-
-
Save kofruge/27fe9f49448f21107cd79cb090d25f4a to your computer and use it in GitHub Desktop.
Revisions
-
kofruge renamed this gist
Sep 30, 2024 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
MarMed revised this gist
Apr 12, 2017 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -132,4 +132,4 @@ To: address xxx.xxx.xxx.xxx # Done! ## Feel free to leave a comment with your questions or suggestions. -
Apr 12, 2017 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -131,4 +131,5 @@ To: pre-up iptables-restore < /etc/iptables.rules address xxx.xxx.xxx.xxx # Done! ##Feel free to leave a comment with your questions or suggestions. -
Apr 12, 2017 . 1 changed file with 7 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,7 +4,7 @@ This guide creates a reverse SSH tunnel to route all Plex server traffic through Step 2 is done on the tunnel, all other steps are done on the plex server. ## 1. Setup SSH keys (if you already have key based authenthication setup skip to step 2) On plex server: @@ -40,7 +40,7 @@ On plex server: root@ubuntu:~# You should not be promted for a password ## 2. Edit tunnel's SSH server configuration 2a. Add "Gatewayports yes" to sshd_config @@ -61,7 +61,7 @@ On plex server: sudo service ssh restart ## 3. Install autossh and create systemd service: 3a. Install autossh sudo apt install autossh @@ -82,7 +82,7 @@ On plex server: User=changeme [Install] WantedBy=multi-user.target ## 4. Enable and start service sudo systemctl enable autossh-plex-tunnel sudo systemctl start autossh-plex-tunnel 4b. Check SSH tunnel @@ -105,17 +105,17 @@ On plex server: go to http://TUNNELIP:32400 on your browser, if it does not load the tunnel was not setup correctly ## 5. Point plex.tv to correct ip Plex.TV Web App > Settings > Server > Network > Custom server access URLs https://TUNNELIP:32400,http://TUNNELIP:32400 ## 6. Only allow local connections to port 32400 sudo iptables -A INPUT -p tcp -s localhost --dport 32400 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 32400 -j DROP sudo iptables-save > /etc/iptables.rules ## 7. Make iptables rules apply at startup edit /etc/network/interfaces -
Apr 12, 2017 . 1 changed file with 9 additions and 9 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,10 +1,10 @@ # Routing plex traffic through an SSH tunnel This guide creates a reverse SSH tunnel to route all Plex server traffic through it. Step 2 is done on the tunnel, all other steps are done on the plex server. # 1. Setup SSH keys (if you already have key based authenthication setup skip to step 2) On plex server: @@ -40,7 +40,7 @@ On plex server: root@ubuntu:~# You should not be promted for a password # 2. Edit tunnel's SSH server configuration 2a. Add "Gatewayports yes" to sshd_config @@ -61,7 +61,7 @@ On plex server: sudo service ssh restart # 3. Install autossh and create systemd service: 3a. Install autossh sudo apt install autossh @@ -82,7 +82,7 @@ On plex server: User=changeme [Install] WantedBy=multi-user.target # 4. Enable and start service sudo systemctl enable autossh-plex-tunnel sudo systemctl start autossh-plex-tunnel 4b. Check SSH tunnel @@ -105,17 +105,17 @@ On plex server: go to http://TUNNELIP:32400 on your browser, if it does not load the tunnel was not setup correctly # 5. Point plex.tv to correct ip Plex.TV Web App > Settings > Server > Network > Custom server access URLs https://TUNNELIP:32400,http://TUNNELIP:32400 # 6. Only allow local connections to port 32400 sudo iptables -A INPUT -p tcp -s localhost --dport 32400 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 32400 -j DROP sudo iptables-save > /etc/iptables.rules # 7. Make iptables rules apply at startup edit /etc/network/interfaces @@ -131,4 +131,4 @@ To: pre-up iptables-restore < /etc/iptables.rules address xxx.xxx.xxx.xxx # Done! Feel free to leave a comment with your questions or suggestions. -
Apr 12, 2017 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -129,4 +129,6 @@ To: auto eth0 iface eth0 inet static pre-up iptables-restore < /etc/iptables.rules address xxx.xxx.xxx.xxx #Done! Feel free to leave a comment with your questions or suggestions. -
