StarCluster - Mailing List Archive

Re: permit ssh to two ip address ranges

From: MacMullan, Hugh <no email>
Date: Thu, 3 Dec 2015 20:39:51 +0000

You could also use the AWS Client Tools (https://aws.amazon.com/cli/) to do it from the command line after the fact (to clarify: changes to the config will NOT affect a running cluster). Something like:

Get security group info:

aws ec2 describe-security-groups

Find the GroupId and then:

aws ec2 authorize-security-group-ingress --group-id sg-aaaaaaaa --protocol tcp --port 22 --cidr 222.222.222.0/24

Hope that helps!

-Hugh

-----Original Message-----
From: Silverstein [mailto:herc.silverstein_at_schrodinger.com]
Sent: Thursday, December 03, 2015 3:27 PM
To: MacMullan, Hugh <hughmac_at_wharton.upenn.edu>
Cc: starcluster_at_mit.edu
Subject: Re: [StarCluster] permit ssh to two ip address ranges

Hugh,

Thanks. I didn't realize it was as simple as making two entries.

I do not have access to the AWS console in this case. So it needs to be
done via starcluster. Thanks again.

Herc

On 12/3/2015 12:19 PM, MacMullan, Hugh wrote:
> Sure, Herc!
>
> In the config:
> ----------------
> [cluster myCluster]
> PERMISSIONS = ssh-subnet1, ssh-subnet2
>
> [permission ssh-subnet1]
> protocol = tcp
> from_port = 22
> to_port = 22
> cidr_ip = 111.111.111.0/24
>
> [permission ssh-subnet2]
> protocol = tcp
> from_port = 22
> to_port = 22
> cidr_ip = 222.222.222.0/24
> ----------------
>
> For a running cluster, you can go into the AWS console, find the security group associated with the cluster, and add permissions.
>
> Good luck!
> -Hugh
>
> -----Original Message-----
> From: starcluster-bounces_at_mit.edu [mailto:starcluster-bounces_at_mit.edu] On Behalf Of Silverstein
> Sent: Thursday, December 03, 2015 2:18 PM
> To: starcluster_at_mit.edu
> Subject: [StarCluster] permit ssh to two ip address ranges
>
>
> Is it possible to specify two ip address ranges in the starcluster
> config file (or after the cluster is up)? If so, how would I do that?
> Specifically, I'd like to allow ssh access for two ip address ranges.
>
> Herc
>
> _______________________________________________
> StarCluster mailing list
> StarCluster_at_mit.edu
> http://mailman.mit.edu/mailman/listinfo/starcluster
>
>
Received on Thu Dec 03 2015 - 15:39:55 EST
This archive was generated by hypermail 2.3.0.

Search:

Sort all by:

Date

Month

Thread

Author

Subject