Giters

bastillion-io / Bastillion-EC2

A web-based SSH console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS).

Home Page:https://www.bastillion.io/features.html#ec2box

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

SSH Terminals not working when accessing EC2 via proxy

WRJFontenot opened this issue · comments

commented

I enabled access to EC2 via a proxy by editing EC2BoxConfig.properties:

proxy settings for AWS client

awsProtocol=https
awsProxyHost=proxyhost
awsProxyPort=80
awsProxyUser=userid
awsProxyPassword=password

With proxy enabled, I am able to retrieve the list of running EC2 instances that use my private key. However, when I try to create an SSH terminal to any instance, I get "Error: DNS Lookup Failed".

If I disable the proxy settings and connect directly to the public Internet, I am able to retrieve the list of running EC2 instances that use my private key and I can create an SSH terminal to any instance.

I am currently using EC2Box v0.26.01 w/jetty.

commented

Strange! Here is where it gets the host information from AWS

https://github.com/skavanagh/EC2Box/blob/master/src/main/java/com/ec2box/manage/action/SystemAction.java#L184-L193

I wonder if you only get back the internal DNS or IP for the instances when making the calls to AWS through a proxy.

commented

Sean,

To me, it looks like EC2Box expects the local system to be able to resolve either the external or internal DNS names and if it can’t do either, it throws an error. There is a use case where the proxy resolves external DNS names instead of the local system. For example, I’m running the EC2Box app on my laptop and when my system is connected to our corporate network, it can’t resolve external DNS names, per our corporate security policy. As a result, EC2Box throws an error when it tries resolve the external DNS name.

Right now, I use PuTTY to SSH to my AWS instances using their external DNS names through our corporate proxy. For those sessions, DNS lookup is done by the proxy, not the local system. PuTTY sends the command “connect %host %port \n” to the proxy to establish the connection.

When I disconnect from our corporate network and connect to the public Internet directly via my LTE modem, my local system can resolve external DNS and EC2Box works like a champ.

I don’t know how many other companies block external DNS name resolution on internal systems, but I suspect we aren’t unique in that regard.

Robbie

From: Sean Kavanagh [mailto:notifications@github.com]
Sent: Wednesday, May 27, 2015 5:44 PM
To: skavanagh/EC2Box
Cc: Fontenot, Robbie
Subject: Re: [EC2Box] SSH Terminals not working when accessing EC2 via proxy (#16)

Strange! Here is where it gets the host information from AWS

https://github.com/skavanagh/EC2Box/blob/master/src/main/java/com/ec2box/manage/action/SystemAction.java#L184-L193

I wonder if you only get back the internal DNS or IP for the instances when making the calls to AWS through a proxy.


Reply to this email directly or view it on GitHubhttps://github.com//issues/16#issuecomment-106101292.

commented

So the calls to the AWS APIs can go through the proxy if you have that set, but the SSH connections wont. What you can do is run EC2Box in an EC2 instance itself, that way the SSH connections are local to the instance it runs in.