hthighway revised this gist
Apr 4, 2017 . 1 changed file with 6 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -42,7 +42,7 @@ On plex server: #2. Edit tunnel's SSH server configuration 2a. Add "Gatewayports yes" to sshd_config root@ubuntu:~# nano /etc/ssh/sshd_config Change: @@ -56,6 +56,11 @@ Add "Gatewayports yes" to sshd_config Port 22 GatewayPorts yes ... 2b. restart sshd sudo service ssh restart #3. Install autossh and create systemd service: 3a. Install autossh -
Feb 22, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,7 @@ #Routing plex traffic through an SSH tunnel This guide creates a reverse SSH tunnel to route all Plex server traffic through it. Step 2 is done on the tunnel, all other steps are done on the plex server. #1. Setup SSH keys (if you already have key based authenthication setup skip to step 2) -
Feb 22, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,7 @@ #Routing plex traffic through an SSH tunnel This guide creates a reverse SSH tunnel to route all Plex server traffic through it. Step 2 is done on the tunnel, all other steps are done on the plex server. #1. Setup SSH keys (if you already have key based authenthication setup skip to step 2) -
Feb 22, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -79,6 +79,7 @@ Add "Gatewayports yes" to sshd_config sudo systemctl enable autossh-plex-tunnel sudo systemctl start autossh-plex-tunnel 4b. Check SSH tunnel sudo systemctl status autossh-plex-tunnel If tunnel was created successfully output should look something like this: -
Feb 22, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -82,6 +82,7 @@ Add "Gatewayports yes" to sshd_config sudo systemctl status autossh-plex-tunnel If tunnel was created successfully output should look something like this: autossh-plex-tunnel.service - AutoSSH tunnel service Plex on local port 32400 Loaded: loaded (/etc/systemd/system/autossh-plex-tunnel.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2017-02-20 03:11:14 CET; 2 days ago -
Feb 22, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -80,6 +80,7 @@ Add "Gatewayports yes" to sshd_config sudo systemctl start autossh-plex-tunnel 4b. Check SSH tunnel sudo systemctl status autossh-plex-tunnel If tunnel was created successfully output should look something like this: autossh-plex-tunnel.service - AutoSSH tunnel service Plex on local port 32400 Loaded: loaded (/etc/systemd/system/autossh-plex-tunnel.service; enabled; vendor preset: enabled) -
Feb 22, 2017 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -81,7 +81,7 @@ Add "Gatewayports yes" to sshd_config 4b. Check SSH tunnel sudo systemctl status autossh-plex-tunnel If tunnel was created successfully output should look something like this: autossh-plex-tunnel.service - AutoSSH tunnel service Plex on local port 32400 Loaded: loaded (/etc/systemd/system/autossh-plex-tunnel.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2017-02-20 03:11:14 CET; 2 days ago Main PID: 32570 (autossh) @@ -92,6 +92,7 @@ Add "Gatewayports yes" to sshd_config Feb 20 03:11:14 Hetzner systemd[1]: Started AutoSSH tunnel service Plex on local port 32400. Feb 20 03:11:14 Hetzner autossh[32570]: starting ssh (count 1) Feb 20 03:11:14 Hetzner autossh[32570]: ssh child pid is 32574 go to http://TUNNELIP:32400 on your browser, if it does not load the tunnel was not setup correctly #5. Point plex.tv to correct ip -
