Keeping SSH Tunnels Open Reliably

A (reverse) SSH tunnel can help you being reachable from outside a NATed network or behind a firewall. Keeping the tunnel open when your IP address changes or Internet connection is shaky can be taken care of by autossh. See below for the instructions.

Installation

On Ubuntu / Debian:

sudo apt-get update && sudo apt-get install autossh

On Arch Linux:

sudo pacman -S autossh

On Mac OS X:

brew install autossh

Usage

Let's suppose you want to use a reverse tunnel using SSH with a command such as

ssh user@some-host.com -R 5022:localhost:22

So instead you should type the following (where -M 5122 is a port on the remote machine that autossh uses to monitor the connection):

autossh -M 5122 -N -R 5022:localhost:22 user@some-host.com

or let autossh rely on the built in connection monitoring capabilities of SSH; also start autossh as a daemon (-f) which only works if you have your SSH key on the remote machine:

autossh -f -M 0 -q -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 5022:localhost:22 user@some-host.com

To tell autossh manually that you want it to re-establish the SSH connection, run

kill -SIGUSR1 `pgrep autossh`

To kill autossh you can run

kill `pgrep autossh`

autossh + ssh + screen = super rad perma-sessions on commandlinefu.com:

AUTOSSH_POLL=1 autossh -M 21010 hostname -t 'screen -Dr'

Resources

Comments