Docker Compose SSH Tunnels

This is a containerized alternative to setting up SSH tunnels. Previously, I have used an autossh script to handle managing reverse SSH connections in order to forward ports for various services. This is an attempt to create a system that is more hardware-agnostic and flexible.

Setup

First, copy and modify the tunnel_config.sh.sample file in the run\ directory.

cd run
cp tunnel_config.sh.sample tunnel_config.sh

OUT_PORTS

This is an array that contains the ports you want to expose on the remote end of the reverse SSH connection.

IN_PORTS

This is an array that contains the ports you want to tunnel from the host machine.

Ex: If I want to forward the default SSH port on my host machine (the one running the container) to some remote machine on port 420, I add 420 to the OUT_PORTS array and 22 to this array.

USERNAME

This should be the username you need to connect to the remote machine as.

HOSTNAME

This should be the hostname of the remote machine.

IDENTITYFILE

This is the path to the SSH keys in your container. The default path is $HOME/.ssh/id_rsa

---

Then, you should add your private/public SSH keys, SSH config, and known_hosts files to ssh in the root directory of this repository.

mkdir ssh
cp ~/.ssh/id_rsa* ssh/
cp ~/.ssh/known_hosts ssh/
cp ~/.ssh/config ssh/

---

Lastly, make sure you set the user and group permissions for the directories to 969.

chown -R 969:969 ssh/ run/

Installation

You will need to first build the docker image, since this project is only used in a personal capacity and no published image is currently available.

docker build -t ssh-tunnels .

Usage

Once the image has been built, you can start the service by using docker-compose.

docker-compose up --build -d