Skip to content

remote setup ip filtering #364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gmanchon merged 3 commits into from
Jun 8, 2026
Merged

remote setup ip filtering #364

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
eb36bbd
ip filtering instructions
gmanchon Jun 8, 2026
046106b
wording
gmanchon Jun 8, 2026
310d6f9
wording
gmanchon Jun 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 76 additions & 2 deletions REMOTE_SETUP.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,81 @@ After a couple of minutes, a comment should appear and indicate that the operati



## Register your IP address

In order to further improve the security of your VM, it has been configured to refuse incoming SSH connections unless from registered IP addresses.

Let's register your IP address to allow SSH access to your VM from your current location.

In order to move forwards, you will need to use:
- The alias provided to you by Le Wagon
- Your **public** IP address (**NOT** the **VM** IP address provided to you by Le Wagon)

<details>

<summary>🤔 How does my public IP address differ from my VM IP address ?</summary>

Your **public** IP address is the address from which you are accessing the network. It changes whenever you change locations or if you switch your means of connecting to the Internet.

This IP address is coined as public since it is the address any website or application sees when you connect to it. It is the IP address we need the VM to accept connections from.

Your **public** IP address identifies the location from which you connect.

The **VM** IP address identifies the machine you want to connect to.

In order to connect to your VM using SSH you need to both:
- Connect from a known location, identified by a registered **public** IP address
- Connect using a known user, identified by the registered **public** SSH key
</details>


Retrieve your public IP address:

<details>
<summary markdown='span'>Windows</summary>

```bash
curl -s ifconfig.me && echo
```
</details>

<details>
<summary markdown='span'>MacOS & Linux</summary>

``` bash
curl -s ifconfig.me && echo
```
</details>

<details>
<summary markdown='span'>Browser alternative</summary>

Open https://ifconfig.me in your browser and copy the IP shown.

![](images/vm_retrieve_ip.png)
</details>


Copy your public IP address.

Now let's register your public IP address:
- Go to https://github.com/lewagon/remote-setup/issues
- Click on **New issue**
- Select **Register IP address**
- Enter your alias
- Enter your public IP address
- Validate with **Create**

![](images/register_ip_address.png)

👉 Your public IP address is being allowed so you can SSH to your virtual machine from your location

After a couple of minutes, a comment should appear and indicate that the operation is complete. If the registration fails, ask a teacher for help 🙋

![](images/register_ip_complete.png)



## Let's start your VM for the first time

Your virtual machine is like any regular computer. You will not be able to access and use it unless it is started. To conserve energy, it should be turned off whenever it is not in use 💡
Expand Down Expand Up @@ -211,8 +286,7 @@ ssh -i 👉PATH_TO_YOUR_PRIVATE_KEY👈 lewagon@👉YOUR_IP_ADDRESS👈
ssh -i ~/.ssh/id_ed25519 lewagon@34.52.208.105
ssh: connect to host 34.52.208.105 port 22: Operation timed out
```

The virtual machine is not started, ask a teacher for help 🙋
The virtual machine is not started OR your IP address is not registered, ask a teacher for help 🙋
</details>


Expand Down
73 changes: 73 additions & 0 deletions _partials/vm_ip.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@

## Register your IP address

In order to further improve the security of your VM, it has been configured to refuse incoming SSH connections unless from registered IP addresses.

Let's register your IP address to allow SSH access to your VM from your current location.

In order to move forwards, you will need to use:
- The alias provided to you by Le Wagon
- Your **public** IP address (**NOT** the **VM** IP address provided to you by Le Wagon)

<details>

<summary>🤔 How does my public IP address differ from my VM IP address ?</summary>

Your **public** IP address is the address from which you are accessing the network. It changes whenever you change locations or if you switch your means of connecting to the Internet.

This IP address is coined as public since it is the address any website or application sees when you connect to it. It is the IP address we need the VM to accept connections from.

Your **public** IP address identifies the location from which you connect.

The **VM** IP address identifies the machine you want to connect to.

In order to connect to your VM using SSH you need to both:
- Connect from a known location, identified by a registered **public** IP address
- Connect using a known user, identified by the registered **public** SSH key
</details>


Retrieve your public IP address:

<details>
<summary markdown='span'>Windows</summary>

```bash
curl -s ifconfig.me && echo
```
</details>

<details>
<summary markdown='span'>MacOS & Linux</summary>

``` bash
curl -s ifconfig.me && echo
```
</details>

<details>
<summary markdown='span'>Browser alternative</summary>

Open https://ifconfig.me in your browser and copy the IP shown.

![](images/vm_retrieve_ip.png)
</details>


Copy your public IP address.

Now let's register your public IP address:
- Go to https://github.com/lewagon/remote-setup/issues
- Click on **New issue**
- Select **Register IP address**
- Enter your alias
- Enter your public IP address
- Validate with **Create**

![](images/register_ip_address.png)

👉 Your public IP address is being allowed so you can SSH to your virtual machine from your location

After a couple of minutes, a comment should appear and indicate that the operation is complete. If the registration fails, ask a teacher for help 🙋

![](images/register_ip_complete.png)
4 changes: 4 additions & 0 deletions _partials/vm_test.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,11 @@ ssh -i 👉PATH_TO_YOUR_PRIVATE_KEY👈 lewagon@👉YOUR_IP_ADDRESS👈
ssh: connect to host 34.52.208.105 port 22: Operation timed out
```

{%- if ip_filtering %}
The virtual machine is not started OR your IP address is not registered, ask a teacher for help 🙋
{%- else %}
The virtual machine is not started, ask a teacher for help 🙋
{%- endif %}
</details>


Expand Down
5 changes: 4 additions & 1 deletion builds/REMOTE_SETUP.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,11 @@ partials:
vars:
key_name: ds-bootcamp
- vm_register
- vm_ip
- vm_start
- vm_test
- name: vm_test
vars:
ip_filtering: true
- de_setup/win_vscode
- name: de_setup/vscode_remote_ssh
vars:
Expand Down
Loading