Greg Freemyer wrote:
On Mon, Jun 3, 2013 at 10:51 AM, Per Jessen
wrote: Greg Freemyer wrote:
Per Jessen
wrote: Greg Freemyer wrote:
=== Details for myself or others that want to do this:
autossh is designed to let you setup a reverse tunnel. That way I can have a machine behind a NAT firewall expose ssh by tunneling it through a server on the internet.
You've probably thought of this already, but you could also achieve thiswith a simple DNAT rule on the firewall.
This is at my parents 2nd house in the mountains. The ISP seems to firewall off the inbound ports altogether so autossh seems like a better approach given that I do have a place to tunnel thru.
Okay, I see. ISTR there is a way to do this with 'plain' ssh? Something about the -R option? Try googling "ssh tunnel reverse".
You are correct, but ssh by itself is not reliable. If it dies and your box is remote, you have to go make a site visit. No fun if it is a 2-hour drive.
Being a top notch admin like you are, you might write a monitor application to invoke ssh with the -R option and make sure it stayed up. Being a man who likes simple names, you might call the wrapper autossh.
I would personally be tempted to start with something like this: while true do mail-to-myself "ssh had to be restarted" ssh <whatever options you need> sleep 60 done If ssh or the network then turns out to be truly unreliable, it sounds like a job for systemd (to monitor it).
And then because you are a really competent guy, you'd write a init script to invoke autossh during boot and make that init script controllable via the YaST System Level editor.
All the above is what is in the autossh package. My trouble is that autossh itself is lightly documented and the config file for the init script seems to have no external documentation at all and I can't find evidence of anyone using it via google searches.
Got it - I didn't look closer at autossh, I wasn't aware it is about keeping ssh up. I googled it just now, and did find references to people using it: http://dennis-wisnia.de/wordpress/2011/05/ein-ssh-tunnel-mit-autossh/ http://www.debianadmin.com/autossh-automatically-restart-ssh-sessions-and-tu... http://linuxaria.com/howto/permanent-ssh-tunnels-with-autossh?lang=en http://www.debianroot.de/server/mysql-ssh-tunnel-mit-autossh-1165.html Maybe they'll be able to get you going. -- Per Jessen, Zürich (10.4°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org