堆栈内存溢出
  简体   繁体   English

我试图通过公共ec2实例连接私有ec2实例时如何解决错误?

[英]how to fix the error while im trying to connect private ec2 instance through public ec2 instance?

 原文  2019-01-15 11:30:05       linux/ amazon-web-services/ amazon-ec2/ instance

问题描述

I'm creating 2 amazon elastic cloud compute instances one is public and one is pvt. 我正在创建2个亚马逊弹性云计算实例,一个是公共的,另一个是pvt。
How can I access the private instance through public instance? 如何通过公共实例访问私有实例?
What are the commands to execute? 要执行什么命令? I've tried with 我尝试过 

ssh -p port number public-host name private-host name

I got the error as access denied 由于访问被拒绝,我得到了错误

1 个解决方案

解决方案1
 1  2019-01-15 11:46:35

It appears that your situation is: 看来您的情况是:

  • An Amazon EC2 instance in a Public Subnet (connected to an Internet Gateway) 公共子网(连接到Internet网关)中的Amazon EC2实例
  • An Amazon EC2 instance in a Private Subnet (not connected to an Internet Gateway) 专用子网中的Amazon EC2实例(未连接到Internet网关)
  • You can successfully SSH into the Public instance 您可以成功通过SSH进入Public实例
  • You then wish to SSH into the Private instance 然后,您希望通过SSH进入私有实例

You will need to use the standard SSH command: 您将需要使用标准的SSH命令: 

ssh -i pemfile.pem ec2-user@PRIVATE-IP-ADDRESS

Some things to note: 注意事项:

  • Connect to the Private instance via its Private IP address. 通过其私有IP地址连接到私有实例。 In fact, it should not have a public DNS name or public IP address 实际上,它不应具有公共DNS名称或公共IP地址
  • You will need to provide an key (pem) file to authenticate 您将需要提供密钥(pem)文件进行身份验证

There are two ways to provide the pem file: 提供pem文件有两种方法:

  • Use Agent Forwarding in your SSH connection, or 在SSH连接中使用代理转发,或者
  • Copy the pem file to the Public instance and use it as part of the ssh command (as shown above). 将pem文件复制到Public实例,并将其用作ssh命令的一部分(如上所示)。 This is bad from a security perspective since somebody who gets into the Public instance would then be able to access the Private instance. 从安全角度来看,这很不好,因为进入Public实例的人将能够访问Private实例。

Also, it depends on whether you are using the same key or a different key on the private computer. 此外,这取决于您在私人计算机上使用的是相同的密钥还是不同的密钥。 The easiest is to use the same key, which makes Agent Forwarding easier. 最简单的方法是使用相同的密钥,这使代理转发更加容易。

See: Securely Connect to Linux Instances Running in a Private Amazon VPC | 请参阅: 安全连接到在私有Amazon VPC中运行的Linux实例| AWS Security Blog AWS安全博客

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法通过HTTP连接到EC2实例 - Cannot connect to EC2 Instance through HTTP 通过 VSCode Remote SSH 连接到 ec2 实例时出错 - Error while Connecting to a ec2 instance through VSCode Remote SSH AWS ec2私钥是否特定于ec2实例中的用户 - Is the AWS ec2 private key specific to a user in the ec2 instance AWS EC2 实例 - AWS EC2 Instance 无法连接到我的AWS EC2实例 - Cannot connect to my aws ec2 instance Rundeck- 连接到 EC2 实例节点 - Rundeck- connect to EC2 instance node 如何将 redshift 数据库连接到在 ec2 实例上运行的 bash 脚本 - how to connect redshift database to a bash script running on ec2 instance 尝试将S3存储桶安装到Ubuntu 14.04 EC2实例时出错 - Error while trying to mount S3 bucket into Ubuntu 14.04 EC2 instance AWS EC2实例中的Mysqldump错误 - Mysqldump error in Aws EC2 Instance EC2实例,“常规错误挂载文件系统” - EC2 Instance, “General error mounting filesystems”
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM