I recently ditched my T1 line because I found a cellular ISP with no data cap. This new provider gives me about 12 times the downstream bandwidth at 30% of the cost of the T1.
The only problem is that it changes my public IP address everytime I restart the router. This would not normally be a problem but I’m a software engineer and frequently need to access remote resources through SSH or otherwise. We use AWS resources at my company and the security groups require a static IP address to allow access.
I could pay for a static IP address at the ISP, but instead I opted to configure a personal SSH tunnel with a static IP address. This gives me greater flexibility because I can use it for other things and it costs less (about $7-10/month, depending on if you leave it running when you’re not using it)
This is my HOWTO guide for getting things setup and minimizing costs.
- Create a personal AWS account
- Create a low-cost EC2 instance
- Configure AWS CLI for command line
- Tunnel all the things for fun and profit
Create a personal AWS Account
Create a low-cost EC2 instance
Again, AWS has great documentation. Follow the docs and configure your instance to your personal taste. If, like me, you will only use it for an SSH tunnel, you won’t need a lot of resources.
There are several types of AMIs to choose from. I chose a basic Ubuntu
t2.micro instance with 1GB of RAM. Follow the documentation and be sure to:
- Create an IAM user account (i.e.,
- Download your keypair file and store it in
chmod 400 ~/.ssh/your-keypair-name.pem- make the file readonly
- copy/store the access key, and secret keys (strings) somewhere for later use.
- take note of the region-name, you’ll need it later.
Configure AWS CLI
You’ll want to install AWS CLI (Command Line Interface) in order to be able to start and stop your tunnel from the command line, without logging into the AWS console in your web browser.
For Debian-Based Linux (i.e. Ubuntu)
If you only use one account from AWS CLI, you can run
aws configure with no arguments to setup the defaults. However, if you use multiple accounts add the
--profile account_name switch:
Here is a good post on Stack Overflow about multiple AWS CLI accounts.
Note: Pay attention to the region name. It must match the region name of your EC2 instance.
~/.ssh/config as follows:
1 2 3 4 5 6 7 8 9 10 11 12 13 14