[Box-Admins] squeaksource.com move to Rackspace
David T. Lewis
lewis at mail.msen.com
Tue Oct 4 10:35:42 UTC 2016
Tobias,
Thanks for your patient explanation.
To summarize in case anyone else needs this for reference:
1) I made a .ssh/config file containing the following:
Host ssh.squeak.org
User ssh
Port 1022
Host *.box.squeak.org
User davidlewis
ProxyCommand ssh -W %h:%p ssh.squeak.org
2) I connected to the 'dan' server with the following command, which makes
and interactive login to dan, and also sets up the port forwarding for the
two additional ports (8888 and 5900) that I wanted to test:
ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
3) With the above shell session active, I can connect to the web server
on port 8888 on server dan with http://localhost:8080, and I can connect
to a VNC server on dan by connecting to VNC display 0 on localhost.
(Note - the actual squeaksource.com image will use VNC display 1, so
port 5901 rather than 5900)
Thanks,
Dave
On Tue, Oct 04, 2016 at 09:26:45AM +0200, Tobias Pape wrote:
> Hi Dave
>
>
> On 04.10.2016, at 03:49, David T. Lewis <lewis at mail.msen.com> wrote:
>
> > Hi Tobias,
> >
> > I am now running a test image on 'dan' that is listening for http connections
> > on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so
> > that I can verify that both listening ports are active on the server. But
> > I am unable to make TCP connections to either port from an outside machine.
>
> That is expected.
> BTW: You can use netstat to see who is listening where:
>
> # netstat -neptl
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
> tcp 0 0 10.176.197.150:22 0.0.0.0:* LISTEN 0 20788 7726/sshd
> tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 1003 566790 30950/squeakvm
> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 17561 6275/exim4
> tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 1003 546769 30950/squeakvm
> tcp6 0 0 ::1:25 :::* LISTEN 0 17562 6275/exim4
>
> Next, ufw will tell you which ports are open:
>
> # ufw status verbose
> Status: active
> Logging: on (low)
> Default: deny (incoming), allow (outgoing)
> New profiles: skip
>
> To Action From
> -- ------ ----
> 10.176.197.150 22/tcp ALLOW IN 10.0.0.0/8
> 10.176.197.150 8888/tcp ALLOW IN 10.0.0.0/8
>
>
> >
> > I assume that I am missing some sort of port forwarding configuration, but
> > nothing I have tried so far has worked. Ideally I would like to connect to
> > the web server with http://104.130.170.38:8888 and use SSH local forwards
> > for the VNC connection.
>
> The web server variant via http://104.130.170.38:8888 is not intended.
> Please lets have as few ports open to the public as possible.
> But there's help:
>
> >
> > Could you please try making connections to those two ports on 'dan' and
> > let me know the specific ssh port forwarding commands that made it work?
>
> so, this works for me:
>
> ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
>
> (given the ssh config outlined some days ago, otherwise it is
>
> ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss at ssh.squeak.org:10225" 10.176.197.150
> )
>
> you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.
>
> Best regards
> -Tobias
>
>
>
>
> >
> > Thanks,
> > Dave
> >
> > On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
> >>
> >> On 03.10.2016, at 01:25, David T. Lewis <lewis at mail.msen.com> wrote:
> >>
> >>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
> >>>>
> >>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
> >>>> Here's the overview:
> >>>>
> >>>> =======================================================================================================================
> >>>> Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
> >>>> -----------------------------------------------------------------------------------------------------------------------
> >>>> ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29
> >>>> alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8
> >>>> adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56
> >>>> andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222
> >>>> dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150
> >>>> ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111
> >>>> david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45
> >>>> scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169
> >>>> =======================================================================================================================
> >>>
> >>>
> >>> I installed a new interpreter VM on dan, with the deb in /root/localdebs and
> >>> notes added to /root/admin-log.txt:
> >>>
> >>> ========================
> >>> 20161002 davidlewis
> >>>
> >>> Install 64-bit interpreter VM for squeaksource.com. This is an up to date
> >>> VM compiled on my personal Ubuntu laptop according to instructions at
> >>> http://wiki.squeak.org/squeak/6354, with "make deb" to create the local
> >>> debian package installed here.
> >>>
> >>> The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
> >>>
> >>> The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs
> >>> that are expected to be installed as /usr/bin/squeak.
> >>>
> >>> ========================
> >>>
> >>> This is the same as used on box3, except that it is a 64-bit VM to suit
> >>> the new Rackspace server.
> >>>
> >>> The squeaksource.com image serves on local port 8888 (not 8080). I would
> >>> prefer to keep that convention so that the image can be copied directly
> >>> from box3 without modification.
> >>>
> >>
> >> 8888 is there now. 8080 gone.
> >>
> >>> Is it possible to open some local ports on server dan during the transition
> >>> period? It would be helpful if I could connect to 8888, 5900, and 5901 for
> >>> the next couple of weeks or so.
> >>
> >> Please use SSH local forwards for that.
> >>
> >> like this:
> >> ssh -L5901:localhost:5901 dan.box.squeak.org
> >>
> >> and then connect you VNC-viewer to Display 1 on localhost.
> >>
> >>
> >>>
> >>> Thanks,
> >>> Dave
> >>>
More information about the Box-Admins
mailing list