`
name327
  • 浏览: 166261 次
  • 性别: Icon_minigender_1
  • 来自: 西安
社区版块
存档分类
最新评论

autossh 建立反向隧道

 
阅读更多 
#!/bin/bash
#
# autossh . Startup script for autossh

# chkconfig: 2345 25 40
# description: Maintain persistent SSH tunnels
# processname: autossh
# pidfile: /var/run/autossh.pid

# Copyright 2012 - Jean-Sebastien Morisset - http://surniaulula.com/
#
# http://surniaulula.com/2012/12/10/autossh-startup-script-for-multiple-tunnels/
#
# This script is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
#
# This script is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details at http://www.gnu.org/licenses/.

# Changelog:
#
# 2013/06/21 - Reset the $forward_list variable at the start() to prevent the
# accumulation of ports for each config loop. Also added support for socks
# proxies. Thanks to Chris for pointing out the issue in the comments.

# Source function library
. /etc/init.d/functions

RETVAL=0
prog="autossh"
autossh="/usr/bin/autossh"

[ ! -d /var/run/$prog ] && mkdir -p /var/run/$prog

start() {
	config="$1"
	cfname=`basename $config`
	forward_list=""

	# make sure we have a config file
	if [ ! -f "$config" ]
	then
		failure
		echo "$prog $cfname: $config missing"
		return 1
	fi

	. $config

	# make sure all variables have been defined in config
	for var in \
		ServerAliveInterval ServerAliveCountMax StrictHostKeyChecking \
		LocalUser IdentityFile RemoteUser RemoteHost RemotePort
	do eval "
		if [ -z \$$var ]
		then
			failure
			echo \"$prog $cfname: $var variable empty\"
			return 1
		fi
		"
	done

	if [ ${#ForwardPort[*]} -eq 0 ]
	then
		failure
		echo "$prog $cfname: ForwardPort array empty"
		return 1
	fi

	for fwd in "${ForwardPort[@]}"
	do
		case "$fwd" in
		D\ *:*|R\ *:*:*:*|L\ *:*:*:*) forward_list+="-$fwd " ;;
		*)	failure
			echo "$prog $cfname: $fwd format unknown"
			return 1
			;;
		esac
	done

	# define the pidfile variable for autossh (created by autossh)
	# check if pidfile already exists -- don't start another instance if pidfile exists
	AUTOSSH_PIDFILE="/var/run/$prog/$cfname.pid"
	if [ -e $AUTOSSH_PIDFILE ]
	then
		failure
		echo "$prog $cfname: $AUTOSSH_PIDFILE already exists"
		return 1
	fi

	echo -n "Starting $prog $cfname: "

	# before switching-users, make sure pidfile is created and user has write permission
	touch $AUTOSSH_PIDFILE
	chown $LocalUser $AUTOSSH_PIDFILE

	# start autossh as the user defined in the config file
	# the pidfile must be re-defined in the new environment
	su - $LocalUser -c "
		AUTOSSH_PIDFILE=$AUTOSSH_PIDFILE;
		AUTOSSH_PORT=0;
		export AUTOSSH_PIDFILE AUTOSSH_PORT;
		$autossh -q -N -p $RemotePort \
		-i $IdentityFile \
		-o ServerAliveInterval=$ServerAliveInterval \
		-o ServerAliveCountMax=$ServerAliveCountMax \
		-o StrictHostKeyChecking=$StrictHostKeyChecking \
		$forward_list $RemoteUser@$RemoteHost -f;"

	# check to make sure pidfile was created
	if [ ! -f $AUTOSSH_PIDFILE ]
	then
		failure
		echo "`basename $AUTOSSH_PIDFILE` not created"
		return 1
	fi

	success
	echo
	touch /var/lock/subsys/$prog
}

stop() {
	config="$1"
	# if no config names (on the command-line), stop all autossh processes
	if [ -z "$config" ]
	then
		echo -n "Stopping all $prog: "
		killproc $autossh
		RETVAL=$?
		echo
		if [ $RETVAL -eq 0 ]
		then
			rm -f /var/lock/subsys/$prog
			rm -f /var/run/$prog/*.pid
		fi
	else
		cfname="`basename $config`"
		pidfile="/var/run/$prog/$cfname.pid"
		if [ ! -f $pidfile ]
		then
			failure
			echo "$prog $cfname: $pidfile missing"
			return 1
		else
			echo -n $"Stopping $prog $cfname: "
			killproc -p "/var/run/$prog/$cfname.pid" "$prog $cfname"
			RETVAL=$?
			echo
			[ $RETVAL -eq 0 ] && rm -f /var/run/$prog/$cfname.pid
		fi
	fi
	return $RETVAL
}

