0

Two computers:

  1. Desktop-Ubuntu; fixed local IP, connected to a modem with port 22 open and forwarding to it. Because of dynamic IP I have a no-ip account. So domain-Desktop-Ubuntu.com forwards incoming requests to this computer.
  2. Remote Raspberry Pi 3 connected to a cellular network that has all incoming requests closed by ISP.

I need SSH access from Desktop-Ubuntu to RPi. Because it is not possible directly I built a tunnel. After all sort or tries to get it work persistently (autossh e.g.), this is my schema:

At RPi:

sshd_config:

 ClientAliveInterval 120     
 ClientAliveCountMax 720

Crontab each 5 minutes to check if ssh process ID is not null.
screen is used to keep ssh output is a separate shell window. 

*/5 * * * * /bin/sh /path-to/check-ssh-tunnel.sh

check-ssh-tunnel.sh:

COMMAND="/usr/bin/screen -dmS ssh-Ubuntu /usr/bin/ssh -R 2255:localhost:22 user@domain-Desktop-Ubuntu.com -g"
COMMAND_SSH="/usr/bin/ssh -R 2255:localhost:22 domain-Desktop-Ubuntu.com -g"
PID=$(/usr/bin/pgrep -f -x "$COMMAND_SSH")
if [ "$PID" = "" ]
then
    $COMMAND
fi

Here's the related ps aux | grep ssh I get 3 hours after reboot:

pi        2128  0.0  0.2   5396  2252 ?        Ss     08:25     0:00 /usr/bin/SCREEN -dmS ssh-Desktop-Ubuntu /usr/bin/ssh -R 2255:localhost:22 user@domain-Desktop-Ubuntu.com -g  
pi        2130  0.0  0.5   9132  4748 pts/0    Ss+  **08:25**   0:00 /usr/bin/ssh -R 2255:localhost:22 user@domain-Desktop-Ubuntu.com -g

If I kill 2128 cron works and:

pi        4755  0.0  0.2   5396  2092 ?        Ss     11:25     0:00 /usr/bin/SCREEN -dmS ssh-Desktop-Ubuntu /usr/bin/ssh -R 2255:localhost:22 user@domain-Desktop-Ubuntu.com -g     
pi        4756  0.0  0.5   9132  4840 pts/0    Ss+  **11:25**   0:00 /usr/bin/ssh -R 2255:localhost:22 user@domain-Desktop-Ubuntu.com -g

To access RPi from Desktop-Ubuntu: 

ssh -p 2255 pi@localhost

My problem is that this connection acts random:

  • sometimes it ask for a password and I get connected
  • sometimes ssh: connect to host localhost port 2255: Connection refused
  • sometimes it takes a long time to finally output ssh_exchange_identification: read: Connection reset by peer After retry: Connection refused.

Back to RPi nothing seems to be changed:

$ screen -r      # to get the ssh window
user@domain-Desktop-Ubuntu.com~$ ssh -p 2255 pi@localhost
ssh: connect to host localhost port 2255: Connection refused

At this time and for all those tests I am managing RPi remotely using Teamviewer. For some reasons I don't want to use it in the future unless it would be absolutely necessary. That's why I need a SSH tunnel.

What is wrong? How to make the tunnel work reliably?

Kamil Maciorowski
  • 81,893
dstonek
  • 173

0 Answers0