Keeping SSH Tunnels Open Reliably

A (reverse) SSH tunnel can help you being reachable from outside a NATed network or behind a firewall. Keeping the tunnel open when your IP address changes or Internet connection is shaky can be taken care of by autossh. See below for the instructions.


On Ubuntu / Debian:

sudo apt-get update && sudo apt-get install autossh

On Arch Linux:

sudo pacman -S autossh

On Mac OS X:

brew install autossh


Let's suppose you want to use a reverse tunnel using SSH with a command such as

ssh -R 5022:localhost:22

So instead you should type the following (where -M 5122 is a port on the remote machine that autossh uses to monitor the connection):

autossh -M 5122 -N -R 5022:localhost:22

or let autossh rely on the built in connection monitoring capabilities of SSH; also start autossh as a daemon (-f) which only works if you have your SSH key on the remote machine:

autossh -f -M 0 -q -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 5022:localhost:22

To tell autossh manually that you want it to re-establish the SSH connection, run

kill -SIGUSR1 `pgrep autossh`

To kill autossh you can run

kill `pgrep autossh`

autossh + ssh + screen = super rad perma-sessions on

AUTOSSH_POLL=1 autossh -M 21010 hostname -t 'screen -Dr'