Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
941 views
in Technique[技术] by (71.8m points)

ssh - Port forwarding to avoid the need for certificate

I need to setup locally a tool that connects to the EC2 instance through SSH to perform profiling on the remote machine. The problem is the following: EC2 requires to use of a PEM certificate to connect, but the tool does not support certificates. Is there a way to do some port-forwarding so that the tool can connect to something like localhost:2222 without password (or at least without certificate) and then the traffic gets redirected to the EC2?

I don't know exactly what ports are used by the tool, but for sure it can tunnel all traffic through SSH.

If you need more info, the tool is the Nvidia Nsight Compute.

I tried sh -L 2222:localhost:22 -i mycertificate.pem <username_ec2>@<ip_ec2> but then ssh <username_ec2>@localhost:2222 returns ssh: Could not resolve hostname localhost:2222: nodename nor servname provided, or not known.

question from:https://stackoverflow.com/questions/65906650/port-forwarding-to-avoid-the-need-for-certificate

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Fix your command to:

ssh -p 2222 <username_ec2>@localhost

but a certificate is still needed if you did the port forwarding like so:

ssh -L 2222:localhost:22 -i mycertificate.pem <username_ec2>@<ip_ec2>

I would try the following:

Run another ssh server which listens only on localhost, and doesn't require certificate on another port e.g 2222. See instructions

and then I would port forward to it like so:

ssh -L 2222:localhost:2222 -i mycertificate.pem <username_ec2>@<ip_ec2>

and ssh to it the same way:

ssh -p 2222 <username_ec2>@localhost

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...