cc by-sa flurdy

ec2 - Amazon Elastic Compute Cloud tips and howtos

Remote access via the cloud

This page is part of larger set of tips & howtos on ec2 by flurdy.
| More
Other ec2 docs by flurdy

Document state: draft

As a person allocated as the "IT" person in the family, irrespective of that my actual job is integrating banking systems or telecom billing systems, I have to perform HelpDesk/Support for all sides of the family. As some live in different cities and countries this is mostly remote support. So I have as part of my scheme to keep my sanity installed a VNC client on all my family's PCs which are mostly Windows.

But previously that meant connecting directly which meant opening firewalls, relying on them entering text correctly etc. Which was a pain and error prone. Especially as my own IPs etc would change over time.

But the solution to this is ec2. With this I can keep a static "batch" file on their desktops to connect to an elastic IP in the cloud. So this means my actual location is irrelevant, and they do not have to enter anything. At worst, without a batch script they have to enter a standard url.

Here are some of my sanity preserving steps: (Including a way to recover and fix remote Windows machine by using a Linux Live CD.)

Pre requisites

VNC tunnel

		install a vnc type on local machine		
		install realvnc/tightvnc on family pcs
		Allocate IP address (if non already unused) in elasticfox
		create batch script for family to run from their desktop
			launches vnc and connects to ec2 instance
			using elastic IP allocated
		configure a ec2 security group to allow vnc in elasticfox
		launch an ubuntu AMI with ssh and vnc security group
		assign elastic IP to instance in elasticfox
		configure shorewall on ec2 instance
			to listen to desired external vnc port (and ssh)
			if not part of the AMI
		open ssh script locally to tunnel vnc and relay through ec2 instance
		if not allowed to open restricted ports on ec2 instance via ssh tunnel
			then run ssh script on ec2 instance to connect to local port and listen to external port
		run dos batch script to connect to ec2 instance from family pc
		run vnc locally to connect to ssh tunnel locally	

Remote SSH access

Refer to my live cd doc. In SERVERNAME use the public dns name of your ec2 instance.


Jungle Disk uploading

		Sign up for Jungle Disk.
		Was a one off $20 when I signed up.
		Now is $2 or $3 subscription.
		S3 costs on top.

		Launch alestic 32bit desktop (need ubuntu karmic due to fuse not in kernal before)
		follow that page to install nxclient
		Launch alestic karmic desktop build hints
		need to understand user data scripts beforehand
		Or create your own desktop
			Launch your ubuntu server or canonical image.
			Install ubuntu-desktop (takes time)
		suggest making AMI
		install NX (see alestic script
		suggest making AMI

		untar move to /opt
		install fuse-utils davfs
		add to fuse group
		run junglemonitor
		enter keys
		select bucket

		note speed differnences if ec2 instance is in the same region as s3 bucket
		or use ec2 windows....

Tunnel SSH over Http

No, not the other way round...
Tunneling web traffic through SSH is easy and well covered on the net.
But tunneling SSH through a http proxy if SSH is blocked by the firewall is less common but very helpfull.

If you are behind an restrictive firewall that does not allow SSH, then this is how to circumvent that restriction.

I can understand restricting SSH access for the general staff, however for a developer it is if someone tied my hands behind my back and forced me to type with my nose (especially if Windows is forced on me as well...).

Head back to flurdy's ec2 docs for more ec2 tips and howtos?