Overview
Bastion host is a special purpose computer on a network specifically designed and configured to be the SSH entrypoint of your Virtual Private Network (VPC)
Highlights
- Rebound server used with SSH as single entry point in your private network.
- Include a port knocking to open SSH access only from pre-hook tcp package sent to a specific port
Details
Typical total price
$0.005/hour
Pricing
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.nano | $0.00 | $0.006 | $0.006 |
t2.micro AWS Free Tier | $0.00 | $0.012 | $0.012 |
t2.small | $0.00 | $0.023 | $0.023 |
t2.medium | $0.00 | $0.046 | $0.046 |
t2.large | $0.00 | $0.093 | $0.093 |
t3.nano Recommended | $0.00 | $0.005 | $0.005 |
t3.micro AWS Free Tier | $0.00 | $0.01 | $0.01 |
t3.small | $0.00 | $0.021 | $0.021 |
t3.medium | $0.00 | $0.042 | $0.042 |
t3.large | $0.00 | $0.083 | $0.083 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
no refunds
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Main Release
Additional details
Usage instructions
This Bastion instance implements an auto stop instance script if there is no SSH connection established every hour.
You can also activate the Port Knocking mechanism in order to allow ssh connection only from the IP of the requester. Use the following script in user-data or once the instance are created to change default port 22 by another, and define 3 ports for the knocking system.
#!/bin/bash -v
/root/change-ssh-port.sh <ssh-port> <knock-port-1> <knock-port-2> <knock-port-3>
To open your
nmap -Pn --host_timeout 201 --max-retries 0 -p
ssh -A -p
You will need also to open the 4 ports define on your security group associated with the EC2 instance in order to connect. Don't worry, the instance implements its own IPtables rules to deny the connections that do not use knocking.
We recommend you to enable instance protection on your EC2 Bastion instance in order to avoid unexpected termination.
Resources
Vendor resources
Support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Company has folded, AMI no longer searchable
This company appears to be no more and the AMI is no longer searchable in Ec2 cli or in Terraform.