Skip to content

Instantly share code, notes, and snippets.

@itay-grudev

itay-grudev/ssh-backdoor.conf

Last active April 24, 2023 03:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save itay-grudev/c7032efcc1850280fab0bc3a2ea0a214 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save itay-grudev/c7032efcc1850280fab0bc3a2ea0a214 to your computer and use it in GitHub Desktop.
Download ZIP
Systemd Service for SSH Backdoor for remote access to systems without a real IP via external server
Raw
ssh-backdoor.conf
# /etc/ssh-backdoor/ssh-backdoor.conf
REMOTE_BINDPORT=12345
REMOTE_HOST=user@example.com
REMOTE_PORT=22
LOCAL_HOST=localhost
LOCAL_PORT=22
SSH_KEY=/etc/ssh-backdoor/ssh-backdoor.key
Raw
ssh-backdoor.md

Usage

To connect to your machine all you need to do is connect to localhost:REMOTE_BINDPORT from your server like so:

ssh user@localhost -p $REMOTE_BINDPORT

Installation

Copy the file contents to their designated directories. Make sure they are owned by the root user.

sudo mkdir -p /etc/ssh-backdoor
sudo wget https://gist.githubusercontent.com/itay-grudev/c7032efcc1850280fab0bc3a2ea0a214/raw/bbe12eb68c1a8e4078e08a4e518a0c43a08f5cd1/ssh-backdoor.conf -O /etc/ssh-backdoor/ssh-backdoor.conf
sudo chown root /etc/ssh-backdoor/ssh-backdoor.conf
sudo wget https://gist.githubusercontent.com/itay-grudev/c7032efcc1850280fab0bc3a2ea0a214/raw/f9a7043355f20970670e6dd8dd13be28321e3f49/ssh-backdoor.service -O /lib/systemd/system/ssh-backdoor.service
sudo chown root /lib/systemd/system/ssh-backdoor.service

Generate an ssh-key with wich to connect to your server and add it to it's authorized_keys file.

sudo ssh-keygen -f /etc/ssh-backdoor/ssh-backdoor.key

Verify the configuration in /etc/ssh-backdoor/ssh-backdoor.conf and enable and start the ssh-backdoor.service.

sudo systemctl enable ssh-backdoor.service
sudo systemctl start ssh-backdoor.service

Notes

By default the forwarded port on the server listens only on the loopback interface. To allow binding to other interfaces you will need to change the REMOTE_BINDPORT to:

REMOTE_BINDPORT=0.0.0.0:12345

Where 0.0.0.0 is the address of the other interface. It can also be set to *:12345 or :12345 to listen on all interfaces.

You will also need to set the GatewayPorts to yes in your sshd_config.

License

This code is distributed under the term of the WTFPL License.

Author

Itay Grudev <itay(at)grudev...com>

Raw
ssh-backdoor.service
# /lib/systemd/system/ssh-backdoor.service
[Unit]
Description=SSH Backdoor for remote access to systems without a static IP via external server
After=network.target ssh.service
[Service]
Type=simple
PIDFile=/var/run/ssh-backdoor.pid
EnvironmentFile=/etc/ssh-backdoor/ssh-backdoor.conf
ExecStart=/usr/bin/env bash -c "ssh -NTR $REMOTE_BINDPORT:$LOCAL_HOST:$LOCAL_PORT $REMOTE_HOST -i $SSH_KEY"
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment