I am attempting to tunnel from my localhost (on port 24000) via a Bastion box to my mongo instance (on 27017) that is only available via the VPC private subnet so that I may develop locally whilst connected to the staging db. Using this tunnel command on my OSX box:
ssh -A -L 24000:ip-10-0-11-11.ec2.internal:27017 ec2-3-211-555-333.compute-1.amazonaws.com -N -v
"ip-10-0-11-11.ec2.internal" is the mongo box.
"ec2-3-211-555-333.compute-1.amazonaws.com" is the bastion box.
Aiming to bind local port 24000 to the bastion then from there to the mongo box on 27017.
However upon trying to connect via the tunnel from my local box with:
mongo -u dbUser localhost:24000/db-name
The connection is timing out. Below is the verbose output from ssh tunnel command (presumably from the bastion?).
debug1: channel 3: free: direct-tcpip: listening port 24000 for ip-10-0-11-11.ec2.internal port 27017, connect from 127.0.0.1 port 63451 to 127.0.0.1 port 24000, nchannels 4
channel 4: open failed: connect failed: Connection timed out
Seems to try to be working but it is just not. Any and all help would be appreciated! I do have ssh forwarding enabled on the bastion via the sshd config. I can also connect to the mongo instance while on the bastion no problem.
Circling back... not sure how I got it working or why it wasn't working, but for those looking forward the ssh command to open a tunnel forwarding the keys in your ssh-agent this command is indeed the way todo.
ssh -A -L 24000:ip-10-0-20-141.ec2.internal:27017 ec2-54-165-159-177.compute-1.amazonaws.com -N -v