Skip to content

Instantly share code, notes, and snippets.

@gregmoy

gregmoy/gssh

Created August 27, 2019 22:59
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save gregmoy/8474486dce3b0ccba56b186b19b8c6c7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save gregmoy/8474486dce3b0ccba56b186b19b8c6c7 to your computer and use it in GitHub Desktop.
Download ZIP
EC2 Instance Connect ssh wrapper
Raw
gssh
#!/usr/bin/env bash
#
# EC2 Instance Connect SSH Wrapper
#
# throw this in your path somewhere - /usr/local/bin is fine
#
# Author: [email protected]
set -o errexit
set -o nounset
usage() {
cat << _EOF_
Usage: ${0} [-l login_name] [-L] target [command]
-L [bind_address:]port:host:hostport
-L [bind_address:]port:remote_socket
-L local_socket:host:hostport
-L local_socket:remote_socket
targets:
${0} name <instance tag:Name value>
${0} dns <instance dns entry fqdn that points to private ip>
${0} ip <private ip address of instance>
${0} instance <instance_id>
ssh tunneling:
${0} -L <local port>:<remote host>:<remote port> sshhost
NOTE: If there are multiple instances in group, it will randomly connect to one!
REQUIRES coreutils (for GNU shuf), awscli
TO INSTALL:
OSX - install homebrew, then: brew install coreutils
sudo pip install awscli --upgrade
aws configure
_EOF_
}
if [ "$#" -eq "0" ]; then
usage
exit 2
fi
function find_instance_by_name(){
aws ec2 describe-instances --filters Name=tag:Name,Values=$1 Name=instance-state-name,Values=running --query "Reservations[*].Instances[*].[InstanceId]" --output text | shuf -n 1
}
function find_instance_by_private_ip(){
aws ec2 describe-instances --filters Name=private-ip-address,Values=$1 Name=instance-state-name,Values=running --query "Reservations[*].Instances[*].[InstanceId]" --output text | shuf -n 1
}
function find_instance_by_dns(){
ipaddr=`host -tA $1 | shuf -n 1 | awk -F" " '{ print $4}'`
find_instance_by_ip $ipaddr
}
# unused
function find_db_by_identifier(){
aws rds describe-db-instances --db-instance-identifier $1 --query "DBInstances[*].Endpoint.Address" --output text
}
function main(){
username='ec2-user'
local=''
vpn=''
while [[ "$1" =~ ^- && ! "$1" == "--" ]]; do case $1 in
-l | --ssh_username )
shift; username="-l $1"
;;
-L )
shift; local="-N -L $1"
;;
esac; shift; done
if [[ "$1" == '--' ]]; then shift; fi
case "$1" in
name)
if [ $# -lt 2 ]
then
echo "enter instance tag:Name value"
read instance
else
instance=$2
shift
fi
instance=`find_instance_by_name $instance`
;;
dns)
if [ $# -lt 2 ]
then
echo "enter domain name of instance"
read instance
else
instance=$2
shift
fi
instance=`find_instance_by_dns $instance`
;;
ip)
if [ $# -lt 2 ]
then
echo "enter private ip address"
read instance
else
instance=$2
shift
fi
instance=`find_instance_by_private_ip $instance`
;;
instance)
if [ $# -lt 2 ]
then
echo "enter instance id"
read instance
else
instance=$2
shift
fi
;;
*)
usage
exit 1
esac
FILE=/tmp/tempkey
if [ -f "$FILE" ]; then
touch /tmp/tempkey
else
ssh-keygen -t rsa -f /tmp/tempkey -q -P ""
fi
shift
ip=`aws ec2 describe-instances --instance-ids $instance --query "Reservations[*].Instances[*].PrivateIpAddress" --output text`
az=`aws ec2 describe-instances --instance-ids $instance --query "Reservations[*].Instances[*].Placement.AvailabilityZone" --output text`
echo "sending keys to $instance at $ip"
aws ec2-instance-connect send-ssh-public-key --instance-id $instance --availability-zone $az --instance-os-user $username --ssh-public-key file:///tmp/tempkey.pub >> /dev/null
echo "sshing to instance"
ssh -i /tmp/tempkey $local $username@$ip $*
}
main $*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment