How can I autostart a SSH -D tunnel at login for a SOCKS proxy?
I know that if I want to start an SSH tunnel
ssh -d 9000 user@userserver
This is one solution for a dynamic tunnel to be opened on port 9000 for a user named "user" on the host "userserver"
However, how can I automate this process in Ubuntu so that I don't have to open up a terminal every time I log in and start the tunnel? I want to be SSH'd the moment I log in.
I know I could create a bash file but wouldn't I have to store my server user's password in plaintext as I would be prompted for it after the initial command?
Solution 1:
-
Set up password-less SSH login according to this answer:
ssh-keygen(you will be prompted for a password, leave it blank)ssh-copy-id user@userserver(enter your SSH login password for the last time)
Add an startup entry for SSH:
Solution 2:
How about using an ssh-key setup, as Source Lab suggested, but setting up your key with a pass phrase and make sure ssh-agent is running on your machine so it only needs to be entered once per login session.
There's a few advantages doing it that way: - You can get automated password-less login (apart from first boot/login) whenever you issue your ssh command - Your key has a pass phrase so it's safer - Using pub/private keys is very standard and will be supported by most SSH Server installations
To set up SSH key authentication:
- https://help.ubuntu.com/community/SSH/OpenSSH/Keys
To use ssh-agent/keychain (to cache the pass-phrase throughout the login session):
- http://www.cyberciti.biz/faq/ssh-passwordless-login-with-keychain-for-scripts/
As far as automating the tunnel creation on startup, one idea might be to create a quick shell script which starts the tunnel:
~$ sudo cat <<EOF >> /usr/local/bin/start_tunnel.sh
ssh-add # ensure key is added to agent
ssh -D 9000 user@userserver # substitute real server in here (of course)
EOF
~$ chmod +x /usr/local/bin/start_tunnel.sh
Then add it as a startup program (System -> Preferences -> Startup Applications), should work, anyway!