4

I have an EC2 instance on a dynamic IP, and it isn't doing any sort of DDNS to keep a public hostname pointed at it. I'd like to set up a shortcut in my ssh_config for the server, and ask aws CLI to tell me what the IP or hostname is.

aws ec2 describe-instances \
    --filters Name=key-name,Values=FOO \
    --query 'Reservations[*].Instances[*].PublicDnsName' \
    --output 'text'

This returns something like ec2-XXX-XXX-XXX-XXX.compute-X.amazonaws.com. But I can't work out how to get SSH to delegate the public IP or hostname resolution out to the aws command.

I'd also prefer not to use an external script if possible.

Host FOO ec2-FOO
    User ec2-user
    IdentityFile ~/.ssh/creds/some.pem

    # Irrelevant?
    Hostname example.com

    # Neither alternative below works (assume full `aws` command)
    ProxyCommand bash -c 'ssh -i %i %u@$(aws ec2 describe-instances …)'
    ProxyCommand nc "$(aws ec2 describe-instances …)" %p

Note that %i used above to specify IdentityFile is not a valid token for ProxyCommand.

Related questions

Michael
  • 8,362
  • 6
  • 61
  • 88

1 Answers1

3

This breaks some of the requirements in the question and will not be accepted:

You can use the Include keyword to add a separate ssh_config file that you update with a script. It prevents your main configuration from getting clobbered by a bad run of the script.

# Primary ~/.ssh/config
Include config-ec2

# Periodically regenerated ssh_config at ~/.ssh/config-ec2
Host FOO ec2-FOO
    User ec2-user
    HostName ec2-XXX-XXX-XXX-XXX.compute-X.amazonaws.com

    # Figuring out how to specify a different pem for
    # each connection is still troublesome.
    IdentityFile ~/.ssh/creds/some.pem

On the plus side, this lets you keep ProxyCommand available for actual proxying.

Michael
  • 8,362
  • 6
  • 61
  • 88