curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/autossh@host1 | \
sudo tee /etc/default/autossh@example
curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/[email protected] | \
sudo tee /etc/systemd/system/[email protected]
sudo useradd -g nogroup -s /bin/false -m tunnel
sudo -u tunnel mkdir -p ~tunnel/.ssh # and copy your private key here
sudo -u tunnel nano ~tunnel/.ssh/config # add host and key configs here
sudo -u tunnel ssh example.com # just make sure to add your host to `known_hosts`
# Add the hostname and forwards to /etc/default/autossh@example
sudo nano /etc/default/autossh@example
# ready to go!
systemctl start [email protected]
systemctl status [email protected]
journalctl -fu autossh@example
-
-
Save ttimasdf/ef739670ac5d627981c5695adf4c8f98 to your computer and use it in GitHub Desktop.
Systemd service for autossh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Keeps an ssh tunnel to %I open | |
| After=network-online.target ssh.service | |
| [Service] | |
| User=tunnel | |
| # no monitoring | |
| Environment="AUTOSSH_PORT=0" | |
| # Disable gatetime behaviour | |
| Environment="AUTOSSH_GATETIME=0" | |
| EnvironmentFile=/etc/default/autossh@%i | |
| RestartSec=3 | |
| Restart=always | |
| # -NT Just open the connection and do nothing (not interactive, no tty alloc) | |
| # use /usr/bin/ssh instead of autossh is good as well | |
| ExecStart=/usr/bin/autossh -NT -o "ExitOnForwardFailure=yes" $SSH_OPTIONS ${TARGET_HOST} $FORWARDS | |
| TimeoutStopSec=10 | |
| [Install] | |
| WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Options for [email protected] | |
| # Place it at /etc/default | |
| # Save all your credential/user/port related config in ~/.ssh/config is strongly recommanded | |
| # Leave hostname here only | |
| TARGET_HOST=remote.example.com | |
| # -L LOCALPORT:IP_ON_EXAMPLE_COM:PORT_ON_EXAMPLE_COM | |
| # can set multiple forwardings here | |
| FORWARDS=-L 7474:127.0.0.1:7474 | |
| # === Settings below for ADVANCED users only === | |
| SSH_OPTIONS=-o "ServerAliveInterval=10" -o "ServerAliveCountMax=3" | |
| AUTOSSH_PORT=0 | |
| AUTOSSH_GATETIME=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@ttimasdf nice unit file, great improvements on the original with multiple hosts. Exactly what I was looking for!
I'm not so keen on setting the key / identity parameters with .ssh/config rather than etc/default as it just means another file to remember to edit. I tweaked yours slightly in https://gist.github.com/VibroAxe/80d55cc32b5c3290d7ee8b44b9d9a8cd to add
SSH_USERandSSH_IDENTITY_FILEparameters to the env