Bulletproof SSH Tunnel using Cygwin and AutoSSH

Ever try to get around those pesky firewalls at work? Well here is a way to setup permanent SSH tunnels that will self heal! The main reason I set this up was so that I wouldn’t have to keep setting up firewall holes in my remote routers. All of my systems now phone home and allow me to always have permanent connections.

You will need the following:

• autossh
• cygwin on Windows 7
• cygrunsrv on cygwin
• cron on cygwin
• openssh on cygwin

Setup your shared keys between your servers. Make sure you are using the same user across both machines.

• ssh-keygen.exe -t rsa
• scp ~/.ssh/id_rsa.pub to your remote host and put in ~/.ssh/authorized_keys2 file
• test “ssh user@remotehost”

Setup autossh on Cygwin

• just install it from repository

Create a tunnel script on your originating server.
/home/user/tuncheck.sh

a=(`ps -ef | grep autossh | grep -v grep`)
if [ ! “$a” ]; then  /usr/bin/autossh.exe -M 10984 -N -f -R 6666:localhost:22 user@remotehost -p 40022 &
fi

Install CRON for Cygwin and run cron-config to setup cron. Just take the defaults but add your username and password.

• run cygwin setup.exe to install cron
• run “cron-config” to setup cron
• start up the cron service “net start cron”

Add the check script to the users’ crontab

• crontab -e
• * * * * /home/user/tuncheck.sh
• run “crontab -l” to verify

Verify operation

• on originating server run “ps -ef |grep auto”
• You should see the process running “14:50:01 /usr/bin/autossh”
• on remote server run “ssh -p 6666 user@localhost”
• You should get logged onto the originating server.

Dont forget to turn off your power management on the originating server. Needs to stay alive!

Enjoy!