6

I am have a remote machine behind a firewall that I wish to connect to through SSH. As far as I understand this can be achieved by using a reverse ssh tunnel.

So the command I am using is 

ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa.pub  username@remote-server.com

My main problem is that I want to execute this command whenever the computer starts so that the computer is accessible after a reboot.

I tried to use cron by adding the command both my user's crontab and in /etc/cron. However the problem I have is that both commands are asked for a password. I have created the id_rsa.pub file and sent it to the remote-server but still it does not seem to work.

If I am logged in (e.g. through teamviewer) I can run the command and no password is asked. If I run the command as root (sudo) the (empty) password for the rsa file is asked. I suspect that my problem is here, i.e., when cron executes the command ssh asks for the password and the command hangs.

I have tried using both my user's rsa file and the root's rsa file and with none of them I manage to connect.

Jakuje
  • 6,505
  • 7
  • 30
  • 37
orestis
  • 1,398
  • 3
  • 12
  • 18

4 Answers4

4

Just add 'sleep 60;' before your ssh command:

@reboot sleep 60;ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com

After reboot your network is still down.

Cellcon
  • 155
  • 10
Oskar Niedam
  • 41
  • 2
3

After combining multiple sources, I created a service to auto start the reverse ssh channel. The configuration files and the necessary steps are found in this repository

orestis
  • 1,398
  • 3
  • 12
  • 18
2

A better solution may be autossh:

"autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic."

As the quote says, this has the added benefit of providing 'always on' capabilities.

Greywood
  • 21
  • 1
  • I've been using autossh, but it seems to only restart the connection after network trouble, not system reboots on the machine running the tunnel. – Alexander Otavka Dec 05 '22 at 18:40
  • True. The autossh connection needs to be started at boot by systemd so it's technically not an answer to the question. Here is a post on how to start an autossh enabled tunnel as a systemctl service: [https://askubuntu.com/questions/947841/start-autossh-on-system-startup](https://askubuntu.com/questions/947841/start-autossh-on-system-startup) – Greywood Dec 07 '22 at 02:44
1

Fixing SSH problem

You can't authenticate remote machine with public key, you need to use private key to do that. Public key has to be at remote server. If you're not sure, then just copy public key to remote server like that:

ssh-copy-id -i ~/.ssh/id_rsa.pub username@remoteserver

and then run your command with private key:

ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com

Running this command at boot-up

As you went already with crontab then run crontab -e to edit your cron. Add following line to execute that command once your computer boots up.

@reboot ssh -N -f -R 0.0.0.0:1234:localhost:22  -i /home/username/.ssh/id_rsa  username@remote-server.com
Gen
  • 923
  • 7
  • 12