Use individual developer keys instead of AWS private keys

[tightly-clutched]

We're implementing some security practices to prevent sharing the AWS pem files among multiple users. We are putting public keys from our developers into the ~/.ssh/authorized_keys file.

So it would be an enhancement to use keys other than the AWS private pem files to connect. Would this be difficult or does sash already do this?

[uriagassi]

sash was written with the AWS default suggested use-case in mind. The pem usage pattern is quite hard-coded into the script.

That said, I don't think it would be very complicated to decouple the key management from the discovery and connection code, and allow for other security "plugs" to be used instead.

If you think you are up for the task - I would very much appreciate enhancements such as this! You are very welcome to fork the project, and add your support, and even doubly welcome to then contribute it back to this project!

[robertpeteuil]

Hi tightly-clutched & uriagassi,

While doing research for one of my projects, I discovered this project & saw this request from tightly-clutched. This is a great utility, and would have saved me time had I found it sooner.

I have working code that I believe addresses tightly-clutched' request. Unfortunately, I don't see an easy way to integrate my code into this project, as we have very different strategies and goals. You are welcome to look at it and see if it's something you can integrate into this project. The repo containing it is at https://github.com/robertpeteuil/Easy-EC2 and the utility that allows for ssh to ec2 by name is aws-ssh. The -n option is for the exact use case described by TC.

I hope this is helpful & let me know if you have any questions.

Thanks, Robert.