Scripts for the comfortable use of SSH reverse tunneling

What is this about?

Scenario: You want an SSH connection between 2 computers, called PC_A and PC_C, with PC_A being the initiator. For some reason this is not directly possible but you have a third computer, PC_B, accessible for both PC_A and PC_C. Then you are fine, it's easy to set up your reverse channel!
Note that it is assumed that on both computers the same username is used ($USER should be identical) and the ports used are not blocked.
Acknowledgment: Alexander Klyubin had the idea and provided part of the scripts shown.

Todo for PC_B, the middle computer

The general idea is to have the receiving computer PC_C checking for the presence of a file and, if present, open a connection to PC_B (see below). The following script should be put on PC_B; it creates this file and tries to open the connection to PC_C. After the session ends the file is removed so that PC_C can close the session again.
Later you will log in from PC_A to PC_B and then run the following script (I suggest to call it to get into PC_C.
Note that on PC_B there needs to be a tmp and .ssh directory in the users home directory.
On PC_C execute cat ~/.ssh/known_hosts | grep localhost, which should give you something like localhost ssh-rsa AACAB7NymadGcf8AACABIwAACIEA3iF93cGjJ... Copy this line and put it into the same file (~/.ssh/known_hosts) on PC_B!

#! /bin/sh

if [ "$1" != "-nokill" ]; then
  echo "Use '$0 -nokill' if this is not the master session and you don't want to close afterwards!"
echo >tmp/$USER
while [ $xxx -eq 1 ];
  a=$(date +%s)
  ssh -p 54321 localhost
  c=`echo $a + $b | bc`
  d=$(date +%s)
  $(test $c -le $d)
  if [ $xxx -eq 1 ]; then
    echo "A little patience please..."
    $(sleep 3)
if [ "$1" != "-nokill" ]; then
  rm tmp/$USER
  echo Session complete and closed.
echo Session complete but access still open.

Todo for PC_C, the receiving computer

Following you find the script which you have to run as a cron job on PC_C so that PC_C can initiate a connection to PC_B when necessary. Note that for checking whether the file exists (the "scp ..." line) you need to place a key on PC_B allowing PC_C to login without a password being asked (see SSH authentication with Keychain and hostkeys for detailed instructions).
Note that in this script you have to replace PC_B with the name or IP of your middle computer!

#! /bin/sh

scp -q PC_B:tmp/$USER /home/$USER/tmp/ >/dev/null 2>&1
if [ "$error_code" != "0" ]; then
  echo "`date`: No need to open the tunnel"
  #if Tunnel exists kill it
  TTT=$(ps -efl | grep 54321: | grep -v grep)
  if [ "$TTT" != "" ]; then
    DOIT=$(ps -efl | grep 54321: | grep -v grep | egrep -o "$USER *[0-9]+" | egrep -o [0-9]+)
    echo "POS2 $DOIT"
    kill -9 $DOIT

ps -ef | grep -v grep | grep "ssh -N -R 54321:localhost:22" >/dev/null 2>&1
if [ "$error_code" == "0" ]; then
  echo "`date`: Tunnel already up and running"

echo "`date`: Setting up tunnel"
ssh -N -R 54321:localhost:22 PC_B &
Do not forget to make this file executable (chmod +x!
To run it every minute put the script in $HOME/bin/ and add the cronjob like this:
execute: "crontab -e"
add this line to the cron file: "*/1 * * * * $HOME/bin/ >>$HOME/tmp/tunnel.log 2>&1"

I do not guarantee the correctness/adequateness of the data and the information given on this side and thus deny any responsibility for your use of it.
Johannes Knabe (
v0.1 St Albans, United Kingdom, 05.02.2006 (2006/05/02)
v0.1 Hatfield, United Kingdom, 08.03.200 (2007/03/08)
My Homepage is