Thursday, April 14, 2022

[SOLVED] Attempting to ssh tunnel to another server within the vpc to a specific port to access my api

Issue

This is an odd scenario. Essentially, within a vpc, I am attempting to create an ssh tunnel from server A to server B in which server B hosts the api at port 9000, and server A wants to be able to reverse proxy to port say 5000 which should pass the query to server B's port 9000, and return data. I have been tearing my hair out. I currently have gotten this far:

 ssh 3000:localhost3000 -vvv -N -i rsa.pem serverB@serverBIP

after which I have attempted to access the port 22 on server A using a curl request but I got a response -- curl: (1) Received HTTP/0.9 when not allowed

I also tried specifying a port

ssh -vvv -N -i rsa.pem serverB@serverBIP -p3000 

which quits on me entirely with the response: ssh: connect to host serverBIp port 3000: No route to host

Finally, I tried

ssh -vvv -N -i workstation_pem.pem 3000:localhost:3000 serverBUser@serverBID

which results in Could not resolve hostname 3000:localhost:3000: Name or service not known

Please advise, I am not sure what I am doing wrong. I feel like this should be simple, but I am struggling to get it to work - a simple tunnel from one instance to another at a port to port on server B where serverB has a gunicorn server running


Solution

You would need to login to ServerA and then run this command:

ssh -i key.pem -N -L 5000:serverBIP:9000 serverBUser@serverBIP

This tells the computer on which it is run (which is ServerA) to listen on port 5000 and send any incoming requests to port 9000 on ServerB.

Detailed explanation: explainshell.com - ssh -i key.pem -N -L 5000:serverBIP:9000 serverBUser@serverBIP

See also: SSH/OpenSSH/PortForwarding - Community Help Wiki



Answered By - John Rotenstein
Answer Checked By - Willingham (WPSolving Volunteer)