Systemd ssh Reverse Tunnel on Debian 9 Stretch

I have used rc.local for years to setup an ssh reverse tunnel on boot under Debian up until Stretch. Now like many others I imagine, I’ve had to convert to systemd.

I read everything I could about the choice for deprecating rc.local for systemd. I can say that systemd may be powerful, but systemd’s complexity entails a huge learning-curve for the average user. And no two distributions work the same. What (little) bits of advice I found for Debian were very different from Arch, Ubuntu, RedHat. I tried them all – a great time suck. I ultimately could not get the autossh tunnel to work from within the .service file. Systemd would not allow autossh to get the port I needed and when it did, it shut it down right away. I gave up after a wasted Sunday and reverted to using the bash script instead. If you can figure it out (for Debian 9 Stretch) good for you! – put a link in comments.

How I made it work on Debian Stretch. Hope it helps you.

Step 1 – the Bash Script /usr/local/bin/onboot.sh

#!/bin/bash
autossh -N -f -M 10000 -L 3309:127.0.0.1:3306 -i /home/user/.ssh/id_rsa -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no user@seleads.com -p 10002 &

chmod 555

Step 2 – the service file /etc/systemd/system/sshtunnel.service

[Unit]
Description=SSH tunnel for mysql
After=network.target

[Service]
Type=oneshot
User=user
ExecStart=/usr/local/bin/onboot.sh
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

chmod 644

Step 3 – the don’t forget part

systemctl daemon-reload

systemctl enable sshtunnel.service

Step 4 – test

systemctl start sshtunnel.service

Step 5 – reboot ( live test )