[davesmylie]

Pretty sure the answer is no, cause I've been searching for a way to do this for a while, but is there any way to trigger these escapes from script?

Use case is bouncing through to an RDS that only allows access from specific EC2 instances. The RDS endpoint in question is highly specific to the EC2 - not a big deal to hit ~L and create the forward manually, but doing this automatically would be great.

[deadbunny]

Can you not use SSH proxyjump?

https://www.redhat.com/sysadmin/ssh-proxy-bastion-proxyjump

[davesmylie]

Yup. Though doesn't help much for my use case (I don't think) - I have an ever change set of ec2's, each with access to a single RDS endpoint.

Most debug/config is done via sqlcl which is straight forward as that's run from the ec2 and so has access to the DB, but sometimes I need to fall back to eg TOAD or sqldeveloper which require the forward to be setup - either adhoc via ~L or -L or via .ssh/config

Each ec2 knows it's RDS end point and I have an extracted list which I use to generate a list of .ssh/config entries periodically to automatically set up the forwards, but just being able to run a command from the ec2s that translates to eg:

~L > 1521:<extracted rds endpoint from app config:1521

would make my life marginally easier

[philsnow]

ssh only looks for those escape sequences on the input side / on the controlling pty.

I think you would have to do something like have the script on the remote ec2 instance emit some pattern that you configure your local terminal emulator to watch for and then somehow tell your terminal to emit the ~L sequence of keystrokes.

iterm2 can do this kind of thing, see https://iterm2.com/triggers.html .

[hamandcheese]

Maybe take a look at expect:

https://linux.die.net/man/1/expect