Skip to content

Document reverse_tunnel_key creation for the SSH reverse tunnel post (#139)#155

Merged
simlarsen merged 1 commit into
masterfrom
fix/reverse-tunnel-key-issue-139
Jun 25, 2026
Merged

Document reverse_tunnel_key creation for the SSH reverse tunnel post (#139)#155
simlarsen merged 1 commit into
masterfrom
fix/reverse-tunnel-key-issue-139

Conversation

@simlarsen

Copy link
Copy Markdown
Contributor

The SSH reverse tunnel post referenced /home/tunnel-user/.ssh/reverse_tunnel_key in the autossh systemd unit but never explained how to create it (#139).

This adds a "Creating the Tunnel Key" section before the systemd unit, walking less-experienced readers through:

  • Generating a dedicated ed25519 keypair at the exact path the unit expects: ssh-keygen -t ed25519 -f /home/tunnel-user/.ssh/reverse_tunnel_key -N "".
  • Setting correct ownership and permissions (.ssh 700, private key 600).
  • Installing the public key into the remote tunnel@203.0.113.10 account's authorized_keys with reverse-forwarding-only restrictions (restrict,port-forwarding,permitlisten="127.0.0.1:2222").
  • Pre-seeding the server's host key into known_hosts so the unattended service works with StrictHostKeyChecking=yes.

All commands and paths match names already used in the post. Verified against the OpenSSH man pages for ssh-keygen, sshd, and ssh-keyscan. npm run validate passes.

Resolves #139

@simlarsen simlarsen merged commit acfda59 into master Jun 25, 2026
2 checks passed
@simlarsen simlarsen deleted the fix/reverse-tunnel-key-issue-139 branch June 25, 2026 20:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

reverse tunnel needs an explanation on reverse tunnel key creation

2 participants