how to run a tunnel in the background as part of a shell script

ssh networking linux tunnel rds

I run these two commands all the time to connect to my rds instance on aws that's protected behind a firewall (so i tunnel through the ec2 instance) like so:

command 1: open the tunnel (run on background)

ssh -N -L port:host:5432 user@$ip -i ~/.ssh/key.pub &

command 2: connect to db through tunnel port:

PGPASSWORD=password psql dbname -U user -h ip_address -p port;

which is awesome, but I would like to put both these in a single function. But nothing worked with me:

attempt 1: run without background stuff:

function db()
{
    ssh -N -L port:host:5432 user@$ip -i ~/.ssh/key.pub &
    PGPASSWORD=password psql dbname -U user -h ip_address -p port;
}

simply tells me this:

$proddb
[1] 62924
psql: could not connect to server: Connection refused
    Is the server running on host "127.0.0.1" and accepting
    TCP/IP connections on port 6666?

although the initial command is running in the background:

ps aux | grep host
(standard input):435:abdullah         62924   0.0  0.0  4315660   5828 s006  S     3:06PM   0:00.03 ssh -N -L port:host:5432 user@$ip -i ~/.ssh/key.pub

and if i immediately run the next command after it.. i connect to the db just fine!

PGPASSWORD=password psql dbname -U user -h ip_address -p port;
user=>

how do I make this work?


Solution 1:

The first command didn't have time to establish a tunnel when the second command was run, thus giving a "Connection refused".

Just don't use & but use instead the option -f:

-f
Requests ssh to go to background just before command execution. This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background. This implies -n. The recommended way to start X11 programs at a remote site is with something like ssh -f host xterm.
If the ExitOnForwardFailure configuration option is set to “yes”, then a client started with -f will wait for all remote port forwards to be successfully established before placing itself in the background.

Putting all this together, replace the ssh line in the function with:

ssh -o ExitOnForwardFailure=yes -f -N -L port:host:5432 user@$ip -i ~/.ssh/key.pub

that way running the function multiple times, won't leave (multiple-1) useless ssh running.

It's also possible to replace -N with a short remote sleep command. That way there won't be a long lived idle ssh command that has to be searched if it has to be killed. Ssh will still wait the end of tunnel usage before ending, so the short delay is not an issue:

ssh -o ExitOnForwardFailure=yes -f -L port:host:5432 user@$ip -i ~/.ssh/key.pub sleep 15

Related

Is there a way to make editor tabs stack in VS Code?
Portable apps for Linux?
Common Mac OS folders/settings to check (when trying to get rid of a pesky self-launching app)
How to get Apple font rendering on Windows?
Is there an opposite of :g in vim?
Bare-minimum hard drive space to install Windows XP SP3 Professional?
Create a Google Doc in landscape mode [closed]
Empty line on a slide in Latex Beamer
Creating a Windows XP installation flash drive in linux
Legality of using a burned CD with a legal CD-Key? [closed]
How to find out DNS server IP used by my router
Three formats? Why?