Feb 22, 2017 . 1 changed file with 14 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -78,6 +78,20 @@ Add "Gatewayports yes" to sshd_config #4. Enable and start service sudo systemctl enable autossh-plex-tunnel sudo systemctl start autossh-plex-tunnel 4b. Check SSH tunnel sudo systemctl status autossh-plex-tunnel If tunnel was created successfully output should look something like this: autossh-plex-tunnel.service - AutoSSH tunnel service Plex on local port 32400 Loaded: loaded (/etc/systemd/system/autossh-plex-tunnel.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2017-02-20 03:11:14 CET; 2 days ago Main PID: 32570 (autossh) CGroup: /system.slice/autossh-plex-tunnel.service ├─32570 /usr/lib/autossh/autossh -M 40584 -o compression=no -o cipher=aes128-gcm@openssh.com -o ServerAliveInterval 30 -o ServerAliveCountMax 3 -NR 32400:localhost:32400 root@TUNNELIP └─32574 /usr/bin/ssh -L 40584:127.0.0.1:40584 -R 40584:127.0.0.1:40585 -o compression=no -o cipher=aes128-gcm@openssh.com -o ServerAliveInterval 30 -o ServerAliveCountMax 3 -NR 32400:localhost:32400 root@TUNNELIP Feb 20 03:11:14 Hetzner systemd[1]: Started AutoSSH tunnel service Plex on local port 32400. Feb 20 03:11:14 Hetzner autossh[32570]: starting ssh (count 1) Feb 20 03:11:14 Hetzner autossh[32570]: ssh child pid is 32574 go to http://TUNNELIP:32400 on your browser, if it does not load the tunnel was not setup correctly #5. Point plex.tv to correct ip -
Feb 22, 2017 . 1 changed file with 3 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -56,11 +56,12 @@ Add "Gatewayports yes" to sshd_config ... #3. Install autossh and create systemd service: 3a. Install autossh sudo apt install autossh 3b. Create systemd service file sudo nano /etc/systemd/system/autossh-plex-tunnel.service Contents: [Unit] -
Feb 22, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,106 @@ #Routing plex traffic through an SSH tunnel This guide creates a reverse SSH tunnel to route all Plex server traffic through it. #1. Setup SSH keys (if you already have key based authenthication setup skip to step 2) On plex server: 1a. Create SSH key root@ubuntu:~# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. Passaphrase must be empy for autossh to work! 1b. Copy SSH key root@ubuntu:~# ssh-copy-id root@TUNNELIP /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@TUNNELIP's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@TUNNELIP'" and check to make sure that only the key(s) you wanted were added. 1c. Connect to tunnel root@ubuntu:~$ ssh root@TUNNELIP Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.9.7-x86_64-linode80 x86_64) Last login: Wed Feb 22 03:49:58 2017 root@ubuntu:~# You should not be promted for a password #2. Edit tunnel's SSH server configuration Add "Gatewayports yes" to sshd_config root@ubuntu:~# nano /etc/ssh/sshd_config Change: ... Port 22 ... To: ... Port 22 GatewayPorts yes ... #3. Install autossh and create systemd service: 3a. Install autossh '''' sudo apt install autossh 3b. Create systemd service file sudo nano /etc/systemd/system/autossh-plex-tunnel.service [Unit] Description=AutoSSH tunnel service Plex on local port 32400 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 40584 -o "compression=no" -o "cipher=aes128-gcm@openssh.com" -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NR 32400:localhost:32400 root@TUNNELIP User=changeme [Install] WantedBy=multi-user.target #4. Enable and start service sudo systemctl enable autossh-plex-tunnel sudo systemctl start autossh-plex-tunnel go to http://TUNNELIP:32400 on your browser, if it does not load the tunnel was not setup correctly #5. Point plex.tv to correct ip Plex.TV Web App > Settings > Server > Network > Custom server access URLs https://TUNNELIP:32400,http://TUNNELIP:32400 #6. Only allow local connections to port 32400 sudo iptables -A INPUT -p tcp -s localhost --dport 32400 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 32400 -j DROP sudo iptables-save > /etc/iptables.rules #7. Make iptables rules apply at startup edit /etc/network/interfaces Change auto eth0 iface eth0 inet static address xxx.xxx.xxx.xxx To: auto eth0 iface eth0 inet static pre-up iptables-restore < /etc/iptables.rules address xxx.xxx.xxx.xxx This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,11 @@ [Unit] Description=AutoSSH tunnel service Plex on local port 32400 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 40584 -o "compression=no" -o "cipher=aes128-gcm@openssh.com" -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -NR 32400:localhost:32400 root@TUNNELIP User=root [Install] WantedBy=multi-user.target