ssh tunneling

主要使用了ssh隧道技术：

经常隧道会自动断开的原因：隧道可能因为某些原因断开，例如：机器重启，长时间没有数据通信而被路由器切断等等。

OpenSSH基于安全的理由，如果用户连线到SSH Server后闲置一段时间，SSH Server会在超过特定时间后自动终止SSH连线。

保持长连接，我们需要了解这几个参数：

TCPKeepAlive yes/no for ssh and sshd

ClientAliveCountMax for sshd

ClientAliveInterval for sshd

ServerAliveCountMax for ssh

ServerAliveInterval for ssh

To enable the keep alive system-wide (root access required), edit /etc/ssh/ssh_config; to set the settings for just your user, edit ~/.ssh/config (create the file if it doesn’t exist). Insert the following:

Host *

    ServerAliveInterval 300

    ServerAliveCountMax 2

You can also make your OpenSSH server keep alive all connections with clients by adding the following to /etc/ssh/sshd_config:

ClientAliveInterval 300

ClientAliveCountMax 2

 connection idle timeout setting

ServerAliveCountMax

Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval

Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

下面是几个参数的解释：

TCPKeepAlive
             Specifies whether the system should send TCP keepalive messages
             to the other side.  If they are sent, death of the connection or
             crash of one of the machines will be properly noticed.  However,
             this means that connections will die if the route is down tem-
             porarily, and some people find it annoying.  On the other hand,
             if TCP keepalives are not sent, sessions may hang indefinitely on
             the server, leaving “ghost” users and consuming server resources.

             The default is “yes” (to send TCP keepalive messages), and the
             server will notice if the network goes down or the client host
             crashes.  This avoids infinitely hanging sessions.

             To disable TCP keepalive messages, the value should be set to
             “no”.
 ClientAliveCountMax
             Sets the number of client alive messages (see below) which may be
             sent without sshd(8) receiving any messages back from the client.
             If this threshold is reached while client alive messages are
             being sent, sshd will disconnect the client, terminating the ses-
             sion.  It is important to note that the use of client alive mes-
             sages is very different from TCPKeepAlive (below).  The client
             alive messages are sent through the encrypted channel and there-
             fore will not be spoofable.  The TCP keepalive option enabled by
             TCPKeepAlive is spoofable.  The client alive mechanism is valu-
             able when the client or server depend on knowing when a connec-
             tion has become inactive.

             The default value is 3.  If ClientAliveInterval (see below) is
             set to 15, and ClientAliveCountMax is left at the default, unre-
             sponsive SSH clients will be disconnected after approximately 45
             seconds.  This option applies to protocol version 2 only.
 ClientAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the client, sshd(8) will send a message
             through the encrypted channel to request a response from the
             client.  The default is 0, indicating that these messages will
             not be sent to the client.  This option applies to protocol ver-
             sion 2 only.
 ServerAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the server, ssh(1) will send a message through
             the encrypted channel to request a response from the server.  The
             default is 0, indicating that these messages will not be sent to
             the server.  This option applies to protocol version 2 only.
 ServerAliveCountMax
             Sets the number of server alive messages (see below) which may be
             sent without ssh(1) receiving any messages back from the server.
             If this threshold is reached while server alive messages are
             being sent, ssh will disconnect from the server, terminating the
             session.  It is important to note that the use of server alive
             messages is very different from TCPKeepAlive (below).  The server
             alive messages are sent through the encrypted channel and there-
             fore will not be spoofable.  The TCP keepalive option enabled by
             TCPKeepAlive is spoofable.  The server alive mechanism is valu-
             able when the client or server depend on knowing when a connec-
             tion has become inactive.

             The default value is 3.  If, for example, ServerAliveInterval
             (see below) is set to 15 and ServerAliveCountMax is left at the
             default, if the server becomes unresponsive, ssh will disconnect
             after approximately 45 seconds.  This option applies to protocol
             version 2 only.

#!/bin/bash

###################################################################################

#date:2016-12-20                                                             ######

#author:victor                                                               ######

#description:                                                                ######

#this shell script is for improving the network performance to www.google.com######

###################################################################################

Ssh_Pid=`ps aux | grep '192.168.1.53'| grep -v 'grep'| awk '{print $2}'`

kill $Ssh_Pid

ssh -f -w 0:0 192.168.1.53 true

ifconfig tun0 192.168.100.2 netmask 255.255.255.252

ssh root@192.168.1.53 "ifconfig tun0 192.168.100.1 netmask 255.255.255.252"

route add -host 192.168.1.53 dev eth0

route del -net 0.0.0.0

route add -net 0.0.0.0 dev tun0

本文转自chenzudao51CTO博客，原文链接：http://blog.51cto.com/victor2016/1884527 ，如需转载请自行联系原作者