auto ssh connexion with supervisor

Question

I want my Linux computer to automaticly create an ssh tunnel to a server. I have created keys, everything works fine if i connect by hand.

Here what i tried in supervisor.conf on the client computer:

[program:mycommand]
command=autossh -f -nNT -i /home/<myuser>/.ssh/id_rsa -R 20001:localhost:22 ssh1@<myserver_ip_address>
user=<myuser>

or

[program: mycommand]
command=ssh -i /home/<myuser>/.ssh/id_rsa -R 20001:localhost:22 ssh1@<myserver_ip_address>
user=<myuser>
autostart=true
autorestart=true
stopsignal=KILL

It works in both case, but, sometimes, i lost connexion (in both case). I need to reboot the serveur or the client computer. What should i do in order to detect that my ssh tunnel is down and launch again the command ?

Thanks

[This](http://stackoverflow.com/a/26470428/1072112) might provide some tips for improving your relationship with ssh. — ghoti, May 04 '17 at 10:41

danny · Answer 1 · 2017-05-04T10:37:12.717

1

Change command to:

command=autossh -M 0 -NT -i /home/<myuser>/.ssh/id_rsa -R 20001:localhost:22 ssh1@<myserver_ip_address>

Added -M 0, removed -f and -n.

That will cause ssh to be restarted when server connection times out.

Timeout check interval is configured by the ServerAliveInterval and ServerAliveCountMax client options in /etc/ssh/ssh_config, for example:

/etc/ssh/ssh_config

Host *
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null
  ServerAliveInterval 60
  ServerAliveCountMax 5

edited May 04 '17 at 10:37

answered May 02 '17 at 16:23

danny

5,140
1
19
31

It is exactly the same. I see multiple autossh process on the client computer. Is this normal ? Thanks – Bob5421 May 03 '17 at 07:49
Have edited answer. The above command is what I'm using for a similar purpose. It's normal for there to be two autossh processes on the client per autossh command, yes. If it doesn't work for you, you might need to adjust your ssh_config settings per above. From autossh man page, `-f` implies `-M 0` so the two should be equivalent. – danny May 04 '17 at 10:48
It works about 1h and then nothing. I can see this error in supervisor log: Warning: remote port forwarding failed for listen port: 20001. In fact i am wondering if there is not a zombie process which keeps 20001 port even if connexion is down. When a new process try to launch again ssh, the 20001 port is not aviable.. – Bob5421 Jun 27 '17 at 11:54

Krzysztof Wesołowski · Answer 2 · 2020-02-07T13:59:31.123

1

You can take a look at TunMan, a tunnel supervisor - spawns, performs health checks, restarting not working tunnels, works in Docker.

https://github.com/riotkit-org/tunman

edited Feb 07 '20 at 13:59

answered Sep 27 '19 at 07:01

Krzysztof Wesołowski

407
7
13

auto ssh connexion with supervisor

2 Answers2