Today, I would show you how to SSH into your private server via bastian host (jumper) using PuTTY.  

First of all, forget what a bastian host is if you don't know about it yet. Let's say you want to establish an SSH (secure shell) session on the server that is accessible by public (server has allocated with Public IP), you can easily connect to the server in PuTTY like this:


If you ever need to authenticate via Private Key, simply convert your Private Key to .ppk format and locate it like this:


Now, let's say your server is set to private, you need a middleman who helps you set up the bridge so that you can connect to your private server safely. This middleman is what we called as "Bastian Host", "Jump Server", or "Jumper". Find out more of Bastion Hosts on AWS.

So here are the steps to set it up in PuTTY:

  1. Prepare an instance to serve as jumper:

    • This jumper instance must have Public IP set and the port 22 must be accessible by your IP address (unless you set inbound rules to allow SSH anywhere else which is not recommended by the way).
    • Make sure your private server has allowed inbound/outbound traffics from this jumper. The simplest way is to allow all the inbound/outbound rules from private IP addresses within VPC in the security group.
  2. Setup forwarded ports in PuTTY.

    • You can find it in PuTTY's category Connection > SSH > Tunnels:
    • Add Source Port and Destination like this:
      • Source is the port that you wish to forward to, Destination is the IP address of the private server along with the port number (port 22 is for SSH connection)
    • Make sure you have also checked "Local ports accept connections from other hosts" checkbox.
    • Once you have added the port, you will see it listed under Forwarded ports section:
  3. SSH into the instance you created, just like how you establish SSH connection with remote server.

  4. (Important!) Setup SSH connection via Tunnel:

    • Here, you can change the hostname to localhost or, and instead of connecting to port 22, you are connecting to port 4444 that we defined in step 2.
    • NOTE: you still need to include Private Key if your server uses SSH key for authentication.

Once you have followed all the steps, you will be able to log into your private server via jumper instance!

That's all about it! Thanks for reading!

Post was published on , last updated on .

Like the content? Support the author by!