PROCESS=`/bin/ps -auxf | /bin/grep "2345:localhost"` || true # Run through cron on the work machine initiating The tunnel ssh command to setup the tunnel as a background process (ssh If the string is notįound, then the tunnel is assumed to not be running and the script will execute "12345:localhost" in the work system's process list. Simply checks for the existence of the tunnel by looking for the string Edit the script to make sure the if-then sshĬommand and all paths to the binaries are correct for your system. You want the tunnel setup again when the connection is dropped we can use aįirst, setup an ssh key without a passphrase to initiate an ssh connectionįrom work to your home ssh-copy-id copy the following script we will call "ssh_reverse_tunnel_monitor.sh"Īnd make the script executable. If you do not want to manually setup the reverse ssh tunnel each day or if Can I automatically setup the tunnel with a script ? Ssh daemon listening on the work machine's localhost is encrypted using aĬompletely separate ssh cipher negotiation. The reverse sshĬonnection started by the home ssh client though localhost port 12345 to the The initial ssh tunnel created from work to home is encrypted using theĬipher negotiated by the work ssh client and home sshd server. Questions? How is the reverse tunnel double encrypted ? NOTE: If your organization blocks outgoing ssh check out our HAProxy to tunnel ssh through You should now have a shell on your work machine.
To the work machine's sshd daemon with a username and password or you can setupĭone. Work machine listening on localhost port 22. Ssh client will connect through localhost port 12345 to the sshd daemon on the
When you initiate the ssh connection through the tunnel the home machine's Remember the tunnel is open on portġ2345 and owned by the "home_username" ssh -p 12345 Home on localhost port 12345 to ssh back though the ssh tunnel to the sshdĭaemon running on your machine at work. Your home machine, port 12345 on localhost will be the end of the tunnel ownedīy the "home_username" ssh -TnN -R 12345:localhost:22 you arrive at home, you can use the ssh tunnel initiated from work to To background the process, add (-f) to the ssh command. The ssh command will run in the forground and just sit in the current Tunnel to your home machine going out of the work network on the standard ssh
Execute the following ssh command on your work machine to setup an ssh Next, before leaving work for the day, create an ssh tunnel from work to Three(3) directives must be set to "yes" in order to setup an ssh vi /etc/ssh/sshd_config AllowAgentForwarding andĪllowTCPForwarding are "yes" by default.
The first step is to verify the following sshd forwarding and tunnel optionsĪre allowed in sshd_config on your home machine.
Offsite machine to connect back into the work machine. A Secure, Double Encrypted, SSH ConnectionĪ reverse ssh tunnel can be created to allow an ssh connection from an