Autossh with Ubuntu Upstart
Like the title says, the point of this post is getting autossh up when Ubuntu boots. Place this in e.g. /etc/init/autossh.conf
, after which you will be
able to says things like sudo start autossh
and sudo stop autossh
.
description "autossh tunnel" author "Joni Kähärä" start on (local-filesystems and net-device-up IFACE=eth0 and net-device-up IFACE=eth1) # assuming we have multiple interfaces stop on runlevel [016] respawn respawn limit 5 60 exec autossh -M 0 -N -R 10000:192.168.1.1:22 -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -o "StrictHostKeyChecking=no" -o "BatchMode=yes" -i /home/user/.ssh/id_rsa username@hostname
The “start on” line ensures that autossh won’t start before all network interfaces are up, and “stop on” will stop autossh (if it’s running) on runlevels 0, 1 and 6 (halt, single user and reboot, respectively). The “respawn limit” line will ensure that if autossh goes crazy, it will not be started again. Note that the plain “respawn” line is still needed to actually respawn the process. Of the command line options only the first one (-M 0) is for autossh, the rest are regular ssh options.
- -M 0 denotes that autossh should not set up it’s own monitoring channel and should instead rely on ssh terminating itself when it decides that the connection’s been lost (see ServerAlive* options below).
- -N means “Do not execute a remote command”, i.e. just set up the connection and port forward.
- -R 10000:192.168.1.1:22 means that we want TCP port 10000 on the remote host forwarded to port 22 on local host (192.168.1.1).
- -o "ServerAliveInterval 60" send “keepalive” messages every 60 seconds
- -o "ServerAliveCountMax 3" terminate ssh if three consecutive ServerAliveInterval inquiries fail (and thus respawn)
- -o "StrictHostKeyChecking=no" don’t fail if remote server’s identity changed
- -o "BatchMode=yes" don’t attempt to use a passphrase if public key login fails
- -i /home/user/.ssh/id_rsa the private key we’ll use for the tunnel
- username@hostname connect to this host with this username
Categorised as: snippet