audibleblink Posted January 25, 2016 Share Posted January 25, 2016 (edited) Frontend for autossh. In development Released - View/edit autossh configs - start/stop/enable/disable - create ssh key pairs - adds remote server to known_hosts https://github.com/audibleblink/autossh Edited February 3, 2016 by audibleblink 1 Quote Link to comment Share on other sites More sharing options...
Laststand Posted February 5, 2016 Share Posted February 5, 2016 Thank you and excellent module! How do I regen the key pair for a different user? Thanks in advance, LS Quote Link to comment Share on other sites More sharing options...
audibleblink Posted February 5, 2016 Author Share Posted February 5, 2016 I'm adding the option to delete/regenerate existing keys in the next version. For now, ssh in and run rm /root/.ssh/id_rsa.autossh* Refresh the page and you should see the generate button again. 1 Quote Link to comment Share on other sites More sharing options...
Laststand Posted February 5, 2016 Share Posted February 5, 2016 I'm adding the option to delete/regenerate existing keys in the next version. For now, ssh in and run rm /root/.ssh/id_rsa.autossh* Refresh the page and you should see the generate button again. Thank you! Quote Link to comment Share on other sites More sharing options...
_OuTLaW_ Posted February 6, 2016 Share Posted February 6, 2016 audibleblink, would it be possible to set not just one remote and local forward? I've tried a few combinations and it just messes things up. so I've resorted to the straight setup you've mentioned before in another post, for both my ssh and gui tunnel to my server.. works great. perhaps you can add additional ports tab or option for both. Quote Link to comment Share on other sites More sharing options...
audibleblink Posted February 6, 2016 Author Share Posted February 6, 2016 (edited) As it stands, the module only creates one remote forward from a relay (Computer B) back to the Pineapple's (Computer A) local SSH port. Once you access the Pineapple (A) from a different remote machine ©, you can create forwards as you need them; like a web GUI forward. From machine ©, run: # this assumes you've enabled GatewayForwarding on your Relay(B) ssh -L 1471:localhost:1471 root@<pineapple_ip> -p <remote_forwarded_port> Now on ©, you can browse 'localhost:1471' to get the GUI. When you're done managing the Pineapple (A), you can close that connection since you won't be using it. I'm not sure I like the idea of making it easier to forward more ports than necessary. You only really need the one, since from the one, you can spawn many. That said, you're not the first to ask for this. The module has a 'command will run' section that shows you what the module will end up running. You're perfectly free to copy that command, add the forwards you want, and then place that command in /etc/rc.local. This will autostart autossh on boot with your configuration. You could even delete the module at that point. A command with multiple forwards would look something like this autossh -M 20000 -i /root/.ssh/id_rsa.autossh -N -T -R 2222:localhost:22 -R 1471:localhost:1471 root@relayserver.com -p 22 Be sure to background the command with an '&' if you end up putting in /etc/rc.local. Thanks for the feedback. It's something I've really considered, but ultimately decided against for various reasons, excluding my paranoia. =P Edited February 6, 2016 by audibleblink Quote Link to comment Share on other sites More sharing options...
audibleblink Posted February 6, 2016 Author Share Posted February 6, 2016 Thank you! Welcome! Just submitted v1.2 to seb which has a delete/regen button. Thanks for the feedback! =D Quote Link to comment Share on other sites More sharing options...
_OuTLaW_ Posted February 6, 2016 Share Posted February 6, 2016 Darn phone, audibleblink the command in the rc file is the way i went. Ive found from time to time after rebooting with two relays on the gui page it doesnt always keep and i end up with no relay. So thats how i went right to rc.local to just make sure it was always going to work. Quote Link to comment Share on other sites More sharing options...
Fallen Archangel Posted February 10, 2016 Share Posted February 10, 2016 (edited) Is there a guide on using this somewhere? I'm trying to set this up but I'm a bit of a noob when it comes to this.I have three devices here. A - Pineapple B - Ubuntu Server, remotely accessible on port 22 and 2222. C - Windows desktop with SSH client. I'm under the impression that I should be able to open my ssh client on A, and connect to B on port 2222 and get a shell on C. Am I doing this wrong? Whenever I try to connect to B on port 2222, its refused. It seems like nothing is listening on the port. All of my devices are in each others known hosts/authorized keys, so that shouldn't be a problem.Here is a picture of my configuration screen on the module, just in case it helps. The no-ip.org address is my connection to B. UPDATE:I think I get it now.If I ssh from C (Windows) to B(SSH server) I'm now connected to the middleman sitting in between me and the pineapple.Then on B, I run 'ssh -p 2222 root@127.0.0.1' and I get access to C (Pineapple). Kinda weird, but I guess it works. Next step if finding out how to get to the pineapple gui from there.UPDATE UPDATE: A few reboots later and now it's working like I originally though it would?ssh -p 2222 root@Bconnects me to A (Pineapple)Now I just need to figure out how to get B:8080 to go to A:1471 Edited February 10, 2016 by Fallen Archangel Quote Link to comment Share on other sites More sharing options...
