Bastion Host

Bastion Host

Connect to the Linux bastion host instance

Connect to the Linux bastion host instance using either ssh. For either option, include the -A argument to enable authentication agent forwarding.

ssh -A username@bastion-host-external-ip

Connect to the instance that does not have an external IP

From the Linux bastion host instance, connect to the instance that does not have an external IP address by using SSH.

ssh username@internal-instance-ip-address

MySQL through SSH Tunnel

Create an SSH Tunnel on Linux and macOS

If you are using Linux or macOS as your operating system, you can create an SSH tunnel using the following command:

ssh -i YOUR-KEY.pem -N -L 8306:<MYSQL_PRIVATE_SERVER_IP>:3306 <USER>@<BASTION_PUBLIC_IP>

The options used are as follows:

  • -N Tells SSH not to execute a remote command.

  • -i is your identity key (.pem key for open ssh or .ppk for putty).

  • -L 3336:<MYSQL_PRIVATE_SERVER_IP>:3306 Creates a local port forwarding. The local port (8306), the destination IP [MYSQL_PRIVATE_SERVER_IP] and the remote port (3306) are separated with a colon (:).

  • [USER]@[BASTION_PUBLIC_IP] The remote SSH user and server IP address.

  • To run the command in the background, use the -f option.

  • If the SSH server is listening on a port other than 22 (the default) specify the port with the -p [PORT_NUMBER] option.