I am currently using ssh to forward few ports like this:
There are 3 machines:
A-host
- machine building the tunnel, one that can access bothB
andC
B-host
- machine that does not have access to A or C that that needs to be able to connect toC:636
C-host
- machine providing a service on port 636
A-host>ssh -R 636:C-host:636 -R 8080:C-host:8080 root@B-host
The question is how to make this tunnelling be persistent, to restore it even one or another machine is restarted.
I know that this probably require autossh but that't not the entire solution.
Here is my current solution, if you know a better one, I will be grad to accept it.
On the machine that is initialting the tunnelling:
Now the firewalled-host can connect to localhost:3269 to access the service that was unavailable before.
Add the
autossh
command to a service that manages system services.Most Linux setups use init, reading the configuration of what to start from
/etc/inittab
, a line something likerc:2:respawn:autossh <options> >>/var/log/autosshoutput 2>&1
would do the trick. That will (if you are in runlevel 2 which is the usual case for a running Linux system these days) start the process on boot and restart it if it dies. If you want it to start before the next reboot, runtelinit
to tell the init process to reread its config. See the man page forinittab
for more details.Some Linux distributions have moved to using upstart to manage what init used to (amongst upstart's other features, as it does more then init ever did) - you should find plenty of documentation on this easily.