AWS EC2 Security Group SSH Access From USA Only

amazon-ec2

Struggling with Security Groups in AWS. Would like to setup a single SG, which I'd use in all my EC2 instances, to allow SSH traffic (I'd have other SGs for other roles, deployed as appropriate). However, I see no reason to open this SSH group up to the whole world. What I'd like to do is to restrict access to USA only for now. Is this doable?


It is doable with pam_geoip

In /etc/security/geoip.conf:

*           sshd          allow     US
*           sshd          ignore    UNKNOWN
*           sshd          deny      *

Possible, in theory, but probably not what you want to do.

I could, for example, use a free VPN service to give me an IP address in the USA, even though I'm in London.

What would be a better solution would be a SSH key, disable password-based logins, and consider 2-factor authentication.

I'm confused by why you'd want to allow access to the netblocks for a country as a whole, when it only offers you the thinnest veil of security (through obscurity)

Related

Remote code execution after tmux reboot
Bypass disabled autorun for USB devices on Windows 7
How to get width of the video and scale another video to that width using ffmpeg?
Is it possible to boost Windows' sound volume to a higher limited value?
I want to intercept a given program before it runs and run my own program first
When using a VPN, would my ISP still be able to read my internet traffic?
Setting and keeping resolution settings for a display that's not autodetected on KDE/Fedora 20
Lightweight CPU usage monitor? [closed]
Convert a router to a switch?
Can I activate Windows XP Pro installed from Retail (or VL) media with OEM key?
3 Monitors, 1 graphics card
Can the power button of a PC or laptop be remapped?