Difference between revisions of "Secure Tunnel Service"
Jump to navigation
Jump to search
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
Here's a simple ssh based way setup a remote tunnel to a server. | Here's a simple ssh based way setup a remote tunnel to a server. | ||
| − | root@ | + | root@raspberrypi:~# ssh-keygen -t ed25519 |
| + | |||
| + | cat >/etc/systemd/system/secure-tunnel@.service <<'EOF' | ||
[Unit] | [Unit] | ||
Description=Setup a secure tunnel to %I | Description=Setup a secure tunnel to %I | ||
| Line 15: | Line 17: | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
| − | + | EOF | |
| − | + | ||
| − | + | cat > /etc/default/secure-tunnel.config <<'EOF' | |
Host keekles | Host keekles | ||
HostName keekles.org | HostName keekles.org | ||
| Line 25: | Line 27: | ||
ServerAliveInterval 60 | ServerAliveInterval 60 | ||
ExitOnForwardFailure yes | ExitOnForwardFailure yes | ||
| + | EOF | ||
systemctl enable secure-tunnel@keekles.service | systemctl enable secure-tunnel@keekles.service | ||
Latest revision as of 23:54, 17 January 2025
Here's a simple ssh based way setup a remote tunnel to a server.
root@raspberrypi:~# ssh-keygen -t ed25519
cat >/etc/systemd/system/secure-tunnel@.service <<'EOF' [Unit] Description=Setup a secure tunnel to %I After=network.target [Service] ExecStart=/usr/bin/ssh -NT -F /etc/default/secure-tunnel.config %i # Restart every >2 seconds to avoid StartLimitInterval failure RestartSec=5 Restart=always [Install] WantedBy=multi-user.target EOF
cat > /etc/default/secure-tunnel.config <<'EOF'
Host keekles
HostName keekles.org
User
IdentityFile /root/.ssh/id_ed25519
RemoteForward 34500 127.0.0.1:22
ServerAliveInterval 60
ExitOnForwardFailure yes
EOF
systemctl enable secure-tunnel@keekles.service
systemctl status secure-tunnel@keekles.service
Connecting to the remote device via the server
$ ssh bryan@127.0.0.1 -p 34500 -J keekles
