1. 技术文章
  2. Can I set ~/.ssh/config to look up dynamic EC2 hostnames?

Can I set ~/.ssh/config to look up dynamic EC2 hostnames?

霸气de小男生 提交于 2020-12-13 10:36:51

问题


I have an EC2 instance on a dynamic IP, and it isn't doing any sort of DDNS to keep a public hostname pointed at it. I'd like to set up a shortcut in my ssh_config for the server, and ask aws to tell me what the IP or hostname is. 

$ aws ec2 describe-instances \
    --filters Name=key-name,Values=FOO \
    --query 'Reservations[*].Instances[*].PublicDnsName' \
    --output 'text'
ec2-XXX-XXX-XXX-XXX.compute-X.amazonaws.com

But I can't work out how to delegate the public IP or hostname resolution out to aws.

I see various people have scripts for generating an ssh_config from aws, but I have other stuff in there that I'd rather not lose if a script were to tinker with the file. Some other people have shell aliases to use instead of ssh, but that makes complications for other services that rely on SSH specifically.

I'd also prefer not to use an external script if possible.

Host FOO ec2-FOO
    User ec2-user
    IdentityFile ~/.ssh/creds/some.pem

    # Irrelevant?
    Hostname example.com

    # Neither alternative works (assume full `aws` command)
    ProxyCommand bash -c 'ssh -i %i %u@$(aws ec2 describe-instances…)'
    ProxyCommand nc $(aws ec2 describe-instances …) %p
    # Note that %i (used here to specify IdentityFile) is not a valid token for
    # ProxyCommand. http://man7.org/linux/man-pages/man5/ssh_config.5.html#TOKENS

Related questions:

  • Stack Overflow: Amazon EC2 hostnames
  • Server Fault: Dynamically generate SSH Host entries in ~/.ssh/config

回答1:


This breaks some of the requirements in the question and will not be accepted:

You can use the Include keyword to add a separate ssh_config file that you update with a script. It prevents your main configuration from getting clobbered by a bad run of the script.

# Primary ~/.ssh/config
Include config-ec2

# Periodically regenerated ssh_config at ~/.ssh/config-ec2
Host FOO ec2-FOO
    User ec2-user
    HostName ec2-XXX-XXX-XXX-XXX.compute-X.amazonaws.com

    # Figuring out how to specify a different pem for
    # each connection is still troublesome.
    IdentityFile ~/.ssh/creds/some.pem

On the plus side, this lets you keep ProxyCommand available for actual proxying.



来源:https://stackoverflow.com/questions/55579583/can-i-set-ssh-config-to-look-up-dynamic-ec2-hostnames

标签
amazon-ec2
openssh
ssh-config
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!