OCI Networking guide: how to Access Private Subnet Instance from Bastion Host
I'm currently working with an scenario accessing an instance in a private subnet from my bastion host in Oracle Cloud Infrastructure (OCI)... I have set up a bastion host in a public subnet and successfully established SSH access to it. However, when I try to SSH into an instance located in a private subnet, I'm getting a 'Permission denied (publickey)' behavior. Here's a breakdown of my configuration: - **Bastion Host**: Instance in a public subnet with a public IP. - **Private Instance**: Located in a private subnet with no public IP. - Both instances are in the same Virtual Cloud Network (VCN). I have verified that the security lists for the private subnet allow ingress traffic on port 22 from the public IP of my bastion host. Here's the relevant configuration from the security list: ```plaintext Ingress Rules: - Source CIDR: <bastion_public_IP>/32 Port: 22 Protocol: TCP ``` On the bastion host, I am using the following command to SSH into the private instance: ```bash ssh -i /path/to/private_key opc@<private_instance_private_IP> ``` The private key corresponds to the public key I added to the authorized keys of the private instance. I have also confirmed that the instance is running and has the correct network configuration. Despite this, I keep getting the 'Permission denied' behavior. I have tried regenerating the key pair and updating the authorized keys on the private instance, but the scenario continues. Has anyone encountered a similar scenario or could provide insight into what might be misconfigured? Any help would be appreciated. This is part of a larger web app I'm building. Is there a better approach? This is part of a larger web app I'm building. I appreciate any insights!