How to SSH from one Linux VM to another Linux VM
In this blog, I’ll demonstrate how to connect a virtual machine that is located in a public subnet to a virtual machine that is located in a private subnet.
Before that, create two virtual machines in the Azure portal, one in each of the public and private subnets.
If you wish to keep your machine private, set the public IP to none.
Open a terminal and move to the directory where your .pem key file is located.
- First, to login into the public subnet VM, one must have VM’s public IP
- Use the below command to login into it
chmod 400 filename.pem
ssh -i filename.pem VM_username@public_ipExample: ssh -i key.pem azureuser@20.168.121.60
Here you must give the file name of your .pem file and the VM username must be the name you gave your Virtual Machine, and the public IP must be the VM’s public IP.
So you’ve logged in to your system.
Login can be possible only if the user has .pem file, username, and IP.
As we don’t have .pem file in the current VM, we need to create a file with .pem key file contents.
Steps involved in this process
- command+T to open a new tab in mac os
- Again login into the public subnet machine with the above command
- Then type the command below and press enter to copy the contents of .pem key file
cat filename.pem- Copy the content and now type the below command to create a new file with pem key
vi filename.pem- Type i to insert the copied text [key], command+v
- Enter Esc and type :wq
- So now the user will be able to see .pem file in public subnet VM
- Type ls to see whether the file is located or not
Now use the below command to login into the private subnet VM
chmod 400 filename.pem
ssh -i filename.pem VM_username@private_ipExample: ssh -i key.pem azureuser@10.0.1.4
If you create another .pem file for VM creation, put the name of that file here. However, when building Linux servers, most people will always use an existing .pem key.
Now you are into your private subnet VM
- Exit from the current directory or VM, type exit
- To automate logins, we will generate an ssh-key
The SSH-keygen utility is used to generate new authentication key pairs.
Such key pairs are used to automate logins, enable single sign-on, and authenticate hosts.
- Now it’s time to generate the ssh key using the following command
ssh-keygen
Type enter three times, no need to give those passphrases.
- Change the directory and copy id_rsa.pub key content
cd ~/.ssh/
cat id_rsaTo copy, use command+c
now again
ssh -i filename.pem VM_username@private_ip
cd ~/.ssh/
vi authorized_keys- Add the copied contents in authorized_keys and paste it using command+v, then press Esc, :wq to save it
- Now delete the .pem file located in public subnet VM using the following command
rm -rf filename.pem- Now, the user is able to login into the machine with just its IP
ssh private_ipExample: ssh 10.0.1.4
Summary: This is how we can securely build a channel between different virtual machines located in different subnets.
So that’s it for today. Happy Coding! 😊
