Home/ Questions/Q 9136833
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T09:00:24+00:00

I have a flask app hosted on Heroku that needs to run commands on

  • 0

I have a flask app hosted on Heroku that needs to run commands on an AWS EC2 instance (Amazon Linux AMI) using boto.cmdshell. A couple of questions:

  1. Is using a key pair to access the EC2 instance the best practice? Or is using username/password better?
  2. If using a key pair is the preferred method, what’s the best practice on managing/storing private keys on Heroku? Obviously putting the private key in git is not an option.

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    What I was looking for was guidance on how to deal with private keys. Both @DrewV and @yfeldblum pointed me to the right direction. I ended up turning my private key into a string and storing it in a Heroku config variables.

    If anyone is looking to do something similar, here’s a sample code snippit using paramiko:

    import paramiko, base64
import StringIO
import os

key = paramiko.RSAKey.from_private_key(StringIO.StringIO(str(os.environ.get("AWS_PRIVATE_KEY"))))
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(str(os.environ.get("EC2_PUBLIC_DNS")), username='ec2-user', pkey=key)
stdin, stdout, stderr = ssh.exec_command('ps')

for line in stdout:
    print '... ' + line.strip('\n')
ssh.close()

    Thanks to @DrewV and @yfeldblum for helping (upvote for both).

    • 0