Question 18273 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

How to transfer files to EC2 instance in private subnet using a bastion host – Amazon Web Sevices

I am trying to transfer files to an EC2 instance that is located in a private subnet using a bastion host. My local machine is running Windows, and I am connecting to the EC2 instance via SSH through the bastion host. I am not sure how to transfer files to the EC2 instance from my local machine using only command line tools and Putty.

Here is what I have tried so far: I connected to the bastion host via Putty and then tried to transfer files to the EC2 instance using the scp command on my local pc, but I received Connection timed out error.

Can someone please advise me on how to transfer files to the EC2 instance in the private subnet using a bastion host? Do I need to store my private key on the bastion host, or is there a way to transfer files directly from my local machine to the EC2 instance without storing the private key on the bastion host?

Thanks in advance for your help.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    By using the below command and by restricting the key files to chmod 400 I successfully transfer a file from my local pc to my private EC2 instance :

    scp -i "path/to/private/EC2/key" -o ProxyCommand="ssh -i "path/to/bastion/key" ec2-user@bastion_public_ip -W %h:%p" "path/to/file" ec2-user@ec2_private_ip:path

  2. 0

    Look for AWS Systems Manager Agent (SSM Agent). It is preinstalled, by default, on the following Amazon Machine Images (AMIs) for Windows Server:

    • Windows Server 2008-2012 R2 AMIs published in November 2016 or later

    • Windows Server 2016, 2019, and 2022

    Then use a proxy to connect to the EC2 instance:

    1. Connect to instance via Remote Desktop or Windows PowerShell

    2. Run the following in Powershell

    
$serviceKey = "HKLM:SYSTEMCurrentControlSetServicesAmazonSSMAgent"
    $keyInfo = (Get-Item -Path $serviceKey).GetValue("Environment")
    $proxyVariables = @("http_proxy=hostname:port", "https_proxy=hostname:port", "no_proxy=169.254.169.254")

    
    if ($keyInfo -eq $null) {
        New-ItemProperty -Path $serviceKey -Name Environment -Value $proxyVariables -PropertyType MultiString -Force
    } 
    else {
        Set-ItemProperty -Path $serviceKey -Name Environment -Value $proxyVariables
    }
    
    Restart-Service AmazonSSMAgent

    For more info, access AWS documentation:

    https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-ssm-proxy.html

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search