Difference between revisions of "Secure Tunnel Service"
Jump to navigation
Jump to search
| Line 24: | Line 24: | ||
User | User | ||
IdentityFile /root/.ssh/id_ed25519 | IdentityFile /root/.ssh/id_ed25519 | ||
| − | RemoteForward 34500 127.0. | + | RemoteForward 34500 127.0.0.1:22 |
ServerAliveInterval 60 | ServerAliveInterval 60 | ||
ExitOnForwardFailure yes | ExitOnForwardFailure yes | ||
Latest revision as of 23:54, 17 January 2025
Here's a simple ssh based way setup a remote tunnel to a server.
root@raspberrypi:~# ssh-keygen -t ed25519
cat >/etc/systemd/system/secure-tunnel@.service <<'EOF' [Unit] Description=Setup a secure tunnel to %I After=network.target [Service] ExecStart=/usr/bin/ssh -NT -F /etc/default/secure-tunnel.config %i # Restart every >2 seconds to avoid StartLimitInterval failure RestartSec=5 Restart=always [Install] WantedBy=multi-user.target EOF
cat > /etc/default/secure-tunnel.config <<'EOF'
Host keekles
HostName keekles.org
User
IdentityFile /root/.ssh/id_ed25519
RemoteForward 34500 127.0.0.1:22
ServerAliveInterval 60
ExitOnForwardFailure yes
EOF
systemctl enable secure-tunnel@keekles.service
systemctl status secure-tunnel@keekles.service
Connecting to the remote device via the server
$ ssh bryan@127.0.0.1 -p 34500 -J keekles
