Receiving error when trying to use ~/.ssh/config "ssh: Could not resolve hostname"

Question

I have scoured the internet for a solution, but no solution is working for me!  I am trying to create a bastion server with a public AWS EC2 instance that will connect to a private EC2 instance.

Below is my~/.ssh/config file:

Host bastion
   Hostname <instanceIP>
   User ec2-user
   IdentityFile <keypairPath>
   ProxyCommand none
 Host private
   Hostname <privateIP>
   User ec2-user
   IdentityFile <keypairPath>
   ProxyCommand ssh bastion -W %h:%p

When I attempt to run ssh bastion I receive this error:

ssh: Could not resolve hostname bastion: Name or service not known

I can connect with ssh -F config bastion with root (but not with local user), but I do not want to put that argument every time since I have seen that the -F is not required.

I also am not able to connect with ssh -F config private as root. The error states:

ssh: Could not resolve hostname bastion: Name or service not known
ssh_exchange_identification: Connection closed by remote host

I changed up the last line in the /.ssh/config file to

ProxyCommand ssh -F config bastion -W %h:%p

but that brings back this error:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Killed by signal 1

What am I doing wrong with my config file, and how can I ssh with the local profile and not root?

Answer 1

I can connect with ssh -F config bastion with root (but not with local user),

Sounds very much like

• the permissions or ownership of your ~/.ssh/ directory or the ~/.ssh/config file are incorrect, e.g. the file is owned by root instead of the actual user who's trying to connect, or it is not readable by the user; or

• you're putting the file in the wrong user's ~/.ssh (note that ssh ignores $HOME and always determines the home directory by UID).

(The last note means you cannot use the same config file both normally and with sudo, not that you should need to do that anyway.)