This article was first published at

Sometimes it is necessary to use some resources of personal PC at home in the company. In this case, Teamvieawer can be selected for remote access, but it is a little troublesome and the access rate is slow. In this case, it is a good idea to achieve Intranet penetration through VPS.

The method described in this article is to use autoSSH to implement reverse proxy between VPS and the Intranet, and establish a long connection between the VPS and the Intranet, so that the extranet PC can access the Intranet PC through the reverse proxy of the VPS. The requirements for the entire implementation are as follows:

  1. With public IP address ( VPS
  2. An Intranet PC that is powered on and connected to the Internet
  3. Any extranet PC connected to a network

VPS configuration

Modify the VPS file /etc/ssh/sshd_config and uncomment the following parameters or change their values

GetewayPorts yes
TCPKeepAlive yes
ClientAliveInterval 60
ClientAliveCountMax 3
Copy the code

Intranet PC Configuration

To ensure that Intranet PCS can access the VPS without passwords, you need to add the public key of Intranet PCS to the VPS

$ ssh-keygen
#... enter ...$ssh-copy-id -i ~/. SSH / -p 27000 [email protected]# 27000 is the port number for accessing the VPS, root is the user name of the VPS, and 222.222.222 is the public IP address of the VPS
Copy the code

After the configuration, install autoSSH on the Intranet PC

sudo apt-get install -y autossh
Copy the code

Once installed, reverse proxy can be implemented with the following instructions:

autossh -p 27000 -M 27400 -NR '*:27401:localhost:27402' [email protected]
Copy the code


  • -p 27000: VPS SSH port. The default value is 22
  • -M 27440: Proxy service listening port of the VPS. Ensure that the port is not occupied by other VPS processes
  • -NR '*:27401:localhost:27402'Port mapping, VPS27401The port is mapped to the Intranet PC27402port
  • [email protected]: User name and IP address of the VPS

There are four ports involved. 27000 is the VPS SSH listening port, 27400 is the VPS proxy service listening port, 27401 and 27402 are a pair of port mapping between VPS and Intranet PCS. The EXtranet PC needs to access the Intranet through port 27401 of VPS.

Configure the autoSSH service

The above instructions can already complete the required functions, but every time you start up, you have to input again, it is very inconvenient, so you can package the instructions as a service, and then set to start up after starting up. In Ubuntu, you can create a new autossh.service file in the lib/systemd/system directory and type the following:

Description=Auto SSH Tunnel
ExecStart=/usr/bin/autossh -p 27000 -M 27400 -NR '*:27401:localhost:27402' [email protected] -i ~/.ssh/id_rsa
ExecReload=/bin/kill -HUP $MAINPID
Copy the code

After the configuration is complete, run the following commands to start, query, and start automatically.

  • Start the service:sudo systemctl autossh start
  • View status:sudo service autossh status
  • Startup:sudo systemctl enable autossh.service

Remote Access to the Intranet

Finally, how to access the Intranet through the extranet is similar to accessing the VPS itself, just change the connection port.

Sudo SSH [email protected] -p 27401Copy the code

Extension instructions

This article introduces the implementation of reverse proxy through VPS, if there is no VPS can not use, at this time can learn FRP or Ngrok, use a public server to achieve proxy.


  • Use autoSSH to set up a reverse SSH tunnel for personal computers
  • SSH Reverse connection and Autossh