ssh - Port forwarding to avoid the need for certificate

Question

I need to setup locally a tool that connects to the EC2 instance through SSH to perform profiling on the remote machine. The problem is the following: EC2 requires to use of a PEM certificate to connect, but the tool does not support certificates. Is there a way to do some port-forwarding so that the tool can connect to something like localhost:2222 without password (or at least without certificate) and then the traffic gets redirected to the EC2?

I don't know exactly what ports are used by the tool, but for sure it can tunnel all traffic through SSH.

If you need more info, the tool is the Nvidia Nsight Compute.

I tried sh -L 2222:localhost:22 -i mycertificate.pem <username_ec2>@<ip_ec2> but then ssh <username_ec2>@localhost:2222 returns ssh: Could not resolve hostname localhost:2222: nodename nor servname provided, or not known.

question from:https://stackoverflow.com/questions/65906650/port-forwarding-to-avoid-the-need-for-certificate

Answer 1

Fix your command to:

ssh -p 2222 <username_ec2>@localhost

but a certificate is still needed if you did the port forwarding like so:

ssh -L 2222:localhost:22 -i mycertificate.pem <username_ec2>@<ip_ec2>

I would try the following:

Run another ssh server which listens only on localhost, and doesn't require certificate on another port e.g 2222. See instructions

and then I would port forward to it like so:

ssh -L 2222:localhost:2222 -i mycertificate.pem <username_ec2>@<ip_ec2>

and ssh to it the same way:

ssh -p 2222 <username_ec2>@localhost