |
| echo "Creating TUN/TAP device..." | |
| mkdir -p /dev/net | |
| mknod /dev/net/tun c 10 200 | |
| chmod 600 /dev/net/tun | |
| fi | |
| # Start OpenVPN in the background | |
| echo "Starting VPN connection..." | |
| openvpn --config "$VPN_CONFIG" --daemon --writepid "/tmp/vpn-ssh.pid" \ | |
| --route-nopull --script-security 2 | |
| # Wait for VPN interface to come up | |
| if ! wait_for_vpn_interface; then | |
| echo "Error: VPN interface did not come up within timeout" | |
| cleanup | |
| exit 1 | |
| fi | |
| # Set up routing for SSH server through VPN | |
| echo "Setting up routing for SSH server..." | |
| ip route add "$SSH_HOST"/32 dev "$VPN_IFACE" | |
| # Start SSH connection | |
| echo "Establishing SSH connection..." | |
| ssh -p "$SSH_PORT" -L "$LOCAL_PORT:localhost:$SSH_PORT" "$SSH_USER@$SSH_HOST" | |
| # Keep script running until SSH exits | |
| wait | |
| } | |
| # Run main function | |
| main | |
| # Cleanup will be handled by trap on exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment