# NOT CONFIGURED - DELETE THIS LINE ONCE THIS FILE HAS BEEN CONFIGURED # Filename: tunnel.conf # # Description: This is the configuration file for the tunnel and pulse sections of the # ssh_tunnel program. The contents of this file can be changed during program execution. # It is important not to change the formatting of the file because it is processed # using perl which is expecting things to be in certain locations. # # tunnel.conf has three sections: # 1. Configuration information such as email addresses and thresholds. # 2. The ssh host configuration for the tunnel. This consists of two # host definitions, tunnel and heartbeat. The tunnel is the permanent # connection and defines port forwarding. The heartbeat uses one of # the forwarded ports to write and copy heartbeat files between the # ssh client and the ssh server. Changing heartbeats indicate that the # tunnel is functioning. # 3. The webpage configuration section as described below. This has the # ssh host configuration for updating a webpage on a webserver. # ################################################################################ # The following section contains configuration information. DON'T REMOVE the # leading pound sign (#). The lines must be commented or the files won't work # for ssh. # # The tunnel is either "enabled" or "disabled" based on the value given # below. If disabled, then no processes are running on either the # client or the server. A cron job on the client runs ssh_tunnel.pl periodically # to check if tunnel.conf has changed on the server. If a change is detected # then the new tunnel.conf file is transfered over. If the tunnel state # becomes "enabled" then the tunnel is activated. # TUNNEL_STATE enabled # # The email addresses below receive diagnostic messages. Separate # multiple addresses with commas and no white space. The word "none" # turns off email sending and is the default. The same email address # is used by cron, loader, tunnel, and pulse. # EMAIL_ADDRESS none # # The threshold defined below is how many port failures are required # before an email is sent. Set this to "none" to turn this off. If # the ssh_server's ssh port isn't accessible then the loader kills # the tunnel. This periodic email serves as a reminder that the tunnel # is enabled but down. # EMAIL_THRESHOLD none # # The loader, tunnel, and pulse programs all have the same sleep value. # The sleep time can be changed here. It should be in the range of # 60 to 3600 seconds. Shorter sleep times increase system loading. # The sleep time must be less than half the crontab time for ssh_tunnel.pl. # SLEEP_TIME 300 # # ################################################################################ # The following section is the ssh config file for the tunnel program. # IMPORTANT! The path on the client MUST have the SSH_SERVER name in # it. The script uses this name is search strings and it MUST be there. # # The ssh_server must be configured to allow remote port forwarding. This # is normally off by default in the ssh_server's sshd_config file. # Set "GatewayPorts yes" in sshd_config. # # Important info about port numbers used in the "ssh_tunnel" and "heartbeat" # sections below. The "heartbeat" Port number must be the same as the last # two port numbers in the "ssh_tunnel" section. In this example 50022 is # used. The port number used must be unused by anything else on the two # machines. If you have multiple tunnels connecting to a single ssh_server # be sure to use different port numbers. The last two lines both use the # name "localhost". You could put the actual names of the ssh server and # client instead, but using localhost is safest. If the machine's name # were changed the tunnel would no longer work. Using "localhost" guarantees # the forwarding will work even if the machine's name changes. The other # RemoteForward lines forward ports on the ssh server to ports on machines # on the LAN where the ssh client resides. These aren't required and should # be removed if not needed. # Host tunnel HostName ssh_server_WAN_domain_name Port = 22 UserKnownHostsFile = /path/must/have/SSH_SERVER/name/in/it/known_hosts User = user_login_name_on_server IdentityFile = /path/must/have/SSH_SERVER/name/in/it/id_rsa.private_key_name Compression = yes RemoteForward = 55920 machine1_name:5920 RemoteForward = 55925 machine2_name:5925 RemoteForward = 55995 machine3_name:5995 RemoteForward = 50022 localhost:22 LocalForward = 50022 localhost:22 ################################################################################ Host heartbeat HostName localhost Port = 50022 UserKnownHostsFile = /path/must/have/SSH_SERVER/name/in/it/known_hosts User = user_login_name_on_server IdentityFile = /path/must/have/SSH_SERVER/name/in/it/id_rsa.private_key_name ################################################################################ Host pulse HostName localhost Port = 50022 UserKnownHostsFile = /path/must/have/SSH_CLIENT/name/in/it/known_hosts User = user_login_name_on_client IdentityFile = /path/must/have/SSH_CLIENT/name/in/it/id_rsa.private_key_name ################################################################################ # Note: This section must be last in tunnel.conf. # A webpage will be copied to the directory set by WEBSERVER_DIR below. The # default value "none" turns this feature off. Change "none" to the directory # path where the webpage should be copied. The "webpage" host information # below must also be changed to valid values to make this work. # WEBSERVER_DIR none # # The filename of the webpage copied to the webserver defaults to # SSH_CLIENT_to_SSH_SERVER.html. To choose a different name replace the # word "default" on the line below with the desired name. # WEBPAGE_FILENAME default # # A copy of the webpage can be put in the directory define by WEBPAGE_LOCAL_DIR. # Change "none" to a valid directory to enable this feature. # WEBPAGE_LOCAL_DIR none # # The webpage update rate defaults to once per sleep time. Change the value below # to select a different rate. The update rate is the number of times through the # loader while loop before updating the webpage. This value is ignored when events # occur such as the tunnel going down or during startup. The webpage is updated # for all non normal runtime events. # WEBPAGE_UPDATE_RATE 1 # Host webpage HostName webserver_WAN_name Port = 22 UserKnownHostsFile = /path/must/have/SSH_SERVER/name/in/it/known_hosts.webpage User = user_login_name_on_server IdentityFile = /path/must/have/SSH_SERVER/name/in/it/id_rsa.private_key_name