What is Bastion Host and why it is so important? - Step by Step tutorial (Part-6)

Поделиться
HTML-код
  • Опубликовано: 30 янв 2025

Комментарии • 146

  • @debashissinha8489
    @debashissinha8489 9 месяцев назад +5

    O my God !! The unique way Rahul explains is the superb in my IT tenure. Is there any Azure DevOps series of terraform automation created by Rahul ?? Hats off for your rare quality, Rahul !!!

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      Thanks for liking it. As off now there is no terraform azure series

  • @UntamedRogueMavrick
    @UntamedRogueMavrick Месяц назад +3

    You are compressing my learning timeline from months to hours. I really appreciate your selflessness.

  • @SureshKumar-kh5ht
    @SureshKumar-kh5ht 11 месяцев назад +8

    Your are one of the best DevOps trainers Who provides in deapth info for DevOps aspirants
    Thank you Rahul

    • @RahulWagh
      @RahulWagh  11 месяцев назад +2

      Glad to help

  • @dmt15
    @dmt15 Год назад +7

    What a great series with clear explanation. Please continue this series, I’m looking forward to the next chapter :)

    • @RahulWagh
      @RahulWagh  Год назад

      There are more to come but if you are interested in more in depth content consider being RUclips member for more premium content

  • @manthuvishwakarma
    @manthuvishwakarma 8 месяцев назад +2

    You are the one who is teaching the topics from Scratch and explaining in easy way to understand the topics very easily. Thank you so much sir.

    • @RahulWagh
      @RahulWagh  7 месяцев назад

      You are most welcome

  • @NickVinckier
    @NickVinckier 11 месяцев назад +1

    Thank you for such a clear explanation and demo. The pace of this was perfect for me and I was able to grasp the concepts well. Created my own VPC with bastion/jump host and all was working as intended. Many thanks and keep the great content coming!

    • @RahulWagh
      @RahulWagh  11 месяцев назад

      Glad to hear that it works for you

  • @michaelakinyomitgod4961
    @michaelakinyomitgod4961 5 месяцев назад +1

    Your Training Method is superb Rahul; hats off for You!

    • @RahulWagh
      @RahulWagh  5 месяцев назад +1

      You are welcome

  • @BarneyMyBoy
    @BarneyMyBoy 7 месяцев назад +1

    Thank you sir , so far this is the best tutorial about the topic that I have been searching. The diagram and step-by-step demo are really easy and helpful for me to follow along. Liked and subscribed.

    • @RahulWagh
      @RahulWagh  7 месяцев назад

      You are welcome

  • @RameshKr-ot4ju
    @RameshKr-ot4ju 6 месяцев назад +1

    Sir you teach with the help of digrarm that makes the things CLEAR. Thank you sir best teacher 😍😍

    • @RahulWagh
      @RahulWagh  6 месяцев назад

      Glad to hear that

  • @sameerkashmiri9947
    @sameerkashmiri9947 6 месяцев назад +1

    What a great series with clear explanation and thank you so much for this lecture.

    • @RahulWagh
      @RahulWagh  6 месяцев назад

      You are welcome

  • @johnpol6968
    @johnpol6968 6 месяцев назад +1

    how ssh through bastion host into host in private subnet more secure? Perhaps shade some lite on that.

  • @fahim8690
    @fahim8690 10 месяцев назад

    Thank you very much for this series.. This series really helpful for beginner's like me❤️

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      You're welcome 😊

  • @mothusi
    @mothusi 8 месяцев назад +1

    Does having an EC2 instance in a public subnet automatically make that a Bastian host? Because in the video I did not see any specific configurations to the instance in the public subnet. What make an EC2 instance a Bastian host?

    • @shaikayub1497
      @shaikayub1497 5 месяцев назад +1

      This is I want to ask him. He did not made any configurations as bastion host. He just allowed the IP-address range of public subnet to the private subnet. How can he say that it is bastion host. Simply he can say that instead of using NAT gateway with elastic IP. we can only use public subnet range.

    • @SrikanthKurri-t6e
      @SrikanthKurri-t6e 2 месяца назад

      The public EC2 instance in the public subnet is called the Bastion Host (or Jump Host).

