An Illustrated Hands-on Intro to AWS VPC Networking
Quick Intro If you're one of those who knows a bit of networking but you feel uncomfortable touching AWS networking resources, then this article is for you. We're going to go through real AWS confi...
Published Nov 05, 2019
Version 1.0
In last SSH test on Appendix section, instead of copying private key over to Public host, we could've added private-key locally to our client machine without copying it to Public instance (this is more real-world kind of thing):
$ ssh-add -K dc-keypair.pem
Identity added: dc-keypair.pem (dc-keypair.pem)
Then, you can list your existing keys:
CHR-ML-00029721:Downloads albuquerque$ ssh-add -L
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/J1lRWOYCAzZuV79C47/GTih6yEbqlYn7rqI4yLQYuFg5uL5+wRrHeLWjd0U6LmSlj01LJRUsXfbPNw/kLeuUbEcKmrr5NenbCNGfir8ED/9Wu1Jco8PwUplIIseflhyJToaa9AsAQc0lbrXD+ePNsWPCuOH/BAtlotaTL718xZuN72WmM6jocdzlGQleJuC4oFNPx4jYCT1Kt4iFkJzy20FcBQm85AW5I3IXQR1KxTGWPxQgB97p173Ytb3S0gourHtl8OydaI+WREY/TOc0EQ3/ZZ2nuAqH1IN1k7hn7tMNVas4Ja8x2mXxh7fPo8l0UQ35ROqaWTn4/zv4gqS9 dc-keypair.pem
Connect to Public instance using ssh -A command:
CHR-ML-00029721:Downloads albuquerque$ ssh -A ec2-user@54.173.2.43
Last login: Fri Nov 8 12:20:55 2019 from 90.214.101.145
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
[ec2-user@ip-192-168-1-54 ~]$
Lastly, connect to Private host using tunnelled SSH private key that was not copied to Public Instance:
[ec2-user@ip-192-168-1-54 ~]$ ssh ec2-user@192.168.2.96
The authenticity of host '192.168.2.96 (192.168.2.96)' can't be established.
ECDSA key fingerprint is SHA256:ERXEXkX3896VR3/ZV41dxbAcyhjSWdTFPNBeXH0qP8k.
ECDSA key fingerprint is MD5:ba:d9:62:0c:30:78:97:db:58:a5:25:5a:ea:56:2c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.2.96' (ECDSA) to the list of known hosts.
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
[ec2-user@ip-192-168-2-96 ~]$
Hope it helps.