SSH through bastion host gives: open failed: connect failed: Connection timed out

Question

We have bastion server B. We need to SSH from A through B to C, using private key (we use keepass with keeAgent).

In the bastion I have: AllowTcpForwarding yes.

I tried to use proxyCammand:

Host app
    Hostname *.*.*.*
    User my-user
    Port 22
    ProxyCommand ssh -W %h:%p bast

Host bast
     Hostname *.*.*.*
     # ForwardAgent no
     User my-user

ssh app manages to enter the bastion server and falls when trying to connect the private server. The error is:

channel 0: open failed: connect failed: Connection timed out
stdio forwarding failed
ssh_exchange_identification: Connection closed by remote host

On the /var/log/secure log in bastion I see:

error: connect_to *.*.*.* port 22: failed.

score 1 · Accepted Answer · answered Mar 19 '19 at 08:20

1

I found the problem.

In app section I wrote public IP, as I did in Bast section, and as I'm always connecting.

Now I changed the IP to the private one and it works! I'm not sure why I can't connect via public IP. I used AWS Quick Start.

answered Mar 19 '19 at 08:20

user2503775

223

score 0 · Answer 2 · answered Mar 18 '19 at 11:09

0

How will bast authenticate to app if you have agent forwarding disabled? You need to enable the agent forwarding on bast so it can relay your key to app.

Further, do you have a key for app loaded in your local agent?

answered Mar 18 '19 at 11:09

Joe Webster

16

SSH through bastion host gives: open failed: connect failed: Connection timed out

2 Answers2

Linked