Home > Enterprise >  AWS: Update security to your instance. Your security group is accessible in public
AWS: Update security to your instance. Your security group is accessible in public

Time:11-25

TCP Port 22 access: 0.0.0.0/0

Your instance is accessible from every IP.

Ok but I got a .pem file which gave me a .ppk qith Puttygen which has private/public key information so I'm the only one which is able to communicate with my instance right ?

Nobody ever broke private/public key RSA security no ? (Or it would be the end of the Internet)

Maybe I'm completly wrong but I don't see the problem in the situation. It's like having a house that everyone can see but I'm the only one having the key right ?

CodePudding user response:

Because 0.0.0.0/0 everyone can try access your instance. So if someone floods your instance with ssh requests, your instance can get DDoSed as it won't be able to handle all these ssh attempts, even if unsuccessful.

So the good practice is to limit ssh access to your own IP address or work/home network. This way, you don't have to worry about that.

Obvisusly there are many other security risks that strict SG rules minimize or fully eliminate (e.g. your pem being copied by some virus, or accidentally publishing it on github with your source code).

  • Related