  • @gouthamu5424
    @gouthamu5424 6 месяцев назад

    Hi Rahul, Does all the Instances in the Public subnet will have the Public IP assigned to it ?
    I thought public subnet is the one with IGW and private subnet is the one with NAT gateway.
    In the AWS console i have VM's with Public subnet routed to IGW, but the internet doesn't work unless i enable it with Public IP assignment.

  • @AzamAslam-x2f
    @AzamAslam-x2f 10 месяцев назад

    Thank you Rahul bhai. you really doing great job for us.

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      Thanks and welcome

  • @Dinesh_Krish
    @Dinesh_Krish 3 месяца назад

    Excellent explanation, This is very helpful for me...

    • @RahulWagh
      @RahulWagh  3 месяца назад +1

      Glad to hear that

  • @clipsupportgroup8292
    @clipsupportgroup8292 8 месяцев назад

    Good job sir, I cleared my doubts. Thanks once again.

  • @pramodpunnuche5426
    @pramodpunnuche5426 Год назад +2

    Hi Rahul, Thank for the detailed session and I have one question here during NAT gateway session you connected from pubilc ec2 to private ec2 without enabling public IP subnet in private ec2 SG, how you did that? or its connected via NAT gateway?

    • @RahulWagh
      @RahulWagh  Год назад +1

      both the ec2 instances are in the same VPC which means both are in same network. The public ec2 instance present in public is only accesible via internet but the ec2 instance present in private subnet can be accessed via public ec2 instance internally without the need of NAT gateway because both of them are in internal network

  • @deexithshetty3563
    @deexithshetty3563 2 месяца назад

    Best and clear explanation ❤

    • @RahulWagh
      @RahulWagh  2 месяца назад

      Thanks a lot 😊

  • @SinaSoltani-tf8zo
    @SinaSoltani-tf8zo 5 месяцев назад

    Hi, thanks for the video.
    Is there anything like this for databases and other services too? I'm trying to find a way to access an internal database from my own PC. The internal database is just a database that is being used by an API on AWS. How can I use something like a VPN to open the database from my own PC?

  • @paragvade
    @paragvade 11 месяцев назад

    Thank you Rahul.. wonderfully explained

    • @RahulWagh
      @RahulWagh  11 месяцев назад

      Thanks and welcome

  • @nsquare_4
    @nsquare_4 6 месяцев назад

    whenever you create the instance you gave the name of test-key-pair , but when we login into the machine the name of the key will be different. how it happens

  • @prateekverma5169
    @prateekverma5169 Год назад +1

    on point demo , thanks for such content

  • @ThotaSrinath
    @ThotaSrinath 4 месяца назад

    Hi Rahul, thanks a lot for the videos. Learning a lot from these videos. One question on bastion host, when we are copying the private key of ec2 which is in a private subnet to the internet exposed ec2 machine in a public subnet. Is it secured?

  • @pradipsharma8504
    @pradipsharma8504 Год назад

    Wonderful session. Thanks a lot for your honest effort.

    • @RahulWagh
      @RahulWagh  Год назад

      Glad to know the feedback back

  • @clipsupportgroup8292
    @clipsupportgroup8292 8 месяцев назад

    can we set the rule at S3 , after number of days the particular url link(downlodable) will not work if i shared it publically? Please guide me.

  • @A.Sandeep-18
    @A.Sandeep-18 10 месяцев назад

    Liked , commented and subscribed with this one video ❤... looking forward to learn more

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      Glad to have you

  • @harryprsd1
    @harryprsd1 Год назад +1

    Great info. Can we have similar setup in azure?

    • @RahulWagh
      @RahulWagh  Год назад +1

      Yes the bastion host concept is common and can be used in any cloud provider

  • @VijayaBaskarvvk
    @VijayaBaskarvvk 4 месяца назад

    Hi Rahul, when we define subnets, when have to use Private ranges right? Such as 192.168.x.x, 172.16.x.x to 172.31.x.x, or 10.x.x.x. Or it doesn't matter?

