top | item 41682450

(no title)

8xeh | 1 year ago

This approach works very well. I've had dozens of extremely remote systems hooked up this way for about 8 years. The only problem I've seen is that occasionally the server ssh process will get stuck, so you have to log in to the server and kill it. It seems to happen when a remote goes offline and reconnects without closing the old connection first.

If I were doing it now, I'd probably use wireguard, probably. This is simpler to set up and works great.

discuss

elashri|1 year ago

Can't you just add something like ServerAliveCountMaxto help with solving stale connections?

So something like that would solve that

[Unit] Description=look ma, no autossh After=network.target

[Service] Type=exec ExecStart=/usr/bin/ssh -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -Nn -R 7070:localhost:22 pc 'sleep 20m' Restart=always RestartSec=20 RuntimeMaxSec=30m

[Install] WantedBy=default.target

xk3|1 year ago

The default of ServerAliveCountMax is already 3

boris|1 year ago

> The only problem I've seen is that occasionally the server ssh process will get stuck, so you have to log in to the server and kill it.

You also need ClientAliveInterval on the server side (in addition to ServerAliveInterval on the client). In other words, both the client and the server need to be configured to monitor the connection. With this setup I had no issues with reconnections.

xk3|1 year ago

> ssh process stuck

systemd's RuntimeMaxSec should help in this case but I've never had trouble with sshd personally

To add more context I use the above service to ssh from my phone to my laptop via my desktop PC. The service runs on my laptop and binds port 22 of my laptop to port 7070 of my PC but wiregaurd would probably work similarly

lloeki|1 year ago

RuntimeMaxSec would have systemd kill a live forwarded connection though?