Autossh
De Linuxmemo.
Sommaire |
[modifier] Préparation SSH
- Déposer la clef SSH
- Protéger le clef SSH
chmod 600 id_rsa
- Supprimer la passe-phrase
ssh-keygen -p -f id_rsa
- Faire un test de connexion
- Accepter la clef host
[modifier] Script init
#!/bin/bash ### BEGIN INIT INFO # Provides: autossh # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # X-Interactive: true # Short-Description: Start/stop/force-reload|restart/status/log autossh tunneling ### END INIT INFO # # by Patrick van der Leer <pat.vdleer@gmail.com> # released under GPL, version 2 or later PATH=/sbin:/bin:/usr/sbin:/usr/bin DAEMON="/usr/bin/autossh" DESC="Autossh tunneling" PIDFOLDER="/var/run/autossh" PIDFOLDERSSH="$PIDFOLDER/ssh" REMOTE_USER="user" REMOTE_ADDR="host" LOGFILE="/var/log/autossh.log" if [ ! -d $PIDFOLDER ] ; then mkdir -p $PIDFOLDER fi if [ ! -d $PIDFOLDERSSH ] ; then mkdir -p $PIDFOLDERSSH fi test -f $DAEMON || exit 0 . /lib/lsb/init-functions PIDFILE="$PIDFOLDER/$REMOTE_USER-$REMOTE_ADDR.pid" PIDFILESSH="$PIDFOLDERSSH/$REMOTE_USER-$REMOTE_ADDR.pid" is_running() { if [ -f $PIDFILE ]; then PID=`cat $PIDFILE` if [ -n "$PID" ]; then return 0 else return 1 fi else return 1 fi } start_autossh() { if ! is_running; then echo "Starting $DESC" export AUTOSSH_FIRST_POLL=10 export AUTOSSH_POLL=60 export AUTOSSH_PIDFILE=$PIDFILESSH export AUTOSSH_DEBUG=yes # start-stop-daemon --start --make-pidfile --pidfile $PIDFILE --exec $DAEMON -- -M 20004 -f -t -t -i /root/.ssh/id_rsa -X -C -R 22222:localhost:22 $REMOTE_USER@$REMOTE_ADDR >> $LOGFILE 2>&1 start-stop-daemon --start --make-pidfile --pidfile $PIDFILE --exec $DAEMON -- -M 20004 -i /root/.ssh/id_rsa -N -R 22222:localhost:22 -t $REMOTE_USER@$REMOTE_ADDR >> $LOGFILE 2>&1 & sleep 1; if is_running; then echo "$DESC: running @ pid $PID" else echo 'Something went wrong'; fi else echo "$DESC: already running (pid $PID)" fi } stop_autossh() { if is_running; then echo "Stopping $DESC" start-stop-daemon --stop --pidfile $PIDFILE --signal 15 # if [ -f $PIDSSHFILE ]; then # PIDSSH=`cat $PIDFILESSH` # kill $PIDSSH # rm -f $PIDFILESSH # fi else echo "$DESC: not running" fi [ -f $PIDFILE ] && rm -f $PIDFILE } case "$1" in start) start_autossh ;; stop) stop_autossh ;; force-reload|restart) stop_autossh start_autossh ;; status) if is_running; then echo "$DESC: running (pid $PID)" exit 0 else echo "$DESC: not running" [ -f $PIDFILE ] && exit 1 || exit 3 fi ;; log) if [ -f $LOGIFLE ]; then tail $LOGFILE else echo "log file '$LOGFILE' does't exist" fi ;; *) echo "Usage: $0 {start|stop|restart|force-reload|status|log}" exit 3 ;; esac exit 0
[modifier] x11 forwarding avec rebond
Activer le X11Forwarding sur tout les serveurs
sshd_config (client --> rebond --> serveur): X11Forwarding yes
Activer le X11Forwarding sur tout les client
ssh_config (client --> rebond --> serveur): ForwardAgent yes ForwardX11 yes ForwardX11Trusted yes
lancer la connexion sur le client:
ssh -t relais ssh -p22222 -X serveur
lancer l'application distante
gedit
[modifier] Problèmes
sur client
ssh_exchange_identification: Connection closed by remote host
sur serveur
connect_to localhost port 22: failed. (log autossh)
solution: sshd n’écoute pas sur l'interface loopback
vim /etc/ssh/sshd_config ListenAddress 0.0.0.0