How to SSH into Private instance via Public instance securely?

Ever wondered how can we ssh into private instance from a public instance or bastian instance and that too without putting the private key on your bastian instance?

I am going to tell exactly how to do it. This works on both windows and Linux (including Mac).

Create a config file in ~/.ssh/ directory with the below content

Host jumphost
HostName <ipaddress or hostname>
Port 22
User ec2-user
IdentityFile “path_to_private_key”
ProxyCommand none
Host securehost
HostName <ipaddress or hostname>
Port 22
User ec2-user
IdentityFile “path_to_private_key”
ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe jumphost -W %h:%p

Here, jumphost is the bastian host and secure host is the private instance. This is for windows. For Linux or mac you can change the last line to “ssh jumphost -W %h:%p” (without quotes). You can also mention the port other than 22 if you have already configured the SSH server with that port.

After saving the file. All you need is to type “ssh securehost -v”. That’s it. You will be forwarded from the bastian host to your private host.