Connect to an instance in a private subnet
Hello Everyone
Welcome to CloudAffaire and this is Debjeet
In the last blog post, we have created an internet gateway and enabled internet connection to a public subnet.
https://cloudaffaire.com/create-an-internet-gateway/
In this blog post, we will learn how to connect to an instance that is hosted in a private subnet. If you enabled the internet to a public subnet and if your instance has a public IP then you can easily connect to the instance. But this is not the case for instances that are hosted in a private subnet. The private subnet is accessible within AWS infrastructure. In this demo, we will connect to an instance in private subnet from another instance in public subnet in the same VPC using agent forwarding.
We have two instances namely instance 1 (in private subnet with private IP 10.0.1.159) and instance 2 (in public subnet with private IP 10.0.2.159 and public IP 13.127.230.228).
Connect to an instance in a private subnet:
Step 1: Open pageant in windows PC.
Step 2: Click ‘Add Key’ and provide the key pair file for your instance in public subnet (instance 2).
Step 3: Once the key is loaded, click ‘Close’.
Step 4: Open putty in windows PC.
Step 5: Provide the user name and DNS hostname of the instance in public subnet.
Step 6: Navigate to ‘Auth’ located under SSH and check ‘Allow agent forwarding’ check box. Click ‘Open’.
Step 7: You are now connected to the instance in public subnet (instance 2) through agent forwarding.
Step 8: From instance 2 you can simply SSH to instance 1.
Now we are connected to the instance in private subnet through an instance in public subnet using agent forwarding.
But instance 1 don’t have an internet access and if you try to connect to the internet from instance 1, it will fail.
Hope you have enjoyed this article. You can enable outbound internet connection to a private subnet using a NAT Gateway which will be covered in the next blog post.
Hi,
I am already connected to EC2 instace which is in Public Subnet. Not i tried to connect to the instance which is in private subnet, but it is encountered below error. Please suggest.
[ec2-user@ip-172-31-46-131 ~]$ ssh ec2-user@172.31.62.123
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[ec2-user@ip-172-31-46-131 ~]$
Hi,
Same thing with me unable to ssh to instance in Private subnet from Public subnet. Any suggestion on how to get it done
Thanks