Purpose: start/maintain/stop a reverse ssh tunnel to an always-on ssh accessible server

Naming conventions:

middleman is the ssh server that will be used to access the client machine

middleman has IP address mm.ip.addr

cuid and mmuid are users with access rights to ssh on client and middleman respectively

On client have nmap, autossh, openssh installed

On server have openssh-server installed and runnig

On client log in as cuid:

ssh-keygen # press enter twice for empty password

cat .ssh/id_rsa.pub | ssh -l mmuid mm.ip.addr sh -c "cat – >> ~/.ssh/authorized_keys"

nano /etc/network/if-up.d/start_autossh_rev_tunnel

#!/bin/bash

#

#echo Checking for autossh…

[ -x /usr/bin/autossh ] || exit 0

#echo Checking for ssh…

[ -x /usr/bin/ssh ] || exit 0

#echo Checking for nc…

[ -x /bin/nc ] || exit 0

#echo Checking for server…

[ ! `/bin/nc -z -w 1 163.1.6.117 22` ] || exit 0

#echo Stopping any already running autossh instances.

killall -q -TERM autossh

sleep 1

#echo Starting reverse ssh tunnel.

su -l -c "/usr/bin/autossh -4 -M29002 -f -N -R 1411:localhost:22 zjl@163.1.6.117 -oLogLevel=error -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no" zjl || exit 0

#echo All done.

exit 0

nano /etc/network/if-up.d/stop_autossh_rev_tunnel

#!/bin/bash

#

#echo Stopping any running autossh instances.

killall -q -TERM autossh

#echo All done.

exit 0

chmod +x /etc/network/if-up.d/stop_autossh_rev_tunnel  /etc/network/if-up.d/start_autossh_rev_tunnel

Links:

setting up ssh keys

   http://paulkeck.com/ssh/

reverse ssh tunnel

   http://www.howtoforge.com/reverse-ssh-tunneling

   http://jiang925.com/content/tunnel-through-firewall-using-reverse-ssh-and-vpn-dd-wrt

autossh script to start reverse tunnel

   http://forums.gentoo.org/viewtopic-t-875883.html

   http://www.vdomck.org/2009/11/ssh-all-time.html

Ubuntu man page(s)

   http://manpages.ubuntu.com/manpages/lucid/man5/interfaces.5.html