Re: Relaiable ssh tunnel via systemd

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Look into the "autossh" program, which is very good to manage and
maintain such tunnels.

On Tue, Mar 14, 2017 at 5:02 AM, Thomas Güttler
<guettliml@xxxxxxxxxxxxxxxxxx> wrote:
> We try to run a reliable ssh tunnel vis systemd.
>
> This is the unit configuration file:
>
> {{{
> [Unit]
> Description=Tunnel For %i
> After=network.target
>
> [Service]
> User=autossh
> ExecStart=/usr/bin/ssh -o "ExitOnForwardFailure yes" -o "ServerAliveInterval
> 60" -N -R 40443:installserver:40443 -R 8080:installserver:8080
> ExecStartPre=-/usr/bin/ssh tunnel@%i "for pid in  $$(ps -u tunnel | grep
> sshd| cut -d' ' -f1); do kill -9 $$pid; echo kill old ssh process p
> Restart=always
> RestartSec=5s
> StartLimitInterval=0
>
> [Install]
> WantedBy=multi-user.target
> }}}
>
> Unfortunately on some hosts we see this warning again and again:
>
> Mar 13 23:11:14 remotehost sshd[10938]: error: bind: Address already in use
> Mar 13 23:11:14 remotehost sshd[10938]: error: channel_setup_fwd_listener:
> cannot listen to port: 40443
> Mar 13 23:11:14 remotehost sshd[10938]: error: bind: Address already in use
> Mar 13 23:11:14 remotehost sshd[10938]: error: channel_setup_fwd_listener:
> cannot listen to port: 8080
>
> Since we kill the old tunnel before starting a new, I don't understand why
> this error message occurs.
>
> Any hints?
>
> --
> Thomas Guettler http://www.thomas-guettler.de/
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux