I have a linux instance deployed on AWS EC2.
Sorry for my dumb question, but I'll ask anyways just to be safe.
Q1. While creating an instance, I set anyone 0.0.0.0:0
for the ssh
. Though, on the next step, it asked me to create private/public key pair. So I did. Question is will anyone be able to somehow attack it ? I know i set it to anyone
, but I want the instance to be only accessible by the private key. I don't care if that private key is used from another internet ip address. That's not insecure right ?
Q2. After I created the instance as I said in Q1, I have a project in there ec2-user/myApp
which is cloned from github. Due to yarn
sometimes resulting in an error, I had to do sudo chmod -R 777 myApp
and then running yarn
succeeds. Since I did sudo chmod -R 777 myApp
, read,write access is open to outside world, but still that's not insecure right ? because I don't have any other ports open to the world other than 22 ?
Thoughts ? Thank you.