to be able to SSH (by key, not password) into one of your servers (server B) from the other server (server A).Connecting these via a VPN is a good choice here, but another (simpler?) option is to create an SSH tunnel between the servers - especially if you already SSH into both servers.īelow we'll create a simple systemd service that will create an SSH tunnel between two servers and restart itself if the connection is severed. So basically I needed to connect these two separated servers securely as if they were on the same network. Start the ssh tunnel using autossh: autossh -f -D 5555 -N -M 0 Testing. scrape metrics with be traversing over the internet unencrypted). Imaging the sitaution that we need to access services behind NAT/firewall, how to achieve it. Now I could have just opened a port to the prometheus exporter on the VPS server. The only prerequisite is that you need to have public key authentication configured between your systems unless you want to be prompted for a password every time the connection dies and is re-established. Persistent SSH Tunnel is a straightforward application dsignd to provid a solution to disconnctd tunnls. You can now sent traffic to 127.0.0.1:9999 on your localhost and that traffic will flow through the SSHSERVER to REMOTEHOST:PORT. To prevent the possibility of trying to open a failed SSH. You might have need to create a secure, persistent connection between two servers over an (unsecured) network (like the internet).Īn actual example of this was when I needed to scrape prometheus metrics to my home server from an VPS server I have with a cloud provider (which is many miles kms away from where I am). Persistent SSH tunnels (Using Autossh) Autossh is a tool that can be used to create persistent SSH tunnels. Needs to be greater than ServerAliveInterval or and ClientAliveInterval, especially for tunnels.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |