How to Forward SSH Connection

Meet Joe. From time to time he works from home. He needs to connect to his PC located in the office. Also, from time to time he connects from home to his office PC, and from the PC to the Jenkins CI server provisioned in company’s development AWS cloud environment.

Configuring ssh

Let’s have a look at his ssh config file:

Host jenkins-saas
HostName ec2-54-77-192-111.eu-west-1.compute.amazonaws.com
ProxyCommand ssh -i ~/.ssh/id_rsa_corp_mac [email protected]<your office machine IP> -W %h:%p
User ec2-user
LocalForward 7777 localhost:8080
IdentityFile ~/.ssh/id_rsa_v8
  • HostName – Jenkins host in the AWS Management VPC
  • <your office machine IP> – IP address of the office machine
  • joe – user name
  • id_rsa_corp_mac – prv ssh key that allows to connect from the laptop to the office machine
  • ec2-user – default user of the AWS host (Jenkins)
  • 7777 – port we can access Jenkins UI on the laptop
  • 8080 – Jenkins port
  • id_rsa_v8 – prv ssh key on the laptop (the key allows to ssh to the Jenkins host)

Given all names and paths in the config file are correct, Joe is ready to ssh to the Jenkins machine. What is also important, Joe will be able to access Jenkins Web UI.

SSH to the Jenkins machine

Joe opens a terminal and types:

$ ssh jenkins-saas
Last login: Fri Jun 2 13:25:26 2017 from 149.11.36.150

__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|

https://aws.amazon.com/amazon-linux-ami/2017.03-release-notes/

and voila! He successfully connects to the EC2 instance running the Jenkins server.

Next step for Joe is to access Jenkins WebUI from a web browser from his laptop. Joe opens Opera browser and types url:

url: localhost:7777

Congratulations! Job done. Joe can start configuring build jobs.

References:
  • https://superuser.com/questions/107679/forward-ssh-traffic-through-a-middle-machine
  • https://superuser.com/questions/96489/an-ssh-tunnel-via-multiple-hops#97007