NAME¶

sidedoor - SSH connection daemon

SYNOPSIS¶

sidedoor [SSH options] [user@]hostname

DESCRIPTION¶

sidedoor maintains an SSH connection or tunnel with a shell script daemon.

The primary use case is maintaining a remote port forward to the local SSH server (or another port). Thus, the local device can be accessed without using incoming connections that may be blocked by a NAT or firewall or otherwise impractical with mobile devices.

SSH clients can connect to the device via the reverse SSH proxy that sidedoor tunnels to. This proxy server can be untrusted and run by a third party or cloud service.

sidedoor enables SSH keepalives and retries SSH with exponential backoff. In order to reconnect as soon as possible, it resets the backoff when a network interface is brought up (or changed).

OPTIONS¶

See ssh(1).

SIGNALS¶

SIGUSR1 resets the retry backoff, immediately retrying ssh(1) if it is not currently running.

FILES¶

/etc/default/sidedoor

Arguments to pass to sidedoor when run as a service. See ssh(1).

/etc/sidedoor/config

SSH client configuration file.

/etc/sidedoor/id_rsa

SSH private key to access the remote server.

ssh-keygen(1) can generate this key (press y when prompted to overwrite the existing file):

$ sudo ssh-keygen -t rsa -N '' -f /etc/sidedoor/id_rsa

The corresponding public key id_rsa.pub will need to be included in the remote user's ~/.ssh/authorized_keys file.

/etc/sidedoor/known_hosts

SSH host key of the remote server.

/etc/sidedoor/authorized_keys

Optionally, SSH public key(s) with remote access to the local sidedoor user.

This is a symlink to ~sidedoor/.ssh/authorized_keys. The sidedoor-sudo package provides full root access to this user.

/etc/network/if-up.d/sidedoor

Sends SIGUSR1 to reset the retry backoff on network state changes.

SEE ALSO¶

ssh(1), /usr/share/doc/sidedoor/README.md.gz