    • @RahulWagh
      @RahulWagh  4 месяца назад

      It totally depends on your org practice on assignment of cidrs

  • @gurunathaade4499
    @gurunathaade4499 Год назад

    Hi sir ,
    You are doing great jobs pls make a series continuesly, i hope you have to be done with the best way 🙏❤

  • @chukwumaonu7687
    @chukwumaonu7687 Год назад

    This is cool, what looks like a mirage, you made it so simple. Thanks Bro

  • @Abwhinnaw
    @Abwhinnaw 24 дня назад

    thank you so much, can you please do CICD in detailing.

    • @RahulWagh
      @RahulWagh  22 дня назад

      I will try my best to

  • @SrikanthKurri-t6e
    @SrikanthKurri-t6e 2 месяца назад

    thank you so much for your videos. these are helping me a lot.

    • @RahulWagh
      @RahulWagh  2 месяца назад

      You are most welcome

  • @kumarswamyba5876
    @kumarswamyba5876 8 месяцев назад

    Thank you very much for such a wonderful session sir

  • @peterrubinstein6975
    @peterrubinstein6975 6 месяцев назад

    Great video. How do you do the diagrams

    • @RahulWagh
      @RahulWagh  6 месяцев назад

      I just use the ppts nothing more

  • @dips_07
    @dips_07 Год назад

    What an insightful share... thank you 🙏🙏

  • @nurhossainsakil9904
    @nurhossainsakil9904 Год назад +1

    I can't copy the private key. Can anyone help me please?

  • @shakunthalapulugu755
    @shakunthalapulugu755 Год назад

    Hi sir,Thankyou for your elaborated explanation.. please explain the purpose of Natgateway.

  • @nikkiheer4091
    @nikkiheer4091 9 месяцев назад

    I am not able to connect to private ec2 while connecting to private ec2 from bastion host. Doing ssh as shown in video, i did all steps correctly and tried but while doing ssh to private ec2 nothing is coming, its just blank

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      could be many reasons but check the security groups

  • @kiranyadav-gf6cd
    @kiranyadav-gf6cd 9 месяцев назад

    Amazing content bro.. keep going on please do aws solution architect entire course..

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      Thanks and sure

  • @farhanmqsd
    @farhanmqsd 2 месяца назад

    Great Video

  • @sahilk335
    @sahilk335 8 месяцев назад

    Thank you for detailed explanation.

    • @RahulWagh
      @RahulWagh  8 месяцев назад

      You are most welcome

  • @manthuvishwakarma
    @manthuvishwakarma 8 месяцев назад +1

    Can you make an video related to how to build SSH connection from bastion Host to EC2 user in Windows PC

  • @oluwabusayoshofowora4372
    @oluwabusayoshofowora4372 10 месяцев назад

    Thank you, you made me think deeper.

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      You're very welcome

  • @tathagatadas2825
    @tathagatadas2825 7 месяцев назад

    Awesome content bro....thanks

    • @RahulWagh
      @RahulWagh  7 месяцев назад

      So nice of you

  • @boscokuttikatt
    @boscokuttikatt 2 месяца назад

    Amaizing!!

  • @nurhossainsakil9904
    @nurhossainsakil9904 Год назад

    @RahulWagh please help to get the copy of my private key. I can't read or copy the key from my .pem file

  • @oluwasilea1307
    @oluwasilea1307 6 месяцев назад

    Thank You! I am a beginner ❤

    • @RahulWagh
      @RahulWagh  6 месяцев назад

      You're so welcome!

  • @ramamoorthy3444
    @ramamoorthy3444 10 месяцев назад

    Great explaination. I clear understanding

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      Great to hear!

  • @nsquare_4
    @nsquare_4 6 месяцев назад

    sir im unable to understand how the name of the key you changed, please explain sir

  • @thapasujan07
    @thapasujan07 8 месяцев назад

    Thank you Sir. 💞

    • @RahulWagh
      @RahulWagh  8 месяцев назад

      Always welcome

  • @iamsreejuks
    @iamsreejuks 11 месяцев назад

    Hello Rahul, Correct me if I am wrong, both the ec2 instances are in the same VPC which means both are in same network, so it will connect right?. I still could not understand the concept of bastion. I already watched "Mastering AWS: NAT Gateway Setup in Your VPC" video, comparing these to, the differences are, in this video you explicitly adding Security group and in NAT gateway video all the configurations are same except the private subnet want to access internet(outbound only) using NAT. So adding the security group(enabling access from Private IPs of Public EC2 to all port in the Private ec2) is how a bastion host differs from normal private-public environment.

    • @bhardwaj_abhi3421
      @bhardwaj_abhi3421 11 месяцев назад +1

      yup ,whole setup is same as explained in VPC video

  • @ShaliniSingh-mu3em
    @ShaliniSingh-mu3em 8 месяцев назад

    How do we establish an internet connection on private ec2?

    • @RahulWagh
      @RahulWagh  8 месяцев назад

      Use NAT gateway

  • @richachaturvedi9330
    @richachaturvedi9330 3 дня назад

    Very helpful

  • @subash000000
    @subash000000 Год назад +1

    why we are using ipv4 cidr 0f 12 range why not 10 ?

    • @RahulWagh
      @RahulWagh  Год назад +2

      When it comes to choosing a CIDR range for a network, there are several factors to consider, including the size of the network, the number of hosts that need to be accommodated, and the availability of IP addresses.
      The "/12" in IPv4 CIDR notation corresponds to a subnet mask of 255.240.0.0, which means that the first 12 bits of the IP address are used for the network portion, leaving 20 bits for host addresses. This allows for a total of 2^20, or 1,048,576, IP addresses in the subnet (though the first and last addresses are reserved for the network and broadcast addresses, respectively).
      On the other hand, a "/10" CIDR range corresponds to a subnet mask of 255.192.0.0, which provides for 2^22, or 4,194,304, IP addresses in the subnet.
      The decision to use a "/12" CIDR range instead of a "/10" range would typically be based on the need for fewer IP addresses than a "/10" range provides. Using a "/12" range when a "/10" range is not necessary can help conserve IP addresses, which is particularly important given the limited availability of IPv4 addresses. However, it's also worth noting that the decision could be influenced by other factors, such as the design of the larger network, routing considerations, and the allocation policies of the organization or service provider managing the IP addresses.

    • @subash000000
      @subash000000 Год назад +1

      ​@@RahulWagh.thank you for your explanation but i mean we use 10.x.x.x but you use 12. i liked your teaching and explanation.🙂

    • @RahulWagh
      @RahulWagh  Год назад

      @@subash000000 there is no rule on using 10.x.x.. or 12.x.x…. It is your own vpc just pick the range which you like. The vpcs are not in public domain so you have liberty to choose any range

    • @subash000000
      @subash000000 Год назад

      @@RahulWagh thank you for such quick response.

  • @raghavayoga
    @raghavayoga 9 месяцев назад

    Very well explained

  • @RayRaman
    @RayRaman 6 дней назад

    how to share a user ssh on the bastion server with their public ssh key

    • @RahulWagh
      @RahulWagh  6 дней назад

      you have to use to secret management tools like hashicorp vault

  • @MahekMordani-pu8sx
    @MahekMordani-pu8sx 9 месяцев назад

    Hi Rahul do you also do one on one consulting for entrepreneurs

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      There is paid consulting which I do, if interested you can reach out to me at - rahul.wagh@jhooq.com

  • @shailendraverma1675
    @shailendraverma1675 9 месяцев назад

    Hello sir what if we created our bastion host in private network so is there anyway ? How we can access that

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      The whole purpose of bastion host is to enable access to server present into private subnets. Bastion host in private subnet doesn’t make a sense

    • @shailendraverma1675
      @shailendraverma1675 9 месяцев назад

      @@RahulWagh thanks for replying !!!
      To make this process more secure what can we do any suggestions ?? Like can we attach a VPN

  • @atharvameher5880
    @atharvameher5880 9 месяцев назад

    Great content man

    • @RahulWagh
      @RahulWagh  9 месяцев назад

      You are welcome

  • @VarunH-w3w
    @VarunH-w3w 7 месяцев назад

    Can you please make a video on how to Configure the Web application(Python Flask) And Database (Postgre SQl) in the EC2 instance, by using the same security bastion host.

    • @RahulWagh
      @RahulWagh  7 месяцев назад +1

      It is already there - Real Time DevOps Project | Use Terraform Jenkins AWS to deploy REST API
      ruclips.net/video/otQqd7GRVK0/видео.html

  • @nikkiheer4091
    @nikkiheer4091 9 месяцев назад

    Now it's working thank you.

