Forwarding Specific Ports through SSH Reverse Tunnels

Solution 1:

I'm not sure why you are using two separate ssh commands here? If you want to forward port 6600 on the EC2 instead to port 6600 on the machine at home then all you should need to do is:

ssh -R :6600:localhost:6600 -i .ssh/tokyoMinekey.pem ec2-user@ec2serveraddress

You will also need to make sure that the GatewayPorts option is enabled in the sshd_config file on the EC2 instance.

Obviously you will need to leave that ssh connection open for the port forward to continue working but other than that there shouldn't be any problems.

Solution 2:

Could you please provide the output of:

netstat -tulpen

on ec2serveraddress. I expect to see that both tunnels are starting at 127.0.0.1:PORT? 127.0.0.1 is the IP of the local machine itself, not accessible from outside. That means you can access this tunnel from the server itself but not from any other machine...

If this is the case, please add the following to your /etc/ssh/sshd_config:

GatewayPorts yes

This option will create the ports at 0.0.0.0, so you can connect from everywhere. If there are no other reasons for creating two connected tunnels you can of course shrink it to only one:

ssh -R 6600:localhost:22 -i .ssh/tokyoMinekey.pem ec2-user@ec2serveraddress

This will create a tunnel ec2serveraddress:6600 to your home:22.