You can SSH to a host inside a private subnet directly by combining the IPs/hostnames with a plus: ssh 18.104.22.168.aws+10.0.1.96
The first IP is added a .aws because I want AWS IPs to trigger usage of an AWS specific config section in ~/.ssh/config that uses a proxy and doesn’t clog up my known_hosts file with SSH host keys of disposable machines.
These are the entries in my ~/.ssh/config that allow the above command to get you straight to your machine:
ProxyCommand nc $(echo %h | sed 's/\(.*\)\.aws/\1/') %p
ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') nc $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')