  • @manojgandham-lu7tu
    @manojgandham-lu7tu Год назад

    Well explained ❤

  • @vikki5329
    @vikki5329 Год назад

    Awsome Example Bro can you please cover examples for Elastic Network Interfaces,Elastic Fabric and Elatic adapter network and placement groups

  • @tanayabanerjee2380
    @tanayabanerjee2380 Год назад

    Hello sir...if possible then please try to make a detail video on IP, Subnetting or other networking concepts ,it will be very helpful...Thank you🙂

    • @RahulWagh
      @RahulWagh  Год назад

      Here is a video which is already there on my channel- AWS how to setup VPC, Public, Private Subnet, NAT, Internet Gateway, Route Table? - (Part-5)
      ruclips.net/video/43tIX7901Gs/видео.html

  • @kammellapradeep7224
    @kammellapradeep7224 10 месяцев назад

    Very nicely explained , do you cover google cloud topics as well Rahul?

    • @RahulWagh
      @RahulWagh  10 месяцев назад

      Not yet on GCP yet but soon I am planning to do it. What would you like to see on GCP?

  • @SanketGaikwad-o9e
    @SanketGaikwad-o9e 3 месяца назад +1

    in ssh its not connecting

    • @RahulWagh
      @RahulWagh  3 месяца назад

      Check security groups and source

  • @mandodarimodi7555
    @mandodarimodi7555 10 месяцев назад

    Thaks for sharing.

  • @rupakmahto2095
    @rupakmahto2095 7 месяцев назад

    Thank you so much .

    • @RahulWagh
      @RahulWagh  7 месяцев назад

      You're most welcome

  • @githinthomas4787
    @githinthomas4787 11 месяцев назад

    well explained thank you

    • @RahulWagh
      @RahulWagh  11 месяцев назад

      You're welcome!

  • @DeepikaDecodes
    @DeepikaDecodes Год назад

    Awesome 👌

  • @prashantsukhadeve9642
    @prashantsukhadeve9642 Год назад

    Good Evening Rahul.
    I hope you are doing well

    • @RahulWagh
      @RahulWagh  Год назад

      hi parshant good evening i am good thanks for asking

  • @PravinN-z8q
    @PravinN-z8q 2 месяца назад

    Thank you

  • @brianlevu3507
    @brianlevu3507 11 месяцев назад

    why didnt you use scp to cpoy the pem file

    • @RahulWagh
      @RahulWagh  11 месяцев назад

      Yes you can use SCP instead of manually copying the ssh keys

    • @brianlevu3507
      @brianlevu3507 11 месяцев назад

      @@RahulWagh 😆

  • @an859
    @an859 5 месяцев назад

    Felt like sunder pichai teaching me 😀

  • @manojgandham-lu7tu
    @manojgandham-lu7tu Год назад

    Can we expect ks8 series from you..?

    • @RahulWagh
      @RahulWagh  Год назад

      Hopefully soon I will prepare in k8s

  • @neetupalLife
    @neetupalLife 5 месяцев назад

    👏

  • @srihari9381
    @srihari9381 4 месяца назад

    All ok but in the last why you not created a new key pair instead of using a existing....last 10 mins unable to understand...

  • @qolbinurwandi
    @qolbinurwandi 5 месяцев назад

    I always get this error
    ubuntu@ip-10-0-0-80:~$ ssh -i "aws_ec2_instance_key.pem" ubuntu@10.0.1.179
    ubuntu@10.0.1.179: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
    anyone have any idea?

  • @bikdigdaddy
    @bikdigdaddy 8 месяцев назад

    i did the exact same but i didn't make a private route table and it still worked. why

    • @RahulWagh
      @RahulWagh  8 месяцев назад

      May be you might have made the private subnet as public subnet

    • @bikdigdaddy
      @bikdigdaddy 8 месяцев назад

      @@RahulWagh I'm pretty sure i did not.
      upon further inspection, i found that there's a default route table assigned to the private subnet (you see it at 10:44) and that allows connectivity inside the same VPC.
      so that implies if you allow ssh to pvt ec2 in the security group, you'll be able to connect to it from the public ec2 thus no route table needed.