I have scoured the internet for a solution, but no solution is working for me! I am trying to create a bastion server with a public AWS EC2 instance that will connect to a private EC2 instance.
Below is my~/.ssh/config
file:
Host bastion
Hostname <instanceIP>
User ec2-user
IdentityFile <keypairPath>
ProxyCommand none
Host private
Hostname <privateIP>
User ec2-user
IdentityFile <keypairPath>
ProxyCommand ssh bastion -W %h:%p
When I attempt to run ssh bastion
I receive this error:
ssh: Could not resolve hostname bastion: Name or service not known
I can connect with ssh -F config bastion
with root (but not with local user), but I do not want to put that argument every time since I have seen that the -F
is not required.
I also am not able to connect with ssh -F config private
as root. The error states:
ssh: Could not resolve hostname bastion: Name or service not known
ssh_exchange_identification: Connection closed by remote host
I changed up the last line in the /.ssh/config
file to
ProxyCommand ssh -F config bastion -W %h:%p
but that brings back this error:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Killed by signal 1
What am I doing wrong with my config file, and how can I ssh with the local profile and not root?
<instanceIP>
and<keypairPath>
are both placeholders for the actual information, rather than literal, correct? What happens if you runssh -i <keyparePath> ec2-user@<instanceIP> echo test
? That is, do what the configured bastion host should be doing, without actually using that config block.