Start autossh on system startup
Using systemd this can be done (sample autossh created for mysql access):
-
Create a systemd file using
nanoorvimor appropriate editor of choice:sudo vim /etc/systemd/system/autossh-mysql-tunnel.service -
Add the following contents:
[Unit] Description=AutoSSH tunnel service everythingcli MySQL on local port 5000 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NL 5000:localhost:3306 [email protected] -p 1022 [Install] WantedBy=multi-user.target -
Reload
systemd:sudo systemctl daemon-reload -
Start the
Autosshservice:sudo systemctl start autossh-mysql-tunnel.service -
Enable at
boot:sudo systemctl enable autossh-mysql-tunnel.service -
Check status with:
sudo systemctl status autossh-mysql-tunnel
Note
There is however an important thing to note about systemd and AutoSSH: -f (background usage) already implies
AUTOSSH_GATETIME=0, however-fis not supported bysystemd.
So in the case of systemd you need to make use of AUTOSSH_GATETIME
Source
- https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/
- https://www.freedesktop.org/software/systemd/man/systemd.service.html
Related videos on Youtube
08 : 16
03 : 37
07 : 13
02 : 11
11 : 46
ptf
Updated on September 18, 2022Comments
-
ptf over 1 year
Is there any way to start
autosshon startup, so that it starts and sets up the ssh tunnel before a user has even logged in? I boot Ubuntu to terminal, and I'd like that theautosshprocess starts automatically on startup so I can ssh in.I've tried adding the command to
/etc/rc.local, as well as to create a/etc/init/*.confscript. None of these seems to work. -
ptf over 6 yearsThanks! I'm trying this, but when I run
sudo service reverse-ssh-tunnel.service status, I getLoaded: not-found (Reason: No such file or directory). Researching this now :) -
George Udosen over 6 yearsplease dosudo systemctl status reverse-ssh-tunnelnotsudo service reverse-ssh-tunnel.service status -
ptf over 6 yearsCan I specify the SSL private key needed to authenticate with the other machine?
-
George Udosen over 6 yearsI believe you mean
autossh -i /home/<user>/.ssh/id_rsa -R 22222:localhost:22 <user>@<remote_host> -
ptf over 6 yearsI needed to add
-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=noas well. Maybe I just need one of them, haven't tested them individually. Found this here: stackoverflow.com/a/24689061/1211119. However, when I'm looking at the tty1 login screen (I boot to the terminal), the service hasn't yet created the tunnel. If I log in, the service starts. -
Gabriel over 6 yearsGreat answer. @ptf, thanks for commenting with the additional flags. Without those I was getting a 255 return value from ssh. Did you resolve the issue that the tunnel only initiates when you log in?
-
ptf over 6 years@Gabriel Hmm, I don't think so. I think I haven't look to much more at it.
-
friederbluemle over 5 yearsSometimes you want to run under a different user context. To do this: Add
User=usernameto the[Service]section in the systemd file. -
fullmooninu about 5 yearsWhy the "-M 0" is needed? -
Al Kasih almost 5 yearsThis is the only one which is working for my raspberry pi project among all samples I read. However, after 2 days no activity, the connection is closed. When I view it with teamviewer the pi device is still online actually. Can you figure out why and what need to be fiixed here? -
haelix almost 3 years@ptf don't add both-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no, add only-o StrictHostKeyChecking=accept-new. Not redundant and more secure.