_OuTLaW_ Posted February 10, 2016 Share Posted February 10, 2016 autossh -i ~/.ssh/id_rsa.autossh -N -T -R 2022:localhost:22 -R 1472:localhost:1471 <<RELAY USER>>@<<YOUR RELAY IP>> -p 22 just add in an extra route with -R and use the port you want and point it to 1471 the pineapple GUI port. after you add that you can point your browser to your relay server at whatever port you set it at in my case i used 1472 so it would look like http://someserver.com:1472 if you are using autossh module. on the command line add it in. and save. it should work from there. Quote Link to comment Share on other sites More sharing options...
audibleblink Posted February 10, 2016 Author Share Posted February 10, 2016 If you want access to the GUI from the Windows machine, I would suggest binding the Pineapple's 1471 to Window's localhost. Configure PuTTY to run the following: ssh -L 8080:localhost:1471 root@B -p 2222 Then on your windows machine, access localhost:8080. Some Benefits here over making the Pineapple's 1471 bind to B's 8080 with the -R flag: - Your interface isn't open and free on the Internet - Traffic is encrypted "end-to-end". v1.0.5 doesn't have SSL yet Glad you got it working! Quote Link to comment Share on other sites More sharing options...
Fallen Archangel Posted February 10, 2016 Share Posted February 10, 2016 (edited) autossh -i ~/.ssh/id_rsa.autossh -N -T -R 2022:localhost:22 -R 1472:localhost:1471 <<RELAY USER>>@<<YOUR RELAY IP>> -p 22 just add in an extra route with -R and use the port you want and point it to 1471 the pineapple GUI port. after you add that you can point your browser to your relay server at whatever port you set it at in my case i used 1472 so it would look like http://someserver.com:1472 if you are using autossh module. on the command line add it in. and save. it should work from there. Thank you, adding this to rc.local let it run at boot. (The module doesn't allow you to change the "command to run" itself without editing the .js) If you want access to the GUI from the Windows machine, I would suggest binding the Pineapple's 1471 to Window's localhost. Configure PuTTY to run the following: ssh -L 8080:localhost:1471 root@B -p 2222 Then on your windows machine, access localhost:8080. Some Benefits here over making the Pineapple's 1471 bind to B's 8080 with the -R flag: - Your interface isn't open and free on the Internet - Traffic is encrypted "end-to-end". v1.0.5 doesn't have SSL yet Glad you got it working! I'll give this a shot, I need to be learning all of this stuff anyways, so here a good excuse for me to do so. Edited February 10, 2016 by Fallen Archangel Quote Link to comment Share on other sites More sharing options...
audibleblink Posted February 11, 2016 Author Share Posted February 11, 2016 Thank you, adding this to rc.local let it run at boot. (The module doesn't allow you to change the "command to run" itself without editing the .js) For future readers, That box is there just so people would know what gets run. (or so they can copy/paste/modify and place it in their rc.local ) I should make that clearer in the next release. In any case, the module doesn't actually run what's in the box. That would be a huge security concern without also implementing crazy amounts of input sanitization (or ssl). Also, be sure to disable 'run on boot' if you've pasted your desired command into rc.local, otherwise init.d will still try to run autossh with the settings in /etc/config/autossh. Quote Link to comment Share on other sites More sharing options...
WiFiJuice Posted February 24, 2016 Share Posted February 24, 2016 This videos are for the LAN Turtle (actually the best ones from Darren I seen), however I find them essential for setting up AutoSSH. Everyone on this forum should check them out: and 1 Quote Link to comment Share on other sites More sharing options...
Fallen Archangel Posted March 2, 2016 Share Posted March 2, 2016 The SSH server I'm using this with has a banner that authentication banner that displays whenever you connect with ssh (Just the standard, "Hey don't mess with this device!" type message). Will autossh still work with this server? If not, is there anything I can do about this, aside from removing the banner? Thanks! Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 2, 2016 Author Share Posted March 2, 2016 Shouldn't matter regardless but `autossh` runs with the "-N -T" flags so the banner code might not even get called -T Disable pseudo-tty allocation. -N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2 only). 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.