{"id":13821298,"url":"https://github.com/gianlucaborello/aws-ssh-config","last_synced_at":"2025-04-07T15:08:27.560Z","repository":{"id":27011862,"uuid":"30476034","full_name":"gianlucaborello/aws-ssh-config","owner":"gianlucaborello","description":"Generate SSH config files from AWS EC2 inventory","archived":false,"fork":false,"pushed_at":"2021-05-13T15:40:34.000Z","size":46,"stargazers_count":241,"open_issues_count":2,"forks_count":81,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-03-31T12:09:17.153Z","etag":null,"topics":["ami","aws","boto","cloud","ec2","python"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gianlucaborello.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-02-08T00:47:19.000Z","updated_at":"2024-12-15T05:46:23.000Z","dependencies_parsed_at":"2022-07-17T03:00:36.034Z","dependency_job_id":null,"html_url":"https://github.com/gianlucaborello/aws-ssh-config","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gianlucaborello%2Faws-ssh-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gianlucaborello%2Faws-ssh-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gianlucaborello%2Faws-ssh-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gianlucaborello%2Faws-ssh-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gianlucaborello","download_url":"https://codeload.github.com/gianlucaborello/aws-ssh-config/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247675597,"owners_count":20977376,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ami","aws","boto","cloud","ec2","python"],"created_at":"2024-08-04T08:01:19.445Z","updated_at":"2025-04-07T15:08:27.543Z","avatar_url":"https://github.com/gianlucaborello.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"aws-ssh-config\n======\n\nDescription\n---\n\nA very simple script that queries the AWS EC2 API with boto and generates a SSH config file ready to use.\nThere are a few similar scripts around but I couldn't find one that would satisfy all my wish list:\n\n- Connect to all regions at once\n- Do AMI -\u003e user lookup (regexp-based)\n- Support public/private IP addresses (for VPNs and VPCs)\n- Support multiple instances with same tags (e.g. autoscaling groups) and provide an incremental count for duplicates based on instance launch time\n- Support multiple customizable tags concatenations in a user-provided order\n- Support region (with AZ) in the host name concatenation\n- Properly leverage tab completion\n\nLoad modules\n---\n\n- Use `pip` to load the required modules\n\n```\npip install -r requirements.txt\n```\n\nUsage\n---\n\nThis assumes boto is installed and configured. Also, private ssh keys must be copied under `~/.ssh/`\n\nSupported arguments:\n\n```\nusage: aws-ssh-config.py [-h] [--default-user DEFAULT_USER] [--keydir KEYDIR]\n                         [--no-identities-only] [--postfix POSTFIX]\n                         [--prefix PREFIX] [--private] [--profile PROFILE]\n                         [--proxy PROXY] [--region]\n                         [--ssh-key-name SSH_KEY_NAME]\n                         [--strict-hostkey-checking] [--tags TAGS]\n                         [--user USER]\n                         [--white-list-region WHITE_LIST_REGION [WHITE_LIST_REGION ...]]\n\noptional arguments:\n  -h, --help            show this help message and exit\n  --default-user DEFAULT_USER\n                        Default ssh username to use if it can't be detected\n                        from AMI name\n  --keydir KEYDIR       Location of private keys\n  --no-identities-only  Do not include IdentitiesOnly=yes in ssh config; may\n                        cause connection refused if using ssh-agent\n  --postfix POSTFIX     Specify a postfix to append to all host names\n  --prefix PREFIX       Specify a prefix to prepend to all host names\n  --private             Use private IP addresses (public are used by default)\n  --profile PROFILE     Specify AWS credential profile to use\n  --proxy PROXY         Specify a bastion host for ProxyCommand\n  --region              Append the region name at the end of the concatenation\n  --ssh-key-name SSH_KEY_NAME\n                        Override the ssh key to use\n  --strict-hostkey-checking\n                        Do not include StrictHostKeyChecking=no in ssh config\n  --tags TAGS           A comma-separated list of tag names to be considered\n                        for concatenation. If omitted, all tags will be used\n  --user USER           Override the ssh username for all hosts\n  --white-list-region WHITE_LIST_REGION [WHITE_LIST_REGION ...]\n                        Which regions must be included. If omitted, all\n                        regions are considered\n```\n\nBy default, it will name hosts by concatenating all tags:\n\n```\ngianluca@sid:~$ python aws-ssh-config.py \u003e ~/.ssh/config\ngianluca@sid:~$ cat ~/.ssh/config\nHost dev-worker-1\n    HostName 54.173.109.173\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost dev-worker-2\n    HostName 54.173.190.141\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost prod-worker-1\n    HostName 54.164.168.30\n    User ec2-user\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost prod-worker-2\n    HostName 54.174.115.242\n    User ubuntu\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n```\n\nssh completion will immediately work:\n\n```\ngianluca@sid:~$ ssh d[TAB]\ndev-worker-1\ndev-worker-2\n```\nIf the ssh completion will not immediately work you should add the following script to your `.bash_profile`\n\n```\n_complete_ssh_hosts ()\n{\n        COMPREPLY=()\n        cur=\"${COMP_WORDS[COMP_CWORD]}\"\n        comp_ssh_hosts=`cat ~/.ssh/known_hosts | \\\n                        cut -f 1 -d ' ' | \\\n                        sed -e s/,.*//g | \\\n                        grep -v ^# | \\\n                        uniq | \\\n                        grep -v \"\\[\" ;\n                cat ~/.ssh/config | \\\n                        grep \"^Host \" | \\\n                        awk '{print $2}'\n                `\n        COMPREPLY=( $(compgen -W \"${comp_ssh_hosts}\" -- $cur))\n        return 0\n}\ncomplete -F _complete_ssh_hosts ssh\n```\nand run `gianluca@sid:~$ source .bash_profile`\n\nIt's possible to customize which tags one is interested in, as well as the order used for concatenation:\n\n```\ngianluca@sid:~$ python aws-ssh-config.py --tags Name \u003e ~/.ssh/config\ngianluca@sid:~$ cat ~/.ssh/config\nHost worker-1\n    HostName 54.173.109.173\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-2\n    HostName 54.173.190.141\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-3\n    HostName 54.164.168.30\n    User ec2-user\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-4\n    HostName 54.174.115.242\n    User ubuntu\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\ngianluca@sid:~$ python aws-ssh-config.py --tags Name,Infrastructure \u003e ~/.ssh/config\ngianluca@sid:~$ cat ~/.ssh/config\nHost worker-dev-1\n    HostName 54.173.109.173\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-dev-2\n    HostName 54.173.190.141\n    User ec2-user\n    IdentityFile ~/.ssh/dev.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-prod-1\n    HostName 54.164.168.30\n    User ec2-user\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\nHost worker-prod-2\n    HostName 54.174.115.242\n    User ubuntu\n    IdentityFile ~/.ssh/prod.pem\n    IdentitiesOnly yes\n    StrictHostKeyChecking no\n\n```\n\nBy default, the ssh user is calculated from a regular expression based on the AMI name. A default user can be set with `--default-user` to use if no matches are found, otherwise a warning is printed on standard error and one can edit the script and add the rule to the `AMIS_TO_USER` dictionary:\n\n```\ngianluca@sid:~$ python aws-ssh-config.py \u003e ~/.ssh/config\nCan't lookup user for AMI 'ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-20140926', add a rule to the script\n```\n\nThe `--user` param can also be used to use a single username for all hosts.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgianlucaborello%2Faws-ssh-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgianlucaborello%2Faws-ssh-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgianlucaborello%2Faws-ssh-config/lists"}