Config

Use of bastion hosts

Configure your hosts to use another host as a jump host

1
2
3
4
host my-machine
  user <username>
  hostname <hostname>
  ProxyCommand ssh -q -W %h:%p <bastion-host>

Use AWS SSM

Using AWS SSM configure SSH:

1
2
3
4
5
Host bastion
    HostName <host name>
    User ec2-user
    IdentityFile <identity file>
    ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"

Then you can use:

1
$ ssh bastion

Security