2

I'm trying to convert the following SSH command on a SSH File entry.

My command is as follows:

ssh -i identity-file.pem -L 20000:internal-host.com:8080 [email protected] -N

An this is the current SSH file

Host remote-host-tunnel IdentitiesOnly yes HostName remote-host.com User user PubKeyAuthentication yes IdentityFile ~/.ssh/identity-file.pem ServerAliveInterval 30 Host internal-host-forwarding LocalForward 20000 internal-host.com:8080 Hostname internal-host.com ProxyCommand ssh remote-host-tunnel nc %h %p

I'm able to reach the tunnel as folows:

ssh remote-host-tunnel

Everything up until this point works fine

But then, when I want to access the internal-host it's not working

ssh internal-host-forwarding -N

The connection does not get established

Ncat: Connection timed out.

kex_exchange_identification: Connection closed by remote host

Connection closed by UNKNOWN port 65535

Improve this question

1 Answer 1

Reset to default
2

You are trying to to use the ProxyCommand with netcat to establish a connection to the internal host, but that is not necessary for port forwarding, just combine the configurations of both hosts into a single entry like this in your ssh config file:

Host remote-host-tunnel IdentitiesOnly yes HostName remote-host.com User user PubKeyAuthentication yes IdentityFile ~/.ssh/identity-file.pem ServerAliveInterval 30 LocalForward 20000 internal-host.com:8080

Now you can just connect to the remote-host-tunnel

ssh remote-host-tunnel -N

edit: You can also create multiple entries for each internal host like the example below

Host remote-host-tunnel IdentitiesOnly yes HostName remote-host.com User user PubKeyAuthentication yes IdentityFile ~/.ssh/identity-file.pem ServerAliveInterval 30 Host internal-host-forwarding-1 Hostname localhost Port 20000 ProxyJump remote-host-tunnel LocalForward 20000 internal-host1.com:8080 Host internal-host-forwarding-2 Hostname localhost Port 20001 ProxyJump remote-host-tunnel LocalForward 20001 internal-host2.com:8080

and if you want to connect to internal-host-forwarding-1 do ssh internal-host-forwarding-1 -N

Improve this answer
2
  • 1
    Thank you for your answer. This was my workaround as well, but I have multiple tunnels that were suppose to connect to different internal-hosts that need to go all trough the same remote-host . That's why I was trying to keep them separated Commented Apr 17, 2023 at 20:18
  • You welcome, I updated my answer Commented Apr 17, 2023 at 20:41

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.