Persistent SSH Tunnels in Kubuntu

Remco Bloemen

2014-02-27, last updated 2014-05-07

Install OpenSSH

Kubuntu doesn’t come with SSH pre-installed. This is odd for a Linux distribution, since even some of the more minimalist ones come with SSH out of the box. In fact, Ubuntu is the first one I’ve seen that doesn’t.

I can understand it though, Ubuntu is aimed at novices, and SSH is somewhat advanced usage of Linux. It can also leave your system vulnerable if you pick weak passphrases.

The procedure of installing OpenSSH is as simple as

but see the next section.

Install SSH with HPN patches

(From http://spoutcraft.org/threads/blazing-fast-sftp-ssh-transfer.7682/)

(See http://www.psc.edu/index.php/hpn-ssh)

By default Ubuntu does not use the HPN patches in its distribution. The fault is really with the OpenSSH developers, who should “merge the patches already”!

/etc/ssh/sshd_config

Disallowing password based logins

(From: https://help.ubuntu.com/community/SSH/OpenSSH/Configuring)

/etc/ssh/sshd_config

NATs and SSH tunnels

/etc/ssh/sshd_config

Configuring the remote machine

Configuring the local machine

test:

Now from any machine

AutoSSH

(See http://www.harding.motd.ca/autossh/)

AutoSSH daemon

description "autossh tunnel"

start on runlevel [2345]
stop on runlevel [!2345]

respawn
respawn limit 5 60

exec autossh -M 0 -N -R *:2201:127.0.0.1:22 -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -o "StrictHostKeyChecking=no" -o "BatchMode=yes" -i /home/autossh/.ssh/id_ecdsa autossh@149.210.213.161
[Unit]
Description=Autossh tunnel

[Service]
Type=simple
ExecStart=/usr/bin/autossh -M 0 -N -R *:2201:127.0.0.1:22 -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -o "StrictHostKeyChecking=no" -o "BatchMode=yes" -i /home/autossh/.ssh/id_ecdsa autossh@149.210.213.161

[Install]
WantedBy=multi-user.target