Skip to content

Instantly share code, notes, and snippets.

@raymondbutcher
Last active March 17, 2024 20:33
Show Gist options
  • Save raymondbutcher/0570f3f037ccec40b1fc479925c7d743 to your computer and use it in GitHub Desktop.
Save raymondbutcher/0570f3f037ccec40b1fc479925c7d743 to your computer and use it in GitHub Desktop.
How to use sshuttle with AWS SSM session agent

ssm-sshuttle

These are just rough notes, maybe I'll clean them up later.

Set up

https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html

Usage

# This is the instance we'll be using.
INSTANCE_ID=i-0000000000

# Set this to the VPC CIDR block, or use 0.0.0.0/0 to forward all traffic through the instance.
VPC_CIDR=0.0.0.0/0

# Use this flag to forward DNS through SSH (for split horizon DNS records)
# If you don't need it for an environment, don't use it.
DNS_FLAG=--dns 

# First add your ssh key to /home/ec2-user/.ssh/authorized_keys
# TODO: come up with a one-liner to do it.
aws ssm start-session --target $INSTANCE_ID

# Then run sshuttle.
sshuttle --ssh-cmd="ssh -o ProxyCommand='sh -c \"aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters portNumber=22\"'" --remote ec2-user@$INSTANCE_ID $DNS_FLAG $VPC_CIDR

Speed test

I went to https://www.speedtest.net/ to see how slow this was. It might be OK for light usage or debugging an issue, but it's pretty slow.

Running ssm-sshuttle Ping ms Download Mbps Upload Mbps
No 19 305.44 51.47
Yes 132 3.64 1.22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment