How can I create an ssh tunnel without having to open a shell connection?

Question

I can easily create a tunnel using the terminal client like so:

$ sshg3 -L 8080:myserver:80

This will forward traffic from my local host on port 8080 to port 80 on myserver, however it requires that I leave this terminal connection open for the duration of the tunnel.

How can I have this tunnel created without having to always open a terminal connection?

Accepted Answer

One way to do this is by using static tunnels in Tectia Connection Broker.

Edit (or create) your broker configuration:

$HOME/.ssh2/ssh-broker-config.xml

You'll need to create a profile for the server that the tunnel will use:

<profile  id="id1" 
         user="joe" 
         host="myserver" />

Next you'll need to define a static tunnel specifying your tunnel parameters (the same values given on the command line above):

<static-tunnels>
 <tunnel type="TCP"
         listen-port="8080"
         dst-host="myserver"
         dst-port="80"
         allow-relay="no"
         profile="id1"/>
</static-tunnels>

And finally start the connection broker:

$ ssh-broker-g3

Now (as long as ssh-broker-g3 is running) when connecting, for example with a browser, to local port 8080 the tunnel will be opened to port 80 on host myserver without the need to start a separate terminal connection.

Since the application using the tunnel cannot provide the password for the SSH connection you'll also want to setup a non-interactive authentication method such as public key and unlock the key after starting the connection broker. See the command:

$ ssh-broker-ctl key-passphrase --help

Or alternatively use an empty-passphrase public key.

How can I create an ssh tunnel without having to open a shell connection?

Follow this question

Related questions