Digging an SSH tunnel through a NAT box

Amazon's new private clouds are a great and secure way to host services, but can be difficult to develop on when you need access to ports inside the network.  Here's a quick guide.

NAT box at 52.1.132.255 and a server next to it with private ip 10.30.1.111

Let’s dig a tunnel in the NAT:

ssh -L 10022:10.30.1.111:22 52.1.132.255

Then let’s open a second connection on our local machine:

ssh -p 10022 localhost

Ok, now le'ts use that tunnel to download a file directly to our machine.

scp <grab this file from here> <put that file here>
scp -P10022 john@localhost:/opt/here/liveroads/tml-flow/conf/asdf-weu.json asdf-weu.json

Hmm, this didn't work but it should?

scp -P10022 ./topology/target/asdf-0.14-SNAPSHOT.jar  john@localhost: