How to set-up reliable autossh tunnel in Ubuntu 20.10
The idea is that a machine hosted anywhere - i.e. behind the NAT, with no public IP - will establish SSH tunnel to publicly available server. The only required connectivity is access to the server IP & port.
First install autossh and generate public/private keys.
Let’s say that:
- The public server that runs SSH client is available at server.muras.eu.
- It has SSH available externally on port 10001
- Internally SSH is running on standard port 22
- There is a user tunnel that we will use to authenticate SSH session
Create /etc/systemd/system/autossh.service with the content below.
Then enable the service and reboot to make sure it works automatically.
Create user tunnel that has no interactive shell session (-s /bin/false) but create its home directory (-m).
Add to /home/tunnel/.ssh/authorized_keys the public key of the root user from our client (/root/.ssh/id_rsa.pub )
To access client machine, login to server and run: