Techpository

You need to set the Client and the Server to stop the automatic timeout of SSH non active connections.

Client:
/etc/ssh/ssh_config

Add the following to the bottom of the file:
# Client keep alive
ServerAliveInterval 60

Server:
/etc/ssh/sshd_config

Add the following to the bottom of the file:
# Server Keep Alive
ClientAliveInterval 120
TCPKeepAlive yes
ClientAliveCountMax 720

systemctl restart sshd

Note:
120 X 720 = 86400 seconds or 24 hours

When changing the ulimit settings in /etc/security/limits.conf or in /etc/security/limits.d/filename for a specific user, you will only see the correct change in /proc/[pid]/limits if you are looking as the user the limit was set for. Looking at this setting in /proc as root or su will display the settings for root not the user you set within the file.

The command:
ulimit -a username
is the best way to tell if the limits config file change is active.

To start, it will be more convenient if you have ssh keys setup on the servers. Otherwise you will be entering a password for each server you need to connect to.


To break this out create three files:
1. iplist.txt
2. checkservers
3. serverscript

* If your command is small enough you do not need to have a seperate serverscript file.  I find it easier to put more complex scripts in their own file which is what the following example reflects.

Add your server IPs to iplist.txt:
192.168.1.10
192.168.1.22
192.168.1.45
192.168.1.100

Add you loop connection syntax in checkservers:
#!/bin/bash
for server in $(cat iplist.txt); do

ssh username@$server -i usernameprivatekeyfile 'bash -s'  < serverscript  >> server-results.txt

done

Add your script to serverscript:
#!/bin/bash

sudo -i

hostname

your
script
here

Final steps:
chmod 744 checkservers
chmod 744 serverscript

Finally run ./checkservers

If you are tired of reading long blog posts of using reverse ssh you came to the right place.

Scenario:
You want to connect from your workstation to a server.
Both are on their own networks and are behind NAT.

Target: Server behind firewall
Jump: Server on the internet that you have control of the firewall
Source: Your Workstation behind firewall

Steps (Target connects to Jump, Source connects to Jump, From Jump you connect to Target):

1. Target:
   ssh -fN -R 45000:localhost:22 username@Jumpserverip
2. Source:
   ssh username@jumpserverip
3. Jump:
   ssh useronTarget@localhost -p 45000

tcpdump tcp and host 172.22.1.111 and port 22 -s0 -xx -X -c 1000