프로그램 사용/ssh scp sftp
리버스 ssh + autossh
구차니
2026. 5. 11. 18:06
아따 많이도 찾아봤었네 -_-
집에는 라즈베리 하나 켜놓고 회사에 켠 녀석을 집으로 SSH 접속하게 하고
집에서는 내부 아이피로 역으로 접속할수 있는 시스템을 만들려고 하는 중
[링크 : https://manpages.ubuntu.com/manpages/jammy/man1/autossh.1.html]
[링크 : https://lstm.tistory.com/10]
[링크 : https://m.clien.net/service/board/cm_linux/4344761]
[링크 : https://sangwonyoon.tistory.com/m/entry/Autossh로-SSH-연결-유지하기]
2018.05.14 - [프로그램 사용/ssh scp sftp] - reverse SSH
2021.01.03 - [프로그램 사용/ssh scp sftp] - reverse ssh
-------------------
2026.05.13
아래 링크의 옵션 참조했음
[링크 : https://donotlimityourself.tistory.com/33[
private(회사)
원격지에 2222 포트로 현재 pc의 22번 포트를 돌린다~ 라는 의미 인듯한데
그래서 listen에 추가로 포트가 열리지도 않았고, 정상적으로 실행이 되는 건가 보다.
| $ ssh minimonk@집SSH도메인 -p 8022 -f -N -T -R 2222:localhost:22 minimonk@집SSH도메인's password: $ ps -ef | grep ssh root 900 1 0 5월12 ? 00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups root 2298 900 0 5월12 ? 00:00:00 sshd: minimonk [priv] minimonk 2385 2298 0 5월12 ? 00:05:27 sshd: minimonk@pts/0 root 5656 900 0 5월12 ? 00:00:00 sshd: minimonk [priv] minimonk 5735 5656 0 5월12 ? 00:00:00 sshd: minimonk@pts/7 minimonk 10717 1 0 09:58 ? 00:00:00 ssh minimonk@집SSH도메인 -p 8022 -f -N -T -R 2222:localhost:22 minimonk 10719 5736 0 09:58 pts/7 00:00:00 grep --color=auto ssh $ netstat -tnlp (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:39557 0.0.0.0:* LISTEN 3128/language_serve tcp 0 0 127.0.0.1:5803 0.0.0.0:* LISTEN 5350/llama-server tcp 0 0 127.0.0.1:38605 0.0.0.0:* LISTEN 3128/language_serve tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:45837 0.0.0.0:* LISTEN 6184/language_serve tcp 0 0 0.0.0.0:7860 0.0.0.0:* LISTEN 5584/venv/bin/pytho tcp 0 0 127.0.0.1:36141 0.0.0.0:* LISTEN 6184/language_serve tcp 0 0 127.0.0.1:36197 0.0.0.0:* LISTEN 6184/language_serve tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:44747 0.0.0.0:* LISTEN 3016/antigravity tcp 0 0 127.0.0.1:35159 0.0.0.0:* LISTEN 6061/exe tcp 0 0 127.0.0.1:34279 0.0.0.0:* LISTEN 3016/antigravity tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN - tcp6 0 0 :::5900 :::* LISTEN 1502/gnome-remote-d tcp6 0 0 ::1:631 :::* LISTEN - tcp6 0 0 :::8080 :::* LISTEN 5256/./llama-swap tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:6010 :::* LISTEN - tcp6 0 0 ::1:6012 :::* LISTEN - tcp6 0 0 :::3389 :::* LISTEN 1502/gnome-remote-d |
public(내 집)
| 접속전 $ netstat -tnlp (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp6 0 0 :::22 :::* LISTEN - 접속후 $ netstat -tnlp (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:2222 0.0.0.0:* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:2222 :::* LISTEN - |
SSH 옵션을 보면 -fNTR 에서 -f이 백그라운드로 뜨게 하느것이고
NT는 터미널 관련, 명령 실행 관련
R은 원격지 포트에 내껄 붙인다는 의미
역시 NTR은 좋은것이여... (응?)
| -f Requests ssh to go to background just before command execution. This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background. This im‐ plies -n. The recommended way to start X11 programs at a remote site is with something like ssh -f host xterm. If the ExitOnForwardFailure configuration option is set to “yes”, then a client started with -f will wait for all remote port for‐ wards to be successfully established before placing itself in the background. Refer to the description of ForkAfterAuthentication in ssh_config(5) for details. -N Do not execute a remote command. This is useful for just for‐ warding ports. Refer to the description of SessionType in ssh_config(5) for details. -T Disable pseudo-terminal allocation. -R [bind_address:]port:host:hostport -R [bind_address:]port:local_socket -R remote_socket:host:hostport -R remote_socket:local_socket -R [bind_address:]port Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side. |
이제 autossh를 설치하고
| $ sudo apt-get install autossh Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: autossh 0 upgraded, 1 newly installed, 0 to remove and 47 not upgraded. Need to get 29.2 kB of archives. After this operation, 89.1 kB of additional disk space will be used. Get:1 http://kr.archive.ubuntu.com/ubuntu jammy/universe amd64 autossh amd64 1.4g-1 [29.2 kB] Fetched 29.2 kB in 0s (217 kB/s) Selecting previously unselected package autossh. (Reading database ... 322586 files and directories currently installed.) Preparing to unpack .../autossh_1.4g-1_amd64.deb ... Unpacking autossh (1.4g-1) ... Setting up autossh (1.4g-1) ... Processing triggers for man-db (2.10.2-1) ... |
public 쪽에 로그인이 되도록 키를 복사하려는데 안되네 -_-???
아무튼 키를 생성하고 해주면 끝
| $ ssh-copy-id -p 8022 minimonk@집SSH도메인 /usr/bin/ssh-copy-id: ERROR: No identities found $ ssh-keygen |
-f 를 넣으면 키를 넣어줘도 로그인이 안되서 일단 빼고 하니 되긴한데..
| $ autossh -M -0 -o "ServerAliveinterval 30" -o "ServerAliveCountMax 3" -T -R 2222:localhost:22 minimonk@집SSH도메인 -p 2022 |
[링크 : https://sangwonyoon.tistory.com/entry/Autossh로-SSH-연결-유지하기]
autossh가 죽으면 어쩌지 싶어서 데몬으로 된 거 없나 찾아 봐야 할 듯.
[링크 : https://tecadmin.net/autossh-persistent-ssh-connections/]
+
여러 번의 인자를 사용하면 복수의 포트를 포워딩 할 수 있다.
| ssh remote-host -L 8822:REMOTE_IP_1:22 -L 9922:REMOTE_IP_2:22 |
[링크 : https://stackoverflow.com/questions/29936948/ssh-l-forward-multiple-ports]