# Setup the service
curl -sSL https://gist.githubusercontent.com/VibroAxe/80d55cc32b5c3290d7ee8b44b9d9a8cd/raw/[email protected] | \
sudo tee /etc/systemd/system/[email protected]
sudo useradd -g nogroup -s /bin/false -m autossh
sudo -u autossh mkdir -p /home/autossh/.ssh # and copy your private key here
sudo -u autossh ssh-keygen -t ed25519 # Generate a new private key
# For each host
curl -sSL https://gist.githubusercontent.com/VibroAxe/80d55cc32b5c3290d7ee8b44b9d9a8cd/raw/autossh@example | \
sudo tee /etc/default/autossh@example
# Add the hostname and forwards to /etc/default/autossh@example
sudo vi /etc/default/autossh@example
sudo -u autossh ssh example.com # just make sure to add your host to `known_hosts`
sudo -u autossh ssh-copy-id example.com # copy the autossh key to the remote host
# ready to go!
systemctl start [email protected]
systemctl status [email protected]
journalctl -fu autossh@example
Forked from ttimasdf/00-Systemd_service_for_autossh.md
Last active
June 30, 2023 08:47
-
-
Save VibroAxe/80d55cc32b5c3290d7ee8b44b9d9a8cd to your computer and use it in GitHub Desktop.
Systemd service for autossh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Unit] | |
Description=Keeps an ssh tunnel to %I open | |
After=network-online.target ssh.service | |
[Service] | |
User=autossh | |
# no monitoring | |
Environment="AUTOSSH_PORT=0" | |
# Disable gatetime behaviour | |
Environment="AUTOSSH_GATETIME=0" | |
Environment="SSH_IDENTITY_FILE=/home/autossh/.ssh/id_rsa" | |
Environment="SSH_USER=autossh" | |
EnvironmentFile=/etc/default/autossh@%i | |
RestartSec=3 | |
Restart=always | |
# -NT Just open the connection and do nothing (not interactive, no tty alloc) | |
# use /usr/bin/ssh instead of autossh is good as well | |
ExecStart=/usr/bin/autossh -NT -o "ExitOnForwardFailure=yes" $SSH_OPTIONS -l ${SSH_USER} ${TARGET_HOST} $FORWARDS -i ${SSH_IDENTITY_FILE} | |
TimeoutStopSec=10 | |
[Install] | |
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Options for [email protected] | |
# Place it at /etc/default | |
# Save all your credential/user/port related config in ~/.ssh/config is strongly recommanded | |
# Leave hostname here only | |
TARGET_HOST=exmaple.com | |
# -L LOCALPORT:IP_ON_EXAMPLE_COM:PORT_ON_EXAMPLE_COM | |
# can set multiple forwardings here | |
FORWARDS=-R 2223:127.0.0.1:22 | |
# === Settings below for ADVANCED users only === | |
SSH_OPTIONS=-o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" | |
SSH_USER=autossh | |
AUTOSSH_PORT=0 | |
AUTOSSH_GATETIME=0 | |
SSH_IDENTITY_FILE=/home/autossh/.ssh/id_ed25519 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment