ssh to VM through bastion with key

Question

I am trying to SSH to EC2 through bastion(jump-box), but had an issue with it. I tried it with .ssh/config and it worked. But I want to do it as a command NOT with .ssh/config (I know its the correct way)

local-host ---> bastion ---> ec2

ubuntu user present on bastion & ec2, key (dev-key.pem) present on local-host only.

I tried bunch of solution along with this :

local-host$ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /home/ubuntu/automator/dev-key.pem -A -t ubuntu@${bastion} -A -t ssh -o UserKnownHostsFile=/dev/null -o -i /home/ubuntu/automator/dev-key.pem StrictHostKeyChecking=no ubuntu@${ec2} "hostname > /tmp/hostname.txt"

error :

Permission denied (publickey).

Anybody can help me with this ?

Answer 1

As per the docs you can use the ssh -J option:

-J [user@]host[:port] Connect to the target host by first making a ssh connection to the pjump host[(/iam/jump-host) and then establishing a TCP forwarding to the ultimate destination from there.

So your command will be:

local-host$ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /home/ubuntu/automator/dev-key.pem -J ubuntu@${bastion} ubuntu@${ec2} "hostname > /tmp/hostname.txt"