Start autossh on system startup
Using systemd
this can be done (sample autossh
created for mysql
access):
-
Create a systemd file using
nano
orvim
or appropriate editor of choice:sudo vim /etc/systemd/system/autossh-mysql-tunnel.service
-
Add the following contents:
[Unit] Description=AutoSSH tunnel service everythingcli MySQL on local port 5000 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NL 5000:localhost:3306 [email protected] -p 1022 [Install] WantedBy=multi-user.target
-
Reload
systemd
:sudo systemctl daemon-reload
-
Start the
Autossh
service:sudo systemctl start autossh-mysql-tunnel.service
-
Enable at
boot
:sudo systemctl enable autossh-mysql-tunnel.service
-
Check status with:
sudo systemctl status autossh-mysql-tunnel
Note
There is however an important thing to note about systemd and AutoSSH: -f (background usage) already implies
AUTOSSH_GATETIME=0
, however-f
is not supported bysystemd
.
So in the case of systemd
you need to make use of AUTOSSH_GATETIME
Source
- https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/
- https://www.freedesktop.org/software/systemd/man/systemd.service.html
Related videos on Youtube
ptf
Updated on September 18, 2022Comments
-
ptf over 1 year
Is there any way to start
autossh
on startup, so that it starts and sets up the ssh tunnel before a user has even logged in? I boot Ubuntu to terminal, and I'd like that theautossh
process starts automatically on startup so I can ssh in.I've tried adding the command to
/etc/rc.local
, as well as to create a/etc/init/*.conf
script. None of these seems to work. -
ptf over 6 yearsThanks! I'm trying this, but when I run
sudo service reverse-ssh-tunnel.service status
, I getLoaded: not-found (Reason: No such file or directory)
. Researching this now :) -
George Udosen over 6 yearsplease do
sudo systemctl status reverse-ssh-tunnel
notsudo service reverse-ssh-tunnel.service status
-
ptf over 6 yearsCan I specify the SSL private key needed to authenticate with the other machine?
-
George Udosen over 6 yearsI believe you mean
autossh -i /home/<user>/.ssh/id_rsa -R 22222:localhost:22 <user>@<remote_host>
-
ptf over 6 yearsI needed to add
-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
as well. Maybe I just need one of them, haven't tested them individually. Found this here: stackoverflow.com/a/24689061/1211119. However, when I'm looking at the tty1 login screen (I boot to the terminal), the service hasn't yet created the tunnel. If I log in, the service starts. -
Gabriel over 6 yearsGreat answer. @ptf, thanks for commenting with the additional flags. Without those I was getting a 255 return value from ssh. Did you resolve the issue that the tunnel only initiates when you log in?
-
ptf over 6 years@Gabriel Hmm, I don't think so. I think I haven't look to much more at it.
-
friederbluemle over 5 yearsSometimes you want to run under a different user context. To do this: Add
User=username
to the[Service]
section in the systemd file. -
fullmooninu about 5 yearsWhy the "-M 0" is needed?
-
Al Kasih almost 5 yearsThis is the only one which is working for my raspberry pi project among all samples I read. However, after 2 days no activity, the connection is closed. When I view it with teamviewer the pi device is still online actually. Can you figure out why and what need to be fiixed here?
-
haelix almost 3 years@ptf don't add both
-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
, add only-o StrictHostKeyChecking=accept-new
. Not redundant and more secure.