9

I know that if I want to start an SSH tunnel

ssh -d 9000 user@userserver

This is one solution for a dynamic tunnel to be opened on port 9000 for a user named "user" on the host "userserver"

However, how can I automate this process in Ubuntu so that I don't have to open up a terminal every time I log in and start the tunnel? I want to be SSH'd the moment I log in.

I know I could create a bash file but wouldn't I have to store my server user's password in plaintext as I would be prompted for it after the initial command?

dalanmiller
  • 221
  • 3
    you can setup ssh-keys instead of using a password (see http://pkeck.myweb.uga.edu/ssh/ ), but no matter how your setup is you will be compromising security if you automate login's... – LasseLuttermann Apr 25 '11 at 16:08
  • Not exactly about your question, but I recommend you try using sshuttle for routing your internet through a SSH. It doesn't solve password-less login issues. – Oxwivi Jun 04 '11 at 17:18
  • If you set up password-less SSH as I answered, sshuttle can also be autostarted (note, sshuttle requires admin privileges to run). – Oxwivi Jun 04 '11 at 19:13

4 Answers4

9

  1. Set up password-less SSH login according to this answer:

    • ssh-keygen (you will be prompted for a password, leave it blank)

    • ssh-copy-id user@userserver (enter your SSH login password for the last time)

  2. Add an startup entry for SSH:

enter image description here

enter image description here

Community
  • 1
Oxwivi
  • 17,849
  • @Stefano, thank you! Half the credit goes to Rinzwind and Marco who enlightened me about password-less SSH in the first place! – Oxwivi Jun 04 '11 at 19:11
1

How about using an ssh-key setup, as Source Lab suggested, but setting up your key with a pass phrase and make sure ssh-agent is running on your machine so it only needs to be entered once per login session.

There's a few advantages doing it that way: - You can get automated password-less login (apart from first boot/login) whenever you issue your ssh command - Your key has a pass phrase so it's safer - Using pub/private keys is very standard and will be supported by most SSH Server installations

To set up SSH key authentication:

To use ssh-agent/keychain (to cache the pass-phrase throughout the login session):

As far as automating the tunnel creation on startup, one idea might be to create a quick shell script which starts the tunnel:

~$ sudo cat <<EOF >> /usr/local/bin/start_tunnel.sh
ssh-add # ensure key is added to agent
ssh -D 9000 user@userserver # substitute real server in here (of course)
EOF
~$ chmod +x /usr/local/bin/start_tunnel.sh

Then add it as a startup program (System -> Preferences -> Startup Applications), should work, anyway!

kwiksand
  • 726
  • Is there anyway to do this via the network proxy section of the settings in Ubuntu? There is an option for user verification and you can pre-input your username and password? Just in case my settings ever change I wouldn't want to have to go in and redit the file. – dalanmiller Apr 29 '11 at 18:50
  • I'm afraid that doesn't work, not even with autossh. – Jelle De Loecker May 07 '11 at 08:02
0

I wrote a little script for just this: https://github.com/PHLAK/Soxy

PHLAK
  • 1,452
-1
sudo ssh-keygen #type Enter everywhere
sudo cat /home/root/.ssh/ id_dsa.pub >> .ssh/authorized_keys

/etc/rc.local add string:

echo "ssh socks 192.168.0.1:8000" ; sudo ssh -fND 192.168.0.1:8000 localhost
user189643
  • 1
  • Please bear in mind that the set up of a ssh key is dedicated. Blindly accepting all the prompts without reading what is being done could compromise your service/system. – Braiam Sep 08 '13 at 01:33