aboutsummaryrefslogtreecommitdiffstats
path: root/README
blob: 91303d7c9b745aeafb444bcb2c67b35c134117bf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
sshtunnel
=========

sshtunnel is an utility to manage ssh tunnel connections easily via systemd.

Setting up new tunnels
----------------------

First read /etc/sshtunnel.conf, understand it, and configure your new tunnel
there.

Tunnels are run as the user sshtunnel. In order for sshtunnel to work, you'll
need to set up key-based authentication without a passphrase. Because of
security concerns, you're highly advised to create a new user with the shell
set to /bin/false on the server:

  # mkdir /var/lib/sshtunnel
  # groupadd -r sshtunnel
  # useradd -r -g sshtunnel -d /var/lib/sshtunnel -s /bin/false -c sshtunnel sshtunnel
  # chown sshtunnel:sshtunnel /var/lib/sshtunnel

On the client, generate a new key with an empty passphrase like this:

  # sshtunnel ssh-keygen

Then copy the echoed key by hand to /var/lib/sshtunnel/.ssh/authorized_keys.

Now open a test-connection to the tunnel to accept the host key:

  # sshtunnel test <name>

Note this will call x11-ssh-askpass because it isn't controlling the terminal.
If you're not running X, you might want to do this by hand:

  # su sshtunnel -s /bin/bash
  $ ssh sshtunnel@example.com exit

When you finished the setup procedure, you can now start the tunnel using
sshtunnel, and then view its status:

 # sshtunnel start <name>
 # sshtunnel status <name>

Support
-------

Feel free to mail me at sshtunnel@the-compiler.org for any questions.