Difference between revisions of "Secure Tunnel Service"
Jump to navigation
Jump to search
(Created page with "Here's a simple ssh based way setup a remote tunnel to a server. root@retropie:~# cat /etc/systemd/system/secure-tunnel@.service [Unit] Description=Setup a secure tunnel t...") |
|||
| Line 7: | Line 7: | ||
[Service] | [Service] | ||
| − | + | ExecStart=/usr/bin/ssh -NT -F /etc/default/secure-tunnel.config %i | |
| − | |||
| − | ExecStart=/usr/bin/ssh -NT -F /etc/default/secure-tunnel.config | ||
# Restart every >2 seconds to avoid StartLimitInterval failure | # Restart every >2 seconds to avoid StartLimitInterval failure | ||
| Line 18: | Line 16: | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
| − | |||
| − | |||
| − | |||
root@retropie:~# cat /etc/default/secure-tunnel.config | root@retropie:~# cat /etc/default/secure-tunnel.config | ||
Host keekles | Host keekles | ||
HostName keekles.org | HostName keekles.org | ||
| − | User | + | User |
| − | IdentityFile / | + | IdentityFile /root/.ssh/id_ed25519 |
| − | RemoteForward | + | RemoteForward 34500 127.0.0.1:22 |
ServerAliveInterval 60 | ServerAliveInterval 60 | ||
ExitOnForwardFailure yes | ExitOnForwardFailure yes | ||
| + | |||
| + | systemctl enable secure-tunnel@keekles.service | ||
| + | systemctl status secure-tunnel@keekles.service | ||
Revision as of 03:07, 10 January 2025
Here's a simple ssh based way setup a remote tunnel to a server.
root@retropie:~# cat /etc/systemd/system/secure-tunnel@.service
[Unit]
Description=Setup a secure tunnel to %I
After=network.target
[Service]
ExecStart=/usr/bin/ssh -NT -F /etc/default/secure-tunnel.config %i
# Restart every >2 seconds to avoid StartLimitInterval failure
RestartSec=5
Restart=always
[Install]
WantedBy=multi-user.target
root@retropie:~# cat /etc/default/secure-tunnel.config
Host keekles
HostName keekles.org
User
IdentityFile /root/.ssh/id_ed25519
RemoteForward 34500 127.0.0.1:22
ServerAliveInterval 60
ExitOnForwardFailure yes
systemctl enable secure-tunnel@keekles.service
systemctl status secure-tunnel@keekles.service
