Skip to content

The-Compiler/sshtunnel

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

90 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

sshtunnel

An utility to manage ssh tunnel connections easily via systemd.

Packages

Setting up new tunnels

First read /etc/sshtunnel.conf, understand it, and configure your new tunnel there.

Tunnels are run as the user sshtunnel. In order for sshtunnel to work, you’ll need to set up key-based authentication without a passphrase. Because of security concerns, you’re highly advised to create a new user with the shell set to /bin/false on the server:

# mkdir /var/lib/sshtunnel
# groupadd -r sshtunnel
# useradd -r -g sshtunnel -d /var/lib/sshtunnel -s /bin/false -c sshtunnel sshtunnel
# chown sshtunnel:sshtunnel /var/lib/sshtunnel

On the client, generate a new key with an empty passphrase like this:

# sshtunnel ssh-keygen

Then copy the echoed key by hand to /var/lib/sshtunnel/.ssh/authorized_keys.

Now open a test-connection to the tunnel to accept the host key:

# sshtunnel test <name>

Note this will call x11-ssh-askpass because ssh isn’t controlling the terminal.

If you’re not running X, you might want to do this by hand:

# su sshtunnel -s /bin/bash
$ ssh sshtunnel@example.com exit

When you finished the setup procedure, you can now start the tunnel using sshtunnel, and then view its status:

# sshtunnel start <name>
# sshtunnel status <name>

Support

Feel free to mail me at sshtunnel@the-compiler.org for any questions.

About

Managing of ssh tunnels via systemd

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages