Update to latest version of Kali Linux
sudo apt-get update
sudo apt-get install openssh-server
Create a new public/private key pairing
ssh-keygen -t rsa -b 4096 # create passwordless for autossh to work without an ssh-agent
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_autossh -N '' # passwordless
Copy the SSH key to EC2 instance (most likely needs to be manually copied as EC2 is passwordless)
ssh-copy-id -i ~/.ssh/id_rsa.pub ubuntu@<EC2-Public-IP>
Manual method:
- SSH into EC2 from local machine
- Copy the id_rsa.pub to the authorized_key section in EC2 instance
Manual Reverse SSH Tunnelling
ssh -fN -R 2222:localhost:22 ubuntu@ec2-52-65-52-19.ap-southeast-2.compute.amazonaws.com
ssh -p 2222 kali@localhost
Using autossh
autossh -M 0 -fN -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -R 2222:localhost:22 ubuntu@ec2-52-65-52-19.ap-southeast-2.compute.amazonaws.com # silent
autossh -M 0 -N -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -R 2222:localhost:22 ubuntu@ec2-52-65-52-19.ap-southeast-2.compute.amazonaws.com # requires passphrase
Create systemd file
sudo nano /etc/systemd/system/autossh.service
[Unit]
Description=AutoSSH Reverse Tunnel
After=network.target
[Service]
User=pi
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -fN -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -R 2222:localhost:22 ubuntu@ec2-52-65-52-19.ap-southeast-2.compute.amazonaws.com # silent
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl enable autossh.service
sudo systemctl start autossh.service