I have to create an SSH tunnel to connect a deployment server to an VPN:
DeploymentServer --> Gateway --> PrivateServer
Each machine using a key, I tried the following command:
myMachine $ ssh -i GATEWAY_KEY.pem -N -L 1122:ubuntu@SERVER_PRIVATE_IP:22 ubuntu@GATEWAY_IP
And then this one in other terminal window:
myMachine $ ssh -i PRIVATE_SERVER_KEY.pem -p 1122 ubuntu@SERVER_PRIVATE_IP
But it doesn't work, I get a timeout error. My port 1122 is open and I can SSH it. I don't what I'm doing wrong, is my syntax correct?
It's my first tunnel so don't laugh at me!
EDIT 1
I added -v
and fixed the second SSH call.
First call:
myMachine $ ssh -i GATEWAY_KEY.pem -N -L 1122:ubuntu@SERVER_PRIVATE_IP:22 ubuntu@GATEWAY_IP -v
Response: debug1: Authentication succeeded (publickey).
Second call:
myMachine $ ssh -i PRIVATE_SERVER_KEY.pem -p 1122 ubuntu@localhost -v
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to localhost [::1] port 1122.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file .ssh/wamapi_staging.pem type -1
debug1: identity file .ssh/wamapi_staging.pem-cert type -1
ssh_exchange_identification: Connection closed by remote host
And in the first tab again:
debug1: Connection to port 1122 forwarding to ubuntu@10.0.5.128 port 22 requested.
debug1: channel 2: new [direct-tcpip]
channel 2: open failed: administratively prohibited: open failed
debug1: channel 2: free: direct-tcpip: listening port 1122 for ubuntu@10.0.5.128 port 22, connect from ::1 port 60341, nchannels 3
Best Answer
I made it work using the .ssh/config file instead of trying to put all my parameters in my commands. Here is the results if someone needs it:
And then the 2 commands:
Doing that way, SSH can use my pem keys.