I’ve written a cool bash tool to help me easily connect to my EC2 instances called Sash.
For the last two years we’ve been building several projects and deploying them on Amazon’s EC2. To work on the cloud machines we use SSH, where the straight forward format is:
ssh -i ~/.aws/my.pem ubuntu@255.123.45.67
To avoid this, we habitually managed each’s ~/.ssh/config to hold the data for each machine, something like:
Host my_machine IdentityFile ~/.aws/my.pem User ubuntu HostName 255.123.45.67
Now we could connect more succinctly by using the shortened version:
ssh my_machine
This worked well for a while (though it got a little tedious when the number of machines grew to more than 10-15), but then we started using EC2’s AutoScale features.
Now every day the IPs for the machines we used changed – there was no feasible way to manage the config file properly!
Now, to connect to a specific machine, I’d need to look it up in the EC2’s instances dashboard, pick up its public IP, copy it, and paste it in my ssh command.
A much more natural solution would be to have the ability to connect to a machine on EC2 given its name – that’s a logical name, which is easy to remember, conveys the purpose of the machine, and can easily be reused.
Naturally, I thought, there would be some solution for this use case online, after all, we are not the first to work on EC2 on those scales, I’ve even posted a question about it on StackOverflow (http://stackoverflow.com/q/21424849/1120015)
To my surprise, there was no solution available – so I decided to write my own. Initially, I called it ASH (Amazon SHell), but it sounded a bit bleak, so I renamed it SASH (Secure Amazon SHell).
The first order of the day was to take the name given in the command line, and using the describe-instances service of EC2, figure out the IP and IdentityFile of the machine by its Name tag. Now it could construct the SSH command (I assumed the username will always be ubuntu, since we only used ubuntu machines).
This worked nicely, and even better when I added an auto-completion feature which used describe-tags to get all of the names of the currently running machines from which to choose.
To make things a little more complex, we had a few machines with the same name running at the same time (the AutoScale ones) – so if you wanted to connect to a specific one, you needed a way to indicate it in your connection command. So I added the optional parameter to indicate which of the instances that match the pattern to connect to. Writing list instead would produce a numbered list of the instances with their names and IPs next to the index to choose from.
This made our lives a lot easier, but appetite comes with food, so I added the ability to connect to all machines matching the input pattern at once (using mux – CSSH for linux, or tmux-cssh for Mac), and integration with scp to upload and download files…
You are invited to try it yourself – my team and I swear by it now. Do you like it? Do you think it should have more features?
Please download it, and use it (it is available at http://sash.agassi.co.il).
Open issues and feature requests, if you want, on Github. You are also welcome to contribute your own pull requests 🙂
Uri Agassi's Blog 