Comments (9)
I believe the use-case is already supported.
Follow the instructions in the "SSH ProxyCommand support" section in README
But instead of issuing the command:
ssh ssm-test.eu-west-1.default
Then instead issue:
ssh -N -L 5000:rds-endpoint.example.org:3306 ssm-test.eu-west-1.default
Now your localhost port 5000 is tunneling through your EC2 instance all the way to rds-endpoint.example.org
port 3306.
from aws-gate.
@mbp , thanks for explaining that.
I'll be honest, I didn't understand the SSH ProxyCommand documentation when I first read it.
I've understood it now and made it work, but there are some things I found confusing.
I don't like how the SSH host name is used as a proprietary way of specifying the region and profile for the AWS commands. I prefer to use the standard AWS_PROFILE
and AWS_DEFUALT_REGION
parameters or the standard --region
and --profile
options on the command line.
Since creating this issue I've submitted a PR that adds the option aws-gate ssh -L
which solves my use case without proprietary syntax or requiring an SSH config file. I think it's simpler than the current solution with equivalent power.
Would you consider this way of supporting the use case?
from aws-gate.
I'm not the maintainer, I think we have to wait for @xen0l :-)
from aws-gate.
Hello folks,
thanks for the issue. I am generally opposed in extending aws-gate ssh
with additional flags because it is just function duplication of aws-gate ssh-proxy
and native ssh client. However, I am willing to make an exception as I see it's quite handy to be able to forward ports to resources in AWS. With this, I think it makes sense to also add support for -D
and -R
.
I will also revamp the documentation on this explaining when to use aws-gate ssh
and ProxyCommand support (it's much more superior).
from aws-gate.
I don't like how the SSH host name is used as a proprietary way of specifying the region and profile for the AWS commands. I prefer to use the standard
AWS_PROFILE
andAWS_DEFUALT_REGION
parameters or the standard--region
and--profile
options on the command line.
It exists because not all applications support connecting to AWS resource via native API and this naming add convevience method (maybe opinionated) if you are using multiple regions with multiple AWS accounts for those cases as it allows to use ssh(1) transparently with aws-gate
underneath.
from aws-gate.
@xen0l , thanks for your response.
I am generally opposed in extending aws-gate ssh with additional flags because it is just function duplication of aws-gate ssh-proxy and native ssh client.
I understand the desire to avoid duplication. Maybe we could consider the aws-gate ssh
command the "easy mode" for common use cases and the aws-gate ssh-proxy
the "advanced mode" for more flexibility.
However, I am willing to make an exception as I see it's quite handy to be able to forward ports to resources in AWS. With this, I think it makes sense to also add support for -D and -R.
Whatever the solution, I think concrete examples in the documentation would help a lot to make it clearer what aws-gate can do. I attempted to do this in my PR. Even if you don't merge it as is, maybe you can take the same use cases and show how to support them.
With this, I think it makes sense to also add support for -D and -R.
I haven't used the -D
or -R
flags. Could you give an example of how they could be useful in this context?
from aws-gate.
I will also revamp the documentation on this explaining when to use aws-gate ssh and ProxyCommand support (it's much more superior).
from aws-gate.
PR merged @iainelder, thanks for contrribution. I went on and added -R/-D support. -D is defintiely useful, -R for some specific cases as well. I will continue with #719. Once finished, would you be able to proofread it and provide feedback it's clearer?
from aws-gate.
I went on and added -R/-D support.
I found it here: #722
I will continue with #719. Once finished, would you be able to proofread it and provide feedback it's clearer?
Of course, happy to give feedback! We can continue the conversation in #719.
from aws-gate.
Related Issues (20)
- Quiet option HOT 2
- no such file or directory: ~/.aws-gate/bin/session-manager-plugin when forwarding a session.
- Replace marshallow with pydantic
- Error occurred in aws-gate.exe_Windows_amd64 (Release 0.11.2) HOT 3
- Add support for remote port forwarding
- [EC2] InvalidInstanceID.NotFound can occur
- Doesn't work on M2 macbook pro HOT 8
- Stopped working on ubuntu 23.04 HOT 2
- Update the list of AWS EC2 regions
- request: make `list` similar to `session` e.g. show instance-ids that match a specific tag
- Allow colons in tag names
- Add support for Raspberry Pi
- Distribute .exe file of aws-gate on Windows HOT 1
- Provide MSI for better Windows integration
- aws-gate ssh-proxy not able to create ~/.aws-gate directory HOT 1
- Provide support for EC2 serial console
- AccessDeniedException when terminating session with assumed role
- provide a sample to use aws-gate for port forward to access to databases
- does not support windows HOT 1
- Support `CNAME` dns records HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-gate.