I have a set-up with a LDAP-sever (ldapserver
) behind a strict firewall, and a webapplication running on a sever (appserver
) outside that firewall that needs to authenticate using that LDAP-sever.
I have successfully used a third server (tunnelserver
) as in intermediate, setting up a SSH-tunnel between appserver
and ldapserver
by running the following command on tunnelserver
:
ssh username@appserver -R 28420:ldapserver:389
The only issue is that occasionally I get a broken pipe, and lose the SSH-tunnel.
A solution seems autossh, but my limited SSH-knowledge barely managed to get the tunnel working, and seems insufficient to correctly respecify the options for autossh
.
Any tips?
Best Answer
The parameters are basically the same (
autossh
passes them directly tossh
). Remove-f
if you don't wantautossh
to background itself. You probably want the-N
option to not execute a shell on the server. Select a free port for the-M
option (the port one above that must also be free). On Debian/Ubuntu you can omit this because the package includes a wrapper script which automatically selects a free port.