Home / server / Questions / 534229
Accepted
henning77
Asked: 2013-08-28 10:08:03 +0800 CST

autossh in background does not work

  • 772

I have set up a tunnel via autossh.

This works:

autossh -M 33201 -N -i myIdFile -R 33101:localhost:22 [email protected]

I would like to run autossh in background. Seems easy using the -f option.

This does not work, however:

autossh -f -M 33201 -N -i myIdFile -R 33101:localhost:22 [email protected]

Autossh runs in the background fine, but the ssh connection seems to fail every time. In /var/syslog I see multiple occurences of:

autossh[3420]: ssh exited with error status 255; restarting ssh

What am I doing wrong? A wild guess is it has something to do with the authentication via key file. How can I debug this (adding -v to the ssh options does not seem to log anywhere).

Edit: I got some ssh logs using the -y option

/usr/bin/ssh[3484]: debug1: Next authentication method: publickey
/usr/bin/ssh[3484]: debug1: Trying private key: /home/myuser/.ssh/id_rsa
/usr/bin/ssh[3484]: debug1: Trying private key: /home/myuser/.ssh/id_dsa
/usr/bin/ssh[3484]: debug1: Trying private key: /home/myuser/.ssh/id_ecdsa
/usr/bin/ssh[3484]: debug1: No more authentication methods to try.
/usr/bin/ssh[3484]: fatal: Permission denied (publickey).
autossh[3469]: ssh exited with error status 255; restarting ssh

So it seems autossh does not accept my identiy file (-i myIdFile) when using the -f option. Why is that?

(autossh 1.4c on Raspian)

ssh

3 Answers

  1. Best Answer

    It seems like when autossh drops to the background (-f option) it is changing the working directory, meaning relative paths do not work any longer. Or more specific: By entering the absolute path of your id file you will probably succeed.

    I re-created the scenario by creating a key with no password at a non-default location:

    ~/$ mkdir test
~/$ cd test
~/test$ ssh-keygen -f test_id_rsa

    I simply hit enter twice to generate a key that is not protected by a password.

    I copied the new key to my server (which allows password authentication currently):

    ~/test$ ssh-copy-id -i test_id_rsa user@server

    First I confirmed the key was working with regular ssh, then using autossh like you:

    ~/test$ ssh -i test_id_rsa user@server
~/test$ autossh -M 13000 -N -i test_id_rsa user@server
^C

    They both worked fine, so I recreated the problem you had:

    ~/test$ autossh -f -M 13000 -N -i test_id_rsa user@server

    This did not work and the following was written to /var/log/syslog:

    autossh[2406]: ssh exited prematurely with status 255; autossh exiting

    By changing the path of the keyfile to be absolute, it worked though:

    ~/test$ autossh -f -M 13000 -N -i /home/user/test/test_id_rsa user@server

    No errors in /var/log/syslog.

    • 32

  2. Not sure what is going on with the -f but you could also nohup it:

    nohup autossh -M 33201 -N -f -i myIdFile -R 33101:localhost:22 [email protected] &
    • 4

  3. Add the following parameters to SSH to bypass "Are you sure you want to continue connecting (yes/no)?"

    -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

    The final command would be in the following format:

    autossh -f -M $BASE_PORT -N -R $LOCAL_PORT:$LOCALHOST:$REMOTE_PORT $USER@$SERVER -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
    • 0