Wasim Thabraze
Reputation: 810
How to SSH to target AWS machine using a bastion host
Assuming Machine A is target machine which I want to SSH into finally while Machine B is a bridge machine (bastion host). These two machines are accessible using the same PEM file.
The security group of Machine A allows SSH connections only from Machine B. So If I want to connect to Machine A, I need to connect through Machine B.
How can this be accomplished without placing the PEM file on the bastion host?
Upvotes: 2
Views: 1584
Answers (2)
helloV
Reputation: 52423
You can use ProxyCommand. I prefer defining the following in your ~/.ssh/config file.
host MachineB
HostName <MachineB-IP>
IdentityFile <Full Path of .pem file>
User username
host MachineA
HostName <MachineA-IP>
ProxyCommand ssh MachineB nc -w 120 %h %p
IdentityFile <Full Path of .pem file>
User username
Then access MachineA like:
$ ssh MachineA
Upvotes: 2
Related Questions
- restricting access to AWS EC2 instance through the bastion
- ssh port forwarding through bastion host to Elasticsearch cluster in VPC not working
- SSH to private instances from bastion
- AWS EC2 SSH Tunnel Bastion Server
- SSH through bastion host
- SSH Tunnel through Ubuntu bastion to EC2 instance in private subnet
- Allowing external access to bastion hosts on aws
- Connect to a web application in private through bastion host for my local machine in aws
- Ansible, connecting to bastion server in AWS VPC, host unreachable
- How to setup bastion hosts for accessing EC2 instances that are in different VPCs