How to Port Forward from SSH Client to another SSH Server

Question

We have a Bitvise SSH server running on a Windows 10 PC. We are trying to have client computers (macOS's running zoc8 as the client) connect to the Bitvise server. The connection works great when the clients are on the local network, but not when they are outside the local network.

I have been told that in order to make our server visible to the internet in a secure way to only be accessed by these client computers with their ssh keys, we need another cloud server that forwards connections to our local server. The clients would connect to the cloud server's IP and the connection would be forwarded as if the clients were connecting to the local server.

I am trying to use AWS as the cloud server to forward those connections, but cannot figure out how. It seems my EC2 instance, when connected to, is just a command line prompt. Is this truly the case? How would I go about setting up AWS to securely forward these connections? I read https://aws.amazon.com/blogs/aws/new-port-forwarding-using-aws-system-manager-sessions-manager/ but it does not seem to apply directly to my situation.

Thank you.

Answer

Hi,

According to this article, https://aws.amazon.com/blogs/mt/use-port-forwarding-in-aws-systems-manager-session-manager-to-connect-to-remote-hosts/, you must define also your destination.

To recap, on your workstation you must install (AWS CLI and SSM plugin), and in your EC2 server (SSM Manager Agent) and to set correctly Security Groups etc.

Then create your connection between your workstation and the destination through the EC2.
```
aws ssm start-session --target  --document-name AWS-StartPortForwardingSessionToRemoteHost --parameters '{"localPortNumber":["2222"],"portNumber":["PORT Btivise SSH server"],"host":["IP Bitvise SSH server"]}'
```

And finally connect your ssh command via localport 2222
```
ssh -i path/id_rsa username@127.0.0.1 -p 2222
```

How to Port Forward from SSH Client to another SSH Server

相關內容