Use the following command on the local machine to test the reverse SSH tunnel to the remote server. $ ssh-keyscan -H -t rsa remote-server | sudo su -s /bin/sh sshtunnel -c "tee > ~/.ssh/known_hosts" Fourth stepĪdd remote server to the known servers pool on the local machine. Now you can remove the uploaded public key. $ echo 'no-agent-forwarding,no-user-rc,no-X11-forwarding,no-pty' $(cat tunnel_key_a.pub) | sudo su -s /bin/bash sshtunnel -c "tee > ~/.ssh/authorized_keys"
$ sudo su -s /bin/sh sshtunnel -c "mkdir ~/.ssh"Īdd uploaded public key to the pool of keys authorized for authentication. Upload ~/.ssh/tunnel_key_a.pub file to the remote server and perform the following operations while still being connected to it.Ĭreate a missing. Sshtunnel$ ssh-keygen -t rsa -b 2048 -q -N "" -f ~/.ssh/tunnel_key_a Switch to the sshtunnel user and create SSH key pair. $ sudo useradd -s /usr/sbin/nologin -m sshtunnel Second stepĬreate sshtunnel user on the local machine. It is crucial to disable shell access, but create a home directory to store SSH configuration ( known hosts and authorized keys).
The easiest way to do this is to use autossh utility to create a secure and persistent reverse SSH tunnel to the publicly available server.Ĭonnect to the remote server and create sshtunnel user. Sometimes I want to access a private server at home from a different network while being on the go.
0 kommentar(er)
