Skip to content

youyo/awssh

Folders and files

NameName
Last commit message
Last commit date

Latest commit

8254f0a · Feb 8, 2022

History

43 Commits
Nov 29, 2021
Feb 8, 2022
Oct 17, 2019
Oct 6, 2019
Nov 29, 2021
Oct 6, 2019
Oct 5, 2021
Feb 8, 2022
Oct 5, 2021
Oct 16, 2019
Oct 16, 2019
Feb 8, 2022
Aug 30, 2021
Oct 21, 2019
Oct 21, 2019
Oct 16, 2019

Repository files navigation

awssh

Go Report Card

CLI tool to login ec2 instance.

  • You can close the ssh port in the security group.
  • It is not necessary to register the ssh public key.
  • You don't need to know public ip of ec2 instance.

Architecture

architecture

Install

  • Brew
$ brew tap youyo/tap
$ brew install awssh

Other platforms are download from github release page.

Requirements

IAM Policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2-instance-connect:SendSSHPublicKey",
                "ssm:StartSession",
                "ec2:DescribeSubnets",
                "ec2:DescribeInstances",
                "ec2:DescribeTags",
                "ec2:CreateImage",
                "ec2:CreateTags"
            ],
            "Resource": "*"
        }
    ]
}

Usage

$ awssh

demo

$ awssh --help
CLI tool to login ec2 instance.

Usage:
  awssh [instance-id] [flags]

Flags:
      --cache                     enable cache a credentials.
      --duration string           cache duration. (default "1 hour")
  -c, --external-command string   feature use.
  -h, --help                      help for awssh
  -i, --identity-file string      identity file path. (default "~/.ssh/id_rsa")
  -p, --port string               ssh login port. (default "22")
      --profile string            use a specific profile from your credential file. (default "default")
  -P, --publickey string          public key file path. (default "identity-file+'.pub'")
      --select-profile            select a specific profile from your credential file.
  -u, --username string           ssh login username. (default "ec2-user")
      --version                   version for awssh

Examples

Login to instance

$ awssh

Login to specific instance

$ awssh i-instanceid0000

Custom username and ssh port

$ awssh i-instanceid0000 --username admin --port 20022

Specific identity-file and publickey

$ awssh --identity-file '~/.ssh/custom.pem' --publickey '~/.ssh/custom.pem.pub'

Use specific aws profile

$ awssh --profile profile-1

or

$ export AWS_PROFILE=profile-1
$ awssh

Select aws profile

$ awssh --select-profile

Enable cache a credentials

If you use mfa authentication, it may be difficult to authenticate each time.
--cache option caches credentials and reuses it next time. Cache file is create to ~/.config/awssh/cache/* .
--duration options is modify a cache ttl. It is affected by the maximum session duration of the IAM role. Use the AssumeRole API. See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session .

$ awssh --cache --duration "2 hours"
Assume Role MFA token code: 000000

demo-cache

Author

youyo

About

CLI tool to login ec2 instance.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages