I have a relatively standard AWS setup, that looks like this:
[ App server ] \
[ App server ] -- [ Dev gateway ]
[ App server ] /
Where the servers are only accessible over 22 from the gateway's IP, and the gateway is open to the world.
Access to the gateway is controlled by public key, and anyone whose public key is on the gateway user (same user name for servers and gateway) can ssh in without a password.
Finally, the gateway user has the servers' .pem file as its .ssh/id_rsa, so any user on the gateway can ssh
directly in by ssh [private ip address].
That said: I'd like to use Fabric, run locally on a developer's machine, to open a connection to a given app server (ultimately in order to run the Django shell). But I'm not able to even make a connection, let alone get the shell running. Here's what I have:
env.user = 'user_name'
...
@task
def remote_shell():
run('echo on gateway')
env.gateway = 'dev_gateway'
env.host_string = 'app_server_internal_ip'
env.key_filename = '~/.ssh/id_rsa'
env.use_ssh_config = True
run('echo hello')
This already strikes me as overkill, just sticking every directive I can think of in there, but no matter what combination of the above options I select, I get the same output:
[dev_gateway] Executing task 'remote_shell'
[dev_gateway] run: echo on gateway
[dev_gateway] out: on gateway
[dev_gateway] out:
[app_server_internal_ip] run: echo hello
[app_server_internal_ip] Passphrase for private key:
[app_server_internal_ip] Login password for 'user_name':
So clearly something isn't lining up, as a user can ssh into both the gateway and then the app server without ever entering a passphrase or a password. What am I doing wrong?
