undefined | Better HN

0 pointsinportb4y ago0 comments

What do you do if your VPN goes down and you need access to your server to debug it? Is physical access required or do you have other contingency plans?

0 comments

3 comments · 1 top-level

cloudbonsai4y ago· 2 in thread

> What do you do if your VPN goes down and you need access to your server to debug it

Here is exactly what I would do:

1. Sign in to AWS console (with my Yubikey).

2. Click "Lightsail > instances > <my-server>"

3. Click "Networking > Allow Lightsail browser SSH/RDP"

4. Click "Connect using SSH".

5. Do debugging!

In short, you can use cloud providers' web interface as an escape hatch. This just works as long as you manage the firewall using your cloud provider's network filter, such as Security Group, rather than, say, iptables.

qw3rty014y ago

Some providers like digitalocean use a serial connection for the terminal, so it works even when the network configuration is completely broken somehow (totally not because you set the input policy to drop without making an accept rule first)

yolovoe4y ago

EC2 has this too: https://aws.amazon.com/about-aws/whats-new/2021/03/introduci...

Works even if you mess up the boot process somehow

Disclaimer: I work here

j / k navigate · click thread line to collapse