-
-
Save ntrepid8/0af12c012dd2567c800799d86eb44f90 to your computer and use it in GitHub Desktop.
| [Unit] | |
| Description=AutoSSH reverse tunnel service for jump.you.io 100022 -> 22 | |
| After=network.target | |
| [Service] | |
| Environment="AUTOSSH_GATETIME=0" | |
| ExecStart=/usr/bin/autossh -M 0 -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NR 10022:127.0.0.1:22 [email protected] -i /home/root/.ssh/id_rsa | |
| [Install] | |
| WantedBy=multi-user.target |
My inspiration for this reverse tunnel came from the standard tunnel in this example:
Looks like for this to work after a restart the following lines need to be added to to the ~/.profile file:
ecryptfs-mount-private
cd "$HOME"
To enable to service unit in systemd do the following:
$ sudo systemctl daemon-reload
$ systemctl start autossh-jump-rtunnel.service
$ systemctl enable autossh-jump-rtunnel.service
I've munged something based on this, though I'm using /root/.ssh/config to manage most of the connection options. I ran into some trouble because I had left the -f option on the autossh command I'd been running manually before. Removing that fixed it. My line is ExecStart=/usr/bin/autossh -M 0 -NT tunnel. I have this all set up because I am tunneling through a bastion host to get to the actual machine I want to port forward from.
As https://unix.stackexchange.com/a/379991/47775 mentioned you could change the After target with network-online.target
Place this file at:
Also don't forget to generate a key-pair for
rootand put the public key in theauthorized_keysfile on the jump box.