I have one AWS private ec2 instance available in VPC. I also have one public subnet ec2 instance available in same VPC. I am able to connect to public instance using putty and as well as I am able to connect to private instance using Bastion host. Now my question is how can I transfer my code or some files to private ec2 instance .I am also able to ping my private instance from public instance. I tried to copy files from public instance to private ec2 instance, but it always gives public key error .
Asked
Active
Viewed 2,976 times
2
-
[SCP Linux - Securely Copy Files Using SCP examples](https://haydenjames.io/linux-securely-copy-files-using-scp/) – John Rotenstein Mar 03 '20 at 04:57
-
Please update your question to show the commands you are using to copy the files, and please also show the exact error message. – John Rotenstein Mar 03 '20 at 04:58
-
I am using : scp ubuntu@IPV_IP:hello.txt ubuntu@Private_IP:/ – harshit Mar 03 '20 at 06:01
-
Permission denied (publickey). Is the error message – harshit Mar 03 '20 at 06:01
-
I found the solution: scp -i private.pem DSL/requirements.txt ubuntu@private_ip:dsl/ – harshit Mar 03 '20 at 09:25
2 Answers
2
Using 2 ways you can do this
1.Using SCP
Note: Keep Pem file same of bastion host and private ec2 instance.
scp -i -o ProxyCommand="ssh -i -W %h:%p <user_name>@<bastion_host_public_ip>" <Transfer_File_path_> <user_name>@<ec2_private_ip>:~/
eg. scp -i api_prod.pem -o ProxyCommand="ssh -i api_prod.pem -W %h:%p ubuntu@3.92.110.19" /home/ubuntu/application.zip ubuntu@171.23.22.208:~/
2.Using Filezilla to transfer files to a private ec2 instance through a bastion host:-
Note: Keep Pem file same of bastion host and private ec2 instance.
1.Open terminal or cmd(linux terminal i.e gitbash)
2.we are connecting to the AWS EC2 instance with one terminal command.
ssh -N -L 1234:<private_instance_ip or Private_DNS>:22 -i <Pem_File> @<Bastion_host_public_ip>
e.g. ssh -N -L 1234: ip-171-12-21-208.us-east-1.compute.internal:22 -i app_prod.pem ubuntu@ec2-31-92-123-22.us-east-1.compute.amazonaws.com
Note: - For the first time when you enter this command it will ask for Are you sure you want to continue connecting - yes
3.Keep this terminal or cmd open. If you close this session then the connection is broken
4.Open “FileZilla” application and on “Edit” section -> Click on “Settings”
5.On “Settings” page -> Click on “SFTP” and add PEM file of ec2 instance and click on “OK”
6.Add below entries:-
Host:- 127.0.0.1 or sftp://127.0.0.1 Username:- <your_user> Password:- Keep empty Port:- 1234
7.Click on Quick Connect. Once the connection is established then you can easily transfer files from local to private instance.
suraj kamble
- 21
- 2
-1
You need to make sure to use the correct permission key and that the default profile in the ~/.aws/credentials is set correctly with the AWS config that you need. You might have 2 profiles there, so make sure that in the ~/.ssh/config you are adding '--profile=your_profile_id' to your ProxyCommand.
So it looks something like:
# SSH over Session Manager
host i-* mi-*
ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p' --profile=my_profile_id --region=us-west-1
Also make sure that if you are connecting with non-root user that you copy the files to non-root directories or else you might get permission errors.
Roy Levy
- 640
- 1
- 11
- 24