#!/bin/sh - # # $Id: ssh-tunnel,v 1.2 2005/01/27 05:36:46 dgregor Exp $ # # Copyright (c) 2000-2004 Daniel J. Gregor, Jr. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # - Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE # COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # # # # This script is a tool for people who need to setup SSH[1] sessions through # which they tunnel other traffic, but want to keep the original "tunnel" # session tucked away. It uses GNU Screen[2] to setup a single virtual # terminal for each tunnel session. On the remote end, it executes a script # called nothing[3], which is used to keep the session alive by sending a # null character or the date every sixty seconds (useful to keep firewall # and NAT session timeouts from occurring). The details of configuring # the tunnels[4] in SSH for are left to the user. # # References: # [1] OpenSSH: # http://www.openssh.org/ # # [2] GNU Screen: # http://www.gnu.org/software/screen/ # # [3] "nothing" script: # http://www.gregor.com/download/scripts/nothing # # [4] ssh_config man page: # http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config # # # How to install: # # 1) Put this script in your path somewhere. I'm a fan of $HOME/bin. # # 2) Create an entry in your $HOME/.ssh/ssh_config directory for the # tunnel session. I usually name it something like "-forward". # This is what you put in the "Host" specification. E.g.: # Host loginserver-forward # Hostname loginserver.example.com # LocalForward ... ...:... # ... # See [4] for details on configuring tunnels. # # 3) Create a symblic link from ssh-tunnel to the name that you used above # for the SSH configuration. E.g.: # cd $HOME/bin # ln -s ssh-tunnel loginserver-forward # # 4) Grab the nothing script from [3] and install it on the remote server. # If you put the nothing script somewhere other than the home directory # remote server, edit this script and fix the "remote_nothing" variable. # # # To use: # # Just type "-forward" or whatever you called the SSH session. E.g.: # loginserver-forward # # See the man page for "screen" for details on its escape character and # how to change it. To disconnect from screen, you use "CTRL-A d" (that's # Control-A and then the "d" character) by default. To reconnect, just # execute the command for the session again as you had done so before. # remote_nothing="./nothing" us="`basename $0`" if [ $# -gt 0 -a x"$1" = x"-c" ]; then while [ 1 ]; do echo -e "Connect? (Y/n): \c" read answer if [ x"$answer" = x"n" -o x"$answer" = x"N" ]; then exit 0 fi ssh $us $remote_nothing -d done else screen -r -d $us || screen -S $us $0 -c fi