#use case: linux system that is behind a firewall or dsl router >> connects to a cloud server and opens up a tunnel, so that someone
can access the system from the cloudserver
#(access via ssh private / public key)
#
# - improvement when hostkey is changed at target host >> use option -o UserKnownHostsFile=/dev/null otherwise the portforwarding will get disabled if it detects a new host key!

#cron jobs
*/5 * * * * /root/bin/checkSSH2Outside.sh >>/var/log/checkSSH2Outside.log
1 23 1 * * gzip -f /var/log/checkSSH2Outside.log >/dev/null
5 9,12,15,18,21,0 * * * /root/bin/killSSH.sh >/dev/null 2>/dev/null


#cat /root/bin/checkSSH2Outside.sh

#!/bin/bash

ts=`date`
num=`ps -ef |grep ssh |grep mydomain|grep 17000 |wc -l` >/dev/null
echo "$ts Number of found ssh processes = $num."

if [ $num -ge "1" ] ; then
echo "$ts Processes to outside are already running."
else
echo "$ts No processes found >> starting"
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ServerAliveInterval=300 -N -p 10022 -R 17000:localhost:22 user@mydomain.de



#/root/bin/killSSH.sh
ps -ef |grep 17001 |grep ssh |awk {'print '} |xargs -n 1 kill

computer2know :: thank you for your visit :: have a nice day :: © 2022