Join Log in
Score:0
avatar Server

Automate ssh port forwarding using DNS

cn flag
Alleo

I have a number of ssh hosts (a dozen), for simplicity host1, host2, etc.

I frequently need to forward port, e.g.

ssh -L 8888:localhost:8888 host1
ssh -L 8889:localhost:8888 host2
ssh -L 8890:localhost:80   host2

This is annoying since 1) I need to remember mapping from local ports to hosts and 2) I need to do that manually

I'd like to implement some kind of system that listened to specific hosts (locally, on my machine), e.g. host1.8888.ssh.local and opened tunnel to this address automatically.

310
1 + 2
anx avatar
fr flag
anx
Sounds like adding a few static hostnames via `/etc/hosts` and defining the localport/remoteport associations via systemd socket activation could automate this..
1
Reply
cn flag
Alleo
@anx sounds very reasonable
0
Reply
Score:3
Martin avatar Server
kz flag
Martin

You can configure all this stuff inside the ssh config file, usually found at the location: $HOME/.ssh/config

for example:

Host abc
    Hostname 1.2.3.4
    Port 345
    IdentityFile /path/to/id_rsa
    LocalForward 8888 localhost:8888
    User root
Host def
    Hostname 2.3.4.5
    User root
    LocalForward 8889 localhost:8889

This way, you just need to type ssh abc and all your settings you specify inside there will get applied. Available Options found inside the man page.

0 + 8
cn flag
Alleo
Thanks, I'm aware about this option in ssh configs. It doesn't solve main points: memorization of ports and manual opening of ports
0
Reply
us flag
Tero Kilkanen
What do you mean by "manual opening of ports"? And I don't see why this wouldn't solve the "memorization of ports" problem? The ports are stored in the configuration, and you need to only remember the host names you assign in the config.
0
Reply
Martin avatar
kz flag
Martin
@TeroKilkanen is correct. Even if you forgot the assigned host name, you could still simply take a look into the config to check what hosts you defined there.
0
Reply
cn flag
Alleo
That means - you still need to ssh. Tunnel should be opened automatically
0
Reply
cn flag
Alleo
`remember the host names you assign in the config` correct, this step should be eliminated. For the user (in this example - me) it should be possible to use machine hostname to use tunnel
0
Reply
Martin avatar
kz flag
Martin
As already said, you can use whatever you want as Host definition name - so it is totally fine to use the machine hostname inside the Host definition. You got everything you need, to automate this, you just need to put all ssh commands (with ```-fN``` ) inside a script, and place that script inside your startup files...
0
Reply
cn flag
Alleo
As already said, I am well-aware of ssh configs. Keeping a dozen of connections doesn't sound like a great idea to me. When notebook is started, there may be no internet at all, because I can be on a train. System should work for multiple users and allow them non memorizing ports (moreover set not by them).
0
Reply
cn flag
Alleo
I can reiterate: this solution has nothing to do with requirements set in the question
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.