CLI Usage¶

Once the Passport CLI is installed, you can log in to the CLI. The following command will open your browser and you will be prompted to log in with your Rackspace credentials:

passport auth login

Next, browse to the Passport section of the Fanatical Support for AWS control panel. Click Create Access Request and complete the form to initiate access to your instances.

Once the access request is active, you can connect to any instance that belongs to that access request by using the following command:

passport connect <instance-id>

When connecting to an EC2 instance running Linux, the connect command will automatically open an SSH connection to the target server.

When connecting to an EC2 instance running Windows, the connect command will provide you with connection information for an RDP connection. Here is a sample output for an RDP connection:

Windows Login Credentials:

Host: localhost:58829
Username: <username>
Password: <password

To connect with RDP, open your preferred RDP client and use the information above to connect.

SSH Integration¶

Most users will only interact with the passport CLI tool directly. However, you can use Passport with any SSH-based tooling by using the ssh-config command. This command generates an SSH config that can be used with any tooling that supports SSH config files, including ssh port forwarding, scp, and Ansible.

# Outputs a path to an SSH config
passport ssh-config

Forwarding Ports¶

SSH port forwarding is commonly used to access a service that is not directly accessible to the end user. For example, RDS database instances do not have the SSM agent installed and cannot be used with Passport directly. However, SSH port forwarding can be used to access the RDS instance by using a Passport-enabled server as an intermediary.

# Forwarding localhost:13306 to an RDS instance on port 3306 through i-123456
ssh -F $(passport ssh-config) -L 13306:my_instance.us-east-1.rds.amazonaws.com:3306 i-123456

Once the above command is successfully running, you can use familiar local tools and connect them to localhost:13306 to work with your RDS instance.

Note

You must also have security group rules in place that permit access from the intermediate instance to the AWS resource that you’re accessing.

Copying Files¶

scp can be used to copy files to and from a target instance. The following command copies the file data.csv from your local workstation to your home directory on the target server i-1234567890:

# Copy data.csv from the local workstation to i-1234567890
scp -F $(passport ssh-config) data.csv i-1234567890:~