I have a script which creates an ssh tunnel towards a ec2 node. It works on my windows and osx machine but not on the ubuntu 18.04 since it gets stuck.
What I see is this:
/bin/bash scripts/datomic-socks-proxy _
download: s3///datomic/access/private-keys/bastion to …/…/.ssh/datomic–-bastion
Using /snap/bin/autossh
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Connecting to 18.203.251.17 [18.203.251.17] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/johan/.ssh/datomic–-bastion type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/johan/.ssh/datomic–-bastion-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH compat 0x04000000
debug1: Authenticating to 18.203.251.17:22 as ‘ec2-user’
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305 @openssh.com MAC: compression: zlib @openssh.com
debug1: kex: client->server cipher: chacha20-poly1305 @openssh.com MAC: compression: zlib @openssh.com
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:/
The script I am using looks like this:
#!/bin/bash
while [ $# -gt 1 ]
do
case "$1" in
-p)
PROFILE_COMMAND="--profile $2"
;;
-r)
REGION=$2
;;
--port)
SOCKS_PORT=$2
;;
esac
shift 2
done
if [ "$1" == "" ]; then
echo "Usage: $0 (-p aws-profile)? (-r aws-region)? (--port socks-port)? system-name"
exit -1
fi
SYSTEM=$1
REGION=$AWS_REGION
if [ "$REGION" == "" ]; then
REGION_ARG=
else
REGION_ARG="--region $REGION"
fi
S3=`aws resourcegroupstaggingapi get-resources $REGION_ARG --resource-type-filters s3 --tag-filters Key=datomic:system,Values=$SYSTEM --query ResourceTagMappingList[0].ResourceARN --output text $PROFILE_COMMAND | sed -e 's/.*/g'`
if [ "$S3" == None ] || [ "$S3" == "" ]; then
echo "Datomic system $SYSTEM not found, make sure your system name and AWS creds are correct."
exit 1
fi
PK=~/.ssh/datomic-${REGION}-${SYSTEM}-bastion
aws s3 cp $PROFILE_COMMAND s3/${S3}/${SYSTEM}/datomic/access/private-keys/bastion $PK
if [ "$?" -ne 0 ]; then
echo "Unable to read bastion key, make sure your AWS creds are correct."
exit 1
fi
chmod 600 $PK
BASTION_IP=`aws ec2 describe-instances $REGION_ARG --filters Name=tag:Name,Values=${SYSTEM}-bastion Name=instance-state-name,Values=running --query Reservations[0].Instances[0].PublicIpAddress --output text $PROFILE_COMMAND`
if [ "$?" -ne 0 ] || [ "${BASTION_IP}" == None ]; then
echo "Bastion not found, make sure bastion is running."
exit 1
fi
AUTOSSH=`which autossh`
if [ "$?" -eq 0 ]; then
echo "Using $AUTOSSH"
autossh -M 0 -o "ServerAliveInterval 5" -o "ServerAliveCountMax 3" -v -i $PK -CND ${SOCKS_PORT:=8182} ec2-user@${BASTION_IP}
else
echo "Using ssh"
ssh -v -i $PK -CND ${SOCKS_PORT:=8182} -oStrictHostKeyChecking=No ec2-user@${BASTION_IP}
fi
I have tried to run curl -x socks5h/localhost:$DATOMIC_SOCKS_PORT http/entry.$DATOMIC_SYSTEM.$DATOMIC_REGION.datomic.net:8182/
but got:
DATOMIC_SYSTEM.$DATOMIC_REGION.datomic.net:8182/
curl: (7) Failed to connect to localhost port 8182: Connection refused
Any ideas for why I’m stuck at debug1: Server host key: ecdsa-sha2-nistp256 SHA256:/
?