Problem setting up an ssh tunnelling/forwarding through bastion host

Question

I have the following problem I'm trying to solve.

I wanted to use deployHQ to deploy code on commits to my repository.

deployHQ configuration asks for Hostname Port Username and no-password. deployHW are using Keypairs for identity validation (and authorization), so deployHQ provide me with a public-key to setup in my end machine authorized_keys store.

But, my machine is on a Private VPC in AWS.

So, I thought I can setup an SSH proxy, that operates on different ports. Each port would proxy the connection to a different machine on the Private VPC part.

But, I am literally clueless on how to do it!! I understand it's not SSH tunnelling, and not TCP forwarding, but nothing really works for me.

The general idea is simple: SSH using port 18022 to my bastion/proxy to funnel the communication to 10.10.0.2:22 in AWS Private VPC

SSH using port 18023 to my bastion/proxy to machine B:22

SSH using port 18024 to my bastion/proxy to machine C:22

SSH using port 18025 to my bastion/proxy to machine D:22

If anyone knows how to do this, or, thinks of better idea, I would really appreciate the help.

I actually solved this with reverse NAT, so, everything's cool. — Joe, Jul 21 '22 at 04:17

score 0 · Answer 1 · answered Jul 21 '22 at 04:18

0

So... the solution to this is actually very simple... Setting up reverse NAT on IpTables on the Bastion, pointing external ports to resolve to 22 on different servers.

Super simple.

answered Jul 21 '22 at 04:18

Joe

39
7

Problem setting up an ssh tunnelling/forwarding through bastion host

1 Answers1