[NTLUG:Discuss] Script to (re)initiate a SSH port forwarding session
Chris Cox
cjcox at acm.org
Thu Sep 20 13:05:24 CDT 2007
David Simmons wrote:
>
> Guys/Gals,
>
> Was hoping someone has had experience with this and
> could forward whatever script their using:
>
> Scenario: Say,
> for totally hypothetical reasons, that I need to port forward to get
> around company's restrictive firewall - am currently running the
> command:
>
> ssh -ND 9999 outside.server.com
>
> this sets
> up a proxy port that I change in FireFox to forward all browser requests
> to (i.e. I setup FireFox to use the proxy at port 9999 - all local firefox
> requests are proxied to local port 9999, which is then automagically
> ssh-encrypted, forwarded to an outside machine and returns the webpage to
> my 'behind the firewall'ed machine.)
>
> System works great until
> 'ole master of firewall' closes my session and I get a "Read from
> remote host outside.server.com: Connection reset by peer"....while I
> initially thought it might have been a sshd_config issue on the
> outside.server.com machine - the same setup works great when I'm on my
> home network....SO...sometype of system/script must be shutting down my
> ssh session.
Actually, it's the firewall probably shutting things down. You'll
have to ping (possibly something real and not merely a ping) the
interface to keep it alive.
For example, if it's a port forwarded http tunnel, you may have to
issue a dummy http request periodically (possibly something done
through cron).
>
> I'm looking for a script that can (re)initiate the
> SSH session when it goes down perpetually (or at least until a
> CTRL-C). Googling didn't really turn up anything - maybe my search
> was wrong/bad.
You'll still need to create a short script to keep it alive, but
the script will have to test if it's actually down, kill it off,
and then start it back up. This script could be used to do
the data ping mentioned above if it finds the service to be
still alive.
>
> Any help would be great (and I'm sure a good
> lesson even to those just wanting to automate some other type of
> session)
>
> Thanks - dave (from a secured bunker, deep in the
> heart of firewalled land)
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
>
More information about the Discuss
mailing list