I am trying to set up a double-ssh tunnel between two hosts, so I can proxy traffic through it.
Using the normal SSH command, I have gotten the following to work:
ssh -t -L2000:localhost:2000 user@host1 ssh -D 2000 differentuser@host2
My understanding of this command is "forward my local port 2000 to port 2000 on the first remote host, then treat the local port 2000 on the first remote host as a SOCKS proxy to the second remote host". I have copied the relevant public keys to each host so that each step requires no password.
This works fine, until one of the connections drops. I then tried using autossh to get around this, eg:
autossh -t -L2000:localhost:2000 user@host1 autossh -D 2000 differentuser@host2
But it kept displaying:
bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 2000
I did get a shell prompt from the second host however, but the tunnel was not working. I then tried using different ports between the first and second hosts like so:
autossh -t -L2000:localhost:2001 user@host1 autossh -D 2001 differentuser@host2
This produced no errors, but the resulting tunnel still did not work.
Doing the steps manually, eg:
autossh -L2000:localhost:2000 user@host1
and then on host 1:
autossh -D 2000 differentuser@host2
works perfectly. I would, however, like to do it all using one command so I can script it.
Can anyone help me get autossh to perform the same behaviour as regular ssh?
Thanks!
Best Answer
Very good question. I've just done a bit of testing and it looks like
ssh
andautossh
treat the final "command" part of the command line differently. For example:autossh
is parsing the final command and interpreting the flags, rather than leaving them alone likessh
does. In this case, it interprets-l
as the flag to specify the remote user. In your case, it is interpreting the-D
as an option to the firstautossh
, not the second.You can get around this by putting the command part in quotes. In your example: