Introduction:
Table of Contents
Instances within the same VPC can connect via their private IP addresses, as such, it is possible to Access Private Subnet EC2 from an instance in a public subnet. So, Amazon instances use SSH keys for authentication.
Step 1:
- Log in to the AWS console.
- Go to services select EC2
- Go to create an instance
- Select Amazon Linux2 AMI SSD Volume type.
Step 2:
- Select general purpose
- Which has t2.micro and select next configure instance details.
Step 3:
- Now we have to go configure details.
- Select the subnet as default us east 1b.
- Select the Auto-assign subnet public IP as “use subnet setting enable).
- And click next to add storage.
Step 4:
Let the added storage be the default one which has volume type root and then click next.
Step 5:
Give the key as name and value as suggest cloud private for private key and public for the public key. Then click next to configure security group.
Step 6:
Select SSH off port 22, HTTP of port 443, HTTP of port 80.
Step 7:
Review the instance and click on launch.
Step 8:
So after clicking the launch it shows a popup.
Step 9:
After choosing the key which we have already created.
Step 10:
Similarly, create another instance with public subnet. I have given privately for us east(1a), and (1b) as a public subnet. Below is for the public where we have to disable the auto-assign type.
Step 12:
Below are the two instances created private and public. If we click we can it shows whether we have a private subnet or public subnet.
Step 13:
Now open putty and paste the public IP address. In the hostname or IP address. Go to SSH.
Step 14:
And select the private key you have chosen. Then click open.
Step 15: Window appears asks login user then type ec2-user.
Step 16:
paste the pem file it shows that the ec2 machine has been connected from a private subnet using SSH.
Conclusion:
Amazon instances use SSH agent authentication. As we need private keys while connecting to the private instance similarly the public instance requires a private key on your host machine. There is an alternative solution is to use SSH which allows users to connect the host to another instance without storing the private key on the computer. Access Private Subnet EC2 and let us know incase of any issue.