We have a dsl modem that lacks the ability for us to forward / nat port 22 to a server we have at that location but at times we really need to get access to that server to help troubleshoot it.

This is how we did that.

NOTE: you need a server that has a routable IP and that you can create a user on with proper access rights ...

 1. on the server with the non-routable IP address we created a user then generated a key

1.  
   • 'ssh-keygen -t dsa' then 'cat .ssh/id_dsa.pub' then copy what you just catted

2. connect to the server that has a routable IP address and 'vim .ssh/authorized_keys' and paste what you just copied into there

1.  
   • test it 'ssh theuser@theroutableserver' from the non-routable server .. if it works great!

Now lets setup the non-routable server so when it reboots it will  create our reverse tunnel .....

Create a file /etc/init.d/autossh and past the following into it

#!/bin/sh
/usr/bin/autossh -M 65218 -f -N -g -R 9999:localhost:22 youruser@yourrouteableserver &

Then make that file executable ..

chmod 755 /etc/init.d/autossh

Then make a file /etc/init/autossh.conf and paste the following into it

# start autossh
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5

stop on runlevel 0
stop on runlevel 1
stop on runlevel 6

respawn
exec /etc/init.d/autossh

Then start it ...

initctl start autossh

Test it connect to the non-routable server and

ssh -p 9999 localhost

Some problems with the system is that depending on how fast your network comes up on the non-routeable server it could take a while for the tunnel to be fully setup .... otherwise it has been very reliable for us.

Create Discussion