DEV Community

Rodrigo Fernandes
Rodrigo Fernandes

Posted on

Bastion Host

#aws #devops #security #cloud

Anotações sobre o Bastion Host para ajudar na preparação das certificações AWS.

Até o momento as anotações são para as certificações abaixo:

Image description

Anotações gerais

  • Instância sempre na Subnet Publica

SSH Agent Forwarding

Documentação oficial

  • Copiar a public key para as instâncias que serão acessadas

Step 1: Create Public/Private Key in Remote Client EC2

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

Step 2: Setup Authentication

  • Copy the contents of public key form remote-client to the 
~/.ssh/authorized_keys file of both Bastion and Private EC2.
Enter fullscreen mode Exit fullscreen mode

Step 3: Use SSH Agent Forwarding

  • Run the following commands on the remote-client EC2 instance

Image description

Step 4: Test the Setup

  • From remote-client EC2, run the following command: 
ssh -A [BASTION-EC2-IP]
Enter fullscreen mode Exit fullscreen mode
  • Once you are logged into Bastion, try to connect to Private EC2 
ssh [IP-OF-PRIVATE-EC2]
Enter fullscreen mode Exit fullscreen mode

How to Record SSH Sessions Established Through a Bastion Host

Documentação oficial

Referências

Top comments (0)

Read next

rksalo88 profile image

Learning AWS Day by Day — Day 75 — Elastic Network Interface

Saloni Singh -

elizabethfuentes12 profile image

Relax and let the data flow: A Zero-ETL Pipeline

Elizabeth Fuentes L -

a_jun_1d592a39703eed80f31 profile image

Use AIAnsible debug Ansible playbook and role, and use AI annotations and hints to resolve errors.

A Jun -

purple4reina profile image

Reducing AWS Lambda Cold Starts

Rey Abolofia -