Auto start an SSH tunnel and keep alive

Submitted by shane on Tue, 2010-03-30 21:36

I have a program that needs to talk to another server, but to secure the traffic I've set up a port forwarding SSH tunnel. The only problem is that this tunnel needs to be kept alive and started when the server boots up. Here is how, using 

/etc/inittab

For the server you want to make connections from follow these instructions.

Open up 

/etc/inittab

and insert this code somewhere near the bottom

# Keeps an SSH port forwarding connect between serverA <---> serverB for mysql
sm:345:respawn:/usr/bin/ssh -N -L 3307:127.0.0.1:3306 -l admin 192.168.1.5

Let's break it down

<

ul>

  • sm This is just an random two letter code that distinguishes it from other processes inside inittab
  • 345 These are run-levels that you want the process to run.
  • respawn What to do if the process dies, respawn it
  • /usr/bin/ssh ssh binary
  • -N Tells SSH not to run any remote command after the connection has been established
  • -L 3307:127.0.0.1:3306 This tells SSH to set up a tunnel with local port being 3307, remote host 127.0.0.1, remote port 3306
  • -l admin What user to log in by
  • 192.168.1.5 Remote host to SSH into

    • For those familiar with SSH, it should go without saying that you need to set up pre-shared keys to automatically log into the remote server

    Comments

    Post new comment

    The content of this field is kept private and will not be shown publicly.
    • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
    • Lines and paragraphs break automatically.
    • Web page addresses and e-mail addresses turn into links automatically.
    • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <drupal5>, <drupal6>, <javascript>, <php>, <sql>. Beside the tag style "<foo>" it is also possible to use "[foo]".

    More information about formatting options