reverseproxy_ssh_setup 667 Bytes
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25


#!/bin/sh

set -e
set -x

port="$1"
reverseproxy_ip="$2"
integration_ip="$3"

# switch SSH to port $port
sed -i -e 's/^#\?\s*Port\s*[0-9]\+\s*$/Port '$port'/g' /etc/ssh/sshd_config

# Install SELinux
yum install -y selinux-policy policycoreutils-python

# Tell SELinux to allow the new port
semanage port -a -t ssh_port_t -p tcp "$port"

# Restart SSH
systemctl restart sshd

# Setup port redirect
iptables -t nat -A PREROUTING -d $reverseproxy_ip/32 -p tcp -m tcp --dport 22 -j DNAT --to-destination $integration_ip:22
iptables -t nat -A POSTROUTING -d $integration_ip/32 -p tcp -m tcp --dport 22 -j SNAT --to-source $reverseproxy_ip
sysctl -w net.ipv4.ip_forward=1