# save the action name, and shift the command-line array
# all remaining command-line arguments could be config names
action="$1"
shift

case "$action" in
start)
	if [ -z "$1" ]
	then
		# if no config names on the command-line, start all /etc/autossh/ configs found
		for config in `echo /etc/$prog/${cfname:='*'}`
		do $action $config; done
	else
		# start only the config files specified on the command-line
		for cfname in "$@"
		do $action /etc/$prog/$cfname; done
	fi
	;;
stop)
	if [ -z "$1" ]
	then
		# if no config names on the command-line, stop all autossh processes
		$action
	else
		# stop only the config files specified on the command-line
		for cfname in "$@"
		do $action /etc/$prog/$cfname; done
	fi
	;;
restart)
	# re-execute this script, with the stop and start action names instead
	$0 stop "$@"
	$0 start "$@"
	;;
status)
	if [ -z "$1" ]
	then
		# if no config names on the command-line, show all autossh pids
		status $autossh
		RETVAL=$?
	else
		# only show the status of config files specified on the command-line
		for cfname in "$@"
		do
			config="/etc/$prog/$cfname"
			# if the config file is missing, echo an error message
			if [ -f $config ]
			then
				cfname="`basename $config`"
				pidfile="/var/run/$prog/$cfname.pid"
				# if the pidfile is missing, echo an error message
				if [ -f $pidfile ]
				then
					status -p "$pidfile" "$prog $cfname"
					RETVAL=$?
				else
					echo "$pidfile missing"
					RETVAL=1
				fi
			else
				echo "$config missing"
				RETVAL=1
			fi
		done
	fi
	;;
*)
	echo "Usage: $0 {start|stop|restart|status} {config names...}"
	RETVAL=1
	;;
esac
exit $RETVAL

 

 

# Check connection every 10 seconds, and after 3 tries (30 seconds), drop and
# let autossh re-connect.
ServerAliveInterval="10"
ServerAliveCountMax="3"
StrictHostKeyChecking="no"

LocalUser="root"
#IdentityFile="~/.ssh/domain.com"

RemoteUser="root"
RemoteHost="192.168.1.5"
RemotePort="22"

# Array of ports to be forwarded:
# 
# Example: Forward port 3307, listening on 127.0.0.1 on the remote side, to
# 127.0.0.1 port 3306 on the local side. Forward port 8081, listening on
# 127.0.0.1 on the local side, to 10.100.1.60 port 80 on the remote side.
#
ForwardPort=(
    "R 127.0.0.1:3307:127.0.0.1:3306"
    "L 127.0.0.1:8081:10.100.1.60:80"
)

 

分享到:
| iptables开放端口,记录下
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

    使用autossh+阿里云做反向代理笔记,无需任何第三方软件

    - 配置 autossh:你需要配置autossh以启动一个SSH隧道,将本地端口映射到阿里云ECS实例的某个端口。这可以通过在autossh命令行中指定 `-R` 参数来完成,例如:`autossh -R 8080:localhost:22 user@your_aliyun_ecs_...

    win_autossh_svc:cygwin + nssm + batch文件结合在一起,提供了一个有弹性的反向rdp隧道

    一些条款: LOCALMACHINE:您要连接的计算机REMOTEMACHINE:您要连接的机器REMOTESERVER:第三台世界可访问的机器,用于通过它建立ssh隧道通过REMOTESERVER创建到REMOTEMACHINE的反向隧道: 安装cygwin。...

    ssh监控和自动重连接autossh

    `autossh` 是一个开源工具,专门设计来监控SSH连接并自动在断线后重新建立连接。这个工具基于C语言编写,提供了强大的功能和易用性。`autosh` 可以检测到SSH会话是否丢失,并在检测到问题时尝试重新建立连接,避免因...

    autossh监控

    主要是监控autossh,默认的反向连接会出现掉线的情况,主要的表现是程序没有挂掉,但是无法控制,本程序主要是监控这个autossh用的。

    autossh:永久SSH隧道

    Autossh Node.js的持久SSH隧道安装使用npm npm i -S autossh用法开始const autossh = require ( 'autossh' ) ;autossh ( { host : '111.22.333.444' , username : 'root' , localPort : 64444 , remotePort : 5432} ...

    autossh.tar.gz

    `autossh`是SSH(Secure Shell)的一个扩展,它监控SSH连接状态,如果检测到连接中断,会自动尝试重新建立连接,这对于保持长时间的SSH隧道或转发非常有用。 首先,我们要了解`expect`。`expect`是一个基于Tcl的...

