This is by far so much intuitive explanation for Bastion Hosts, thankyou so much for working on this, this kind of stuff takes so much energy and time, I am so happy that you chose to open source these kind of great content in KZbin!

Great Video. Visualizations are the best way to understand the basics and Hands-on Demonstrations makes great sense to a learner. The best way to teach rather than following the traditional conceptual teaching. I appreciate your work. Keep them coming. All the best.

This explanation is so easy to understand! :) Thanks for the video and for putting so much effort into the visuals! :) Great work mate, keep going! :)

One of the most informative and clear video on Bastion Hosts, keep uploading.

Perfect video to understand bastion host. Simple and easy to understand explanation. Thank you!!!!!

You are so good at what you do ! Thank you for your time

A very deep learning video about bastion host with much less time.

you just earned my subscription! great job!!

Thanks for the visual demonstration of a bastion. That made it easier to grasp the concept.

Thanks for the grt explanation !!

Your teaching skill is superb bro .

You SHOULD NOT have Enabled Auto Assign Public IP for Bastion Host (3:56 sec of the video). It's recommended to disable it. Also why did you allow outside world (0.0.0.0/0) in your Bastion Host Security Group. The bastion host that you just created SHOULD NOT be reached from the internet. Rather choose ELASTIC IP that are allowed from ON PREM Firewalls. Allocate an Elastic IP address, and make it reachable from the internet over IPv4 by associating it with your bastion host

According to Aws - best practice is not to copy the file to the bastion host but to use ssh agent forwarding...do you have a tutorial for that?

Excellent production quality and content. Really loved the use of the battle visual. Well done, sir.

wow... wonderful session and your way of presentation is simply super, pls keep it forward

Clear and concise. Awesome!

I can connect my private host server from bastion host but am unable to push the file, what could be the reason?

This was extremely useful. Thank you very much!

Thanks ....it was really easy....u made it

Great video!

copying the "pem" file into bastion host good practice? should we use ssh agent instead? ssh-add -K myPrivateKey.pem

It will be interesting if you will discuss about real use case.

Could you please show the config of your vpc-demo?

instead of copyring you ssh keys to bastion, you can use SSH key agent forewarding

Are bastion hosts used only for linux instances or other OS instances as well ?

Thank you so much for this explanation 🙏

So... its just a cloud version of a jump server?

Thank you firvtge video. Very clear. Why would we need a bastion host if we can instead use AWS Sessions Manager (SSM)?

Can anyone please help me to understand the difference in accessing private instance at 9:36 from the previous one. Why access is not possible, i.e. what is the different from previous accessing. Thank you.

wooow this is really good but i think you were too fast with the explanation and the demo. But nice work

Outstanding video

Thanks for the well explanation. i have one doubt here as im new to AWS... when we are able to connect Private instances which are in private subnets via bastion host then what is the need of NAT gateway and NAT instance.. ? simple we are allowing bastion IP in Private instance SG and connecting from bastion host to private instance. which is easier than deploying NAT gate and NAT instance... could pls explain .. Thanks in advance.

If I want to build a website, should the website be placed in an instance of a private subnet? How to configure the private subnet ‎Apache? My problem now is that the instance of the private subnet can't connect to the network and configure the Apache environment. Please help me answer, thank you

Wonderful explanation

I am getting this error : Permission denied (publickey,gssapi-keyex,gssapi-with-mic). is there any way to resolve this issue ? When I tried to connect Private Instance via the Public instance. Thank you .

Don’t copy keys to the bastion host, it’s a bit more secure to use ssh agent forwarding (but in permission ask mode). And also it need more hardening like session locks, retry, egress filtering and so on

Any way we can access from my desktop thru internet to private subnet linux machine VNC server GUI via bastion windows machine... ANY HELP is APPRECIATED.

Sir we need a project on this will you do our final year project??

thank you. I tried to read the letters on your screen, but they are blurred. Can you make the font clearer?

which tool is used to create slides?

Thank you!

Bhai can you make something for Transit VPC ?

top explanation, ta

Great information, but pace of delivery was a little to fast to me...

you didnt mention in which VPC you deployed this baston host and priviate host. as far i know if both share the same VPC they can communicate with what SG rules given to them. i such case you showed us it is not possibale from another pubilc host but i doubt this from different VPC so it wont communicate . if public host is part of same VPC then it will also gets commuicated with the help of baston host.

thankyou

I think your parrot likes Bastion

U have to explain with mouse otherwise how we get know what u r explaining

Hi Ec2-key.pem, is this keypair of the instance?