SSH Tunneling Auto Reconnect Alive

SSH tunneling is a powerful technique for securely forwarding network traffic from one machine to another. It’s commonly used to access resources on a remote server as if they were local, especially in scenarios where you need to securely access services behind a firewall or from a different network. To ensure the SSH tunnel remains stable and automatically reconnects when there are interruptions, you can use tools like autossh in combination with server and client-side configurations.

Here’s a step-by-step guide on setting up SSH tunneling with auto-reconnect on both the server and client sides.

Server Side Configuration

First, let’s configure the SSH server to keep the connection alive and handle potential disconnects gracefully.

  1. SSH into your server:

  2. Open the SSH server configuration file using a text editor (e.g., Vim):

    1
    
    vim /etc/ssh/sshd_config
  3. Add the following lines to the configuration file:

    1
    2
    
    ClientAliveInterval 5
    ClientAliveCountMax 15

    These lines set the server to send a “keep-alive” message to the client every 5 seconds and disconnect the client if there are 15 consecutive failed responses.

  4. Save the changes and exit the text editor.

  5. Restart the SSH server to apply the new settings:

    1
    
    systemctl restart sshd

Client Side Configuration

Now, let’s configure the client-side settings and use autossh to automatically reconnect if the SSH tunnel is interrupted.

  1. On the client machine, use the following autossh command to create an SSH tunnel. This command forwards traffic from port 8080 on the client to port 8022 on the server:

    1
    
    autossh -M 0 -N -o ExitOnForwardFailure=yes -o ServerAliveInterval=5 -o ServerAliveCountMax=3 -R 8022:localhost:8080 -p 666 [email protected]
    • -M 0: Disables monitoring to prevent conflicts with ServerAliveInterval.
    • -N: Tells SSH not to execute any remote commands.
    • -o ExitOnForwardFailure=yes: Terminates the autossh session if port forwarding fails.
    • -o ServerAliveInterval=5: Sends a “keep-alive” message to the server every 5 seconds.
    • -o ServerAliveCountMax=3: Disconnects if no response is received after three consecutive “keep-alive” messages.
    • -R 8022:localhost:8080: Sets up a reverse SSH tunnel from the server’s port 8022 to the client’s port 8080.
    • -p 666: Specifies the SSH server’s port (replace with your actual SSH port).
    • [email protected]: Replace with the appropriate SSH username and server address.
  2. If you want to run autossh in the background, add the -f option:

    1
    
    autossh -M 0 -Nf -o ExitOnForwardFailure=yes -o ServerAliveInterval=5 -o ServerAliveCountMax=3 -R 8022:localhost:8080 -p 666 [email protected]

    The -f option forks autossh into the background.

With these server and client-side configurations, your SSH tunnel should remain stable and automatically reconnect if there are any interruptions in the connection. This setup is particularly useful for maintaining persistent tunnels, such as when accessing web services or databases on a remote server securely.

0%