    autossh-1.4e

    5. **自动重启**:当网络或SSH服务出现问题时,autossh会自动尝试重新建立连接,无需人工干预。 6. **日志分析**:查看 `/var/log/auth.log` 或者 autossh 自定义的日志文件,以便了解连接情况和故障排查。 在实际...

    autossh-tunnel:使用autossh设置并保持通向远程站点的ssh隧道活动,屏幕

    autossh隧道使用autossh屏幕设置并保持ssh隧道到远程站点的活动。要求重击Autossh 屏幕awk(可选) sed(可选)这个怎么运作在~/.ssh/config要隧道连接的站点:检测到前缀为'autossh-'的Host声明作为隧道站点的候选...

    在Linux下安装autossh的教程.docx

    这款工具尤其适用于需要长时间保持SSH连接的应用场景,例如建立反向SSH隧道或是通过SSH挂载远程文件系统等。为了确保在不同情况下都能正常工作,autossh假设目标主机已经配置好了无密码SSH登录方式,这样一来即便SSH...

    docker-autossh

    码头工人汽车###配置autossh编辑autossh-start.sh脚本 docker run -i -t jessefugitt/docker-autossh /bin/bashvi autossh-start.sh修改反向隧道和连接线: -R *:1234:localhost:8080 \ root@docker-sshd-ip-address...

    autossh:高度可定制的AutoSSH Docker容器

    概述jnovack / autossh是一个小型的轻量级映像(约15MB),尝试提供一种安全的方式来建立SSH隧道,而无需在映像本身中包含密钥或链接到主机。 有数千个autossh docker容器,为什么要使用这个容器? 我希望您发现它更...

    使用cygwin 运行启动autossh服务

    当Autossh检测到连接丢失,它会尝试重新建立连接,确保服务的连续性。 **安装Cygwin和Autossh** 1. 下载Cygwin安装程序(setup.exe)并运行。 2. 在安装向导中,选择“网络”类别,并在列表中找到“openssh”和...

    ansible-autossh-tunnel-client:在Ubuntu系统(客户端)中设置持久隧道(使用autossh)

    本篇主要介绍如何使用Ansible结合autossh在Ubuntu系统(客户端)中建立一个持久的SSH隧道,以实现安全的数据通信,如MySQL数据库的远程访问。 首先,让我们理解SSH隧道的基本概念。SSH(Secure Shell)是一种加密的...

    autossh-openwrt:autossh修复错误

    autossh则是一个用于保持SSH连接自动重连的工具,它确保了SSH隧道在因各种原因断开后能够重新建立,这对于远程管理和监控网络服务非常有用。 【描述】中提到“openwrt 官方的 autossh 有bug”,这表明在OpenWrt官方...

    ansible-autossh-tunnel-server:在类似Debian的系统(服务器端)中建立持久隧道(使用autossh)

    ansible-autossh-tunnel-server:在类似Debian的系统(服务器端)中建立持久隧道(使用autossh)

    openwrt-autossh:用LuCI进行Autossh

    适用于OpenWrt的Autossh安装,然后 opkg updateopkg install openssh-clientopkg install autossh_1.4d-x_xxxxx.ipk建造如果您使用其他OpenWRT版本,请自己构建:cd进入根目录,然后 # clone the Makefilegit clone ...

    autossh-tunnel:autossh init.c脚本在启动时创建ssh隧道

    autossh init.d脚本在Debian / Raspian引导中生成ssh隧道的脚本用法确保您已经安装了autossh $apt-get install autosshAutossh不允许设置密码,因此您必须将rsa密钥上载到远程服务器。 由于我们没有为autossh配置...

    使用反向ssh从外网访问内网主机的方法详解

    这种方法主要通过建立反向SSH隧道,使得外网主机能够通过内网主机连接到的有固定外网IP的服务器,进而访问内网主机。 反向SSH的工作原理是,内网主机主动连接到有外网IP的服务器,并开放一个端口(如1111),这个...

    sshjump:Bash脚本可轻松设置反向ssh隧道,以便将ssh传递到nat后面的主机

    Bash脚本可轻松设置反向ssh隧道,以便将ssh传递到nat后面的主机 您必须安装sqlite3和autossh Debian / Ubuntu apt安装sqlite3 autossh CentOS yum安装sqlite3 autossh 安装完所有内容后,您将在服务器上运行并...

Magicbox
Global site tag (gtag.js) - Google Analytics