dtype.org
Log in

Difference between revisions of "Reverse ssh tunnels"

From dtype.org
(jump.sh (from initiating machine))
(/etc/systemd/system/j1.service)
Line 19: Line 19:
 
   -o UserKnownHostsFile=/dev/null \
 
   -o UserKnownHostsFile=/dev/null \
 
   -o StreamLocalBindUnlink=yes \
 
   -o StreamLocalBindUnlink=yes \
 +
  -o BatchMode=yes \
 
   -i /root/.ssh/id_rsa \
 
   -i /root/.ssh/id_rsa \
 
   -R /home/r/socks/${J1HOST}.${J1RAND}.sock:localhost:22 \
 
   -R /home/r/socks/${J1HOST}.${J1RAND}.sock:localhost:22 \

Revision as of 20:09, 1 August 2021

/etc/systemd/system/j1.service

[Unit]
Description=Service to maintain an ssh reverse tunnel
Wants=network-online.target
After=network-online.target
StartLimitIntervalSec=0

[Service]
Type=simple
Environment="J1HOST=c1"
Environment="J1RAND=0"
ExecStart=
ExecStart=/usr/bin/ssh -qNn \
  -o ServerAliveInterval=30 \
  -o ServerAliveCountMax=3 \
  -o ExitOnForwardFailure=yes \
  -o StrictHostKeyChecking=no \
  -o UserKnownHostsFile=/dev/null \
  -o StreamLocalBindUnlink=yes \
  -o BatchMode=yes \
  -i /root/.ssh/id_rsa \
  -R /home/r/socks/${J1HOST}.${J1RAND}.sock:localhost:22 \
  r@j1.alt.org
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target

authorized_keys (on jump server)

command="/bin/false",no-agent-forwarding,no-X11-forwarding,permitopen="255.255.255.255:9" ssh-rsa AAAA...

jump.sh (from initiating machine)

# for now this just grabs the first thing of this name, even if there are multiple RANDS
SOCKFILE=$(ssh root@j1.alt.org find /home/r/socks -name "${1}.*" | head -n 1)
ssh -o StrictHostKeyChecking=no \
  -o UserKnownHostsFile=/dev/null \
  -o "ProxyCommand ssh root@j1.alt.org socat - UNIX-CLIENT:${SOCKFILE}" root@junkvariable