SSH Tunnel
The Sym CLI can tunnel an SSH connection to any instance, allowing any application which works over SSH to use your escalated privileges.
While most applications can use temporary credentials generated from your escalated privileges via sym exec
, occasionally you'll want to simply open an SSH connection to an instance and let an application use it. Sym has native support for several applications, including Ansible, but also exposes a ProxyCommand
-based for general SSH usage.
The general idea is to prefix your command with sym ssh-tunnel RESOURCE
. This will let Sym wrap your command with options that point to an SSH config containing your temporary credentials.
sym ssh-tunnel RESOURCE COMMAND OPTIONS
You'll have to manually specify both the destination instance and SSH user in your command. For example, with
scp
, this means passing something like[email protected]
as the source / destination.
SCP
A common use of the ssh-tunnel
command is to use Sym with SCP. For example, to copy a file from a remote instance, you would do the following.
First, request access to your resource and wait for it to be approved.
You can list your resources if you're not sure what's available! Remember, you can always specify the
SYM_RESOURCE
environment variable instead of passing the resource tosym
as an option.
Then, run the following in your terminal.
sym ssh-tunnel RESOURCE scp [email protected]:~/file.txt file.txt
You can specify the instance by IP address, hostname, or Instance ID.
You should now have file.txt
available locally!
Occasionally, using
sym ssh-tunnel
will fail on an instance you haven't accessed in a while. If this happens to you, you can use the following command to fix things:
sym ssh RESOURCE INSTANCE --force-ssh
Updated 10 months ago