Documentation

Reverse SSH Tunnel Setup

Abstract

SummaryHow to enable a reverse SSH tunnel with Alooma (not available for On Demand customers).

If your site security is configured in such a way that you need to avoid opening ports on your firewall, you can connect via reverse SSH tunnel.

To set up a reverse SSH tunnel to your integration, contact Alooma support and provide the public key you will use to connect to our network (usually, the contents of ~/.ssh/id_rsa.pub).

reverse-ssh_up.jpg

Once we set up a user for SSH, support will contact you and provide you with the ALOOMA_HIGH_PORT and ALOOMA_TUNNEL_CUSTOMER_USERNAME information necessary to set up a reverse SSH tunnel. Enter the following command (all one line) replacing the items in <brackets> with the actual values:

Copy
autossh -M 0 -f -N -R <ALOOMA_HIGH_PORT>:<LOCAL_NETWORK_ASSET>:<LOCAL_NETWORK_ASSET_PORT> 
<ALOOMA_TUNNEL_CUSTOMER_USERNAME>@tunnel.alooma.io -g -i <PATH_TO_PRIVATE_KEY> -o 
ServerAliveInterval=10 -o ServerAliveCountMax=1 -o ExitOnForwardFailure=yes

Where the LOCAL_NETWORK_ASSET and LOCAL_NETWORK_ASSET_PORT is the server:port you are connecting from and <PATH_TO_PRIVATE_KEY> is the path to your private key file (typically id_rsa.pem). We recommend you run the command using runsv or a similar service monitor.

Here's an example of what the command might look like with the values inserted (again, all one line):

Copy
autossh -M 0 -f -N -R 12345:dbserverhost:5443 customername@tunnel.alooma.io -g -i 
/home/dbuser/.ssh/id_rsa.pem -o ServerAliveInterval=10 -o ServerAliveCountMax=1 -o ExitOnForwardFailure=yes

Search results

    No results found