Terraforming the clouds

AWS SFTP connection through a Bastion Host in macOS

April 24, 2024

Using SFTP to Connect to a WordPress Instance on AWS with Core Tunnel and FileZilla

Bastion host

If you manage a WordPress site hosted on an AWS instance that resides in a private subnet, transferring files securely is essential. This guide will walk you through setting up an SFTP connection using Core Tunnel and FileZilla, when you can only connect to it though a bastion host, ensuring that your file transfers are both secure and efficient.

Setting up the Tunnel Connection with Core Tunnel

Core Tunnel acts as a secure conduit for your data traffic to the remote server. Here's how to set it up:

Install Core Tunnel

  1. Download and Install: Obtain Core Tunnel from the App Store or its official website.

Configure Your Connection

  1. Connection Details:
    • Name: Give your connection a meaningful name.
    • Host: Enter your bastion host DNS, e.g., bastion.example.com.
    • Port: Set this to 22 (SSH port).
    • User: Enter the username (ubuntu, ec2, etc).

Core Tunnel General Settings General settings for Core Tunnel.

  1. Setup Port Forwarding:

    • Forwarding Type: Choose Local.
    • Source Port: Use 8080 or another available local port.
    • Destination Host: Enter the private IP of your instance, e.g., 10.0.X.X.
    • Destination Port: This should also be 22.

  2. Authentication:

    • Go to the connection tab.
    • Choose your private key file, e.g., your-private-key.pem.

Core Tunnel Forwarding Settings Authentication in Core Tunnel.

  1. Save and Connect:
    • Save these settings.
    • Connect to your server.
    • Confirm the server's fingerprint by typing yes when prompted.

Core Tunnel Authentication Authentication settings within Core Tunnel.

Remember to keep Core Tunnel active and connected before starting your FileZilla session.

Core Tunnel Connection established Core Tunnel connected

Setting Up FileZilla for SFTP Connection

Use FileZilla to manage files through the secure tunnel established by Core Tunnel.

FileZilla Initial Screen The initial screen of FileZilla before setting up a connection.

Configure FileZilla

  1. Connection Setup:
    • Protocol: Choose SFTP - SSH File Transfer Protocol.
    • Host: Enter localhost to utilize the local tunnel.
    • Port: Input 8080 or your chosen local port.
    • Logon Type: Select Key file.
    • User: Enter the username (ubuntu, ec2, etc).
    • Key File: Select the your-private-key.pem file, consistent with what you used in Core Tunnel.

FileZilla Site Manager Adding a new site in FileZilla's Site Manager.

  1. Start the Connection:
    • Hit Connect in FileZilla to initiate a secure session to your WordPress instance via the tunnel.

Conclusion

This setup provides a secure method to transfer files to and from your WordPress site hosted on AWS. Using Core Tunnel and FileZilla ensures your connections are secure and your data is managed efficiently. Always store your private keys and sensitive information securely and avoid sharing them.

Happy secure transferring!

Profile picture

Written by Justin who tries to build many nice things high up in the clouds, and most of the time fails. He defaults to taking over the world, one vpc at a time. You should follow them on Twitter