auto start a reverse ssh tunnel on system startup

Question

I am have a remote machine behind a firewall that I wish to connect to through SSH. As far as I understand this can be achieved by using a reverse ssh tunnel.

So the command I am using is

ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa.pub  username@remote-server.com

My main problem is that I want to execute this command whenever the computer starts so that the computer is accessible after a reboot.

I tried to use cron by adding the command both my user's crontab and in /etc/cron. However the problem I have is that both commands are asked for a password. I have created the id_rsa.pub file and sent it to the remote-server but still it does not seem to work.

If I am logged in (e.g. through teamviewer) I can run the command and no password is asked. If I run the command as root (sudo) the (empty) password for the rsa file is asked. I suspect that my problem is here, i.e., when cron executes the command ssh asks for the password and the command hangs.

I have tried using both my user's rsa file and the root's rsa file and with none of them I manage to connect.

score 4 · Answer 1 · edited Jun 24 '22 at 11:03

4

Just add 'sleep 60;' before your ssh command:

@reboot sleep 60;ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com

After reboot your network is still down.

edited Jun 24 '22 at 11:03

Cellcon

155

answered Mar 16 '17 at 13:52

Oskar Niedam

41

score 3 · Accepted Answer · answered Oct 22 '19 at 22:31

3

After combining multiple sources, I created a service to auto start the reverse ssh channel. The configuration files and the necessary steps are found in this repository

answered Oct 22 '19 at 22:31

orestis

1,408

score 2 · Answer 3 · answered Oct 21 '19 at 20:23

2

A better solution may be autossh:

"autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic."

As the quote says, this has the added benefit of providing 'always on' capabilities.

answered Oct 21 '19 at 20:23

Greywood

21

I've been using autossh, but it seems to only restart the connection after network trouble, not system reboots on the machine running the tunnel. – Alexander Otavka Dec 05 '22 at 18:40
True. The autossh connection needs to be started at boot by systemd so it's technically not an answer to the question. Here is a post on how to start an autossh enabled tunnel as a systemctl service: https://askubuntu.com/questions/947841/start-autossh-on-system-startup – Greywood Dec 07 '22 at 02:44

score 1 · Answer 4 · answered Apr 15 '16 at 20:08

Fixing SSH problem

You can't authenticate remote machine with public key, you need to use private key to do that. Public key has to be at remote server. If you're not sure, then just copy public key to remote server like that:

ssh-copy-id -i ~/.ssh/id_rsa.pub username@remoteserver

and then run your command with private key:

ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com

Running this command at boot-up

As you went already with crontab then run crontab -e to edit your cron. Add following line to execute that command once your computer boots up.

@reboot ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com

the command works if I run it manually. It does not run when I try to run it automatically. — orestis, Apr 22 '16 at 16:47
I had the same problem, adding sleep 60 as described above solved it. — Nickpick, Dec 05 '17 at 20:10

auto start a reverse ssh tunnel on system startup

4 Answers4

Linked