[Box-Admins] Access to the new server(s)
Chris Muller
asqueaker at gmail.com
Thu Sep 29 03:10:20 UTC 2016
Hey Tobias,
=======================================================================================================================
> Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
> -----------------------------------------------------------------------------------------------------------------------
> ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29
> alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8
> adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56
> andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222
> dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150
> ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111
> david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45
> scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169
> =======================================================================================================================
> ...
> Ian is the ssh gateway so you have to connect to ian _first_ and use (1) local forwarding or (2) proxy jumping.
> I have installed the Public keys from most of you for the 'ssh' user on ian.
>
> Please verify by
> ssh -p1022 -lssh 104.130.6.82
> you should see
> restrict shell, no commands #
> (you get out with crtl-d, ctrl-c, or killing ssh)
>
> How to reach the other servers? Example for 'andreas'
>
> variant (1):
> Do a local forward by
> ssh -AN -L22221:10.176.200.8:22 -p1022 -lssh 104.130.6.82
> and then
> ssh -lYOURNAME -p22221 localhost
> (-N maybe optional, but then you see 'restrict shell, no commands #')
>
> Or in your .ssh/config you can put
>
> Host ian.squeak.org
> User ssh
> Hostname 104.130.6.82
> Port 1022
> LocalForward 222221 10.176.200.8:22
(10.176.200.8 is alan, not andreas and 222221 is not a valid port
number, but I got your point).
> Host andreas.squeak.org
> User YOURNAME
> Hostname localhost
> Port 222221
>
>
> And then say 'ssh -AN ian.squeak.org' and then 'ssh andreas.squeak.org'
However, my access failed:
=======================
ssh andreas.squeak.org
The authenticity of host '[localhost]:22221 ([127.0.0.1]:22221)' can't
be established.
ECDSA key fingerprint is a3:05:db:9d:51:b0:53:a9:4e:98:94:df:ff:34:09:2a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:22221' (ECDSA) to the list of
known hosts.
Permission denied (publickey).
========================
Could you double check my ssh key?
> ...
> We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over.
I assume you will not carry forward the chroot directory structure
from "box3". Are you planning to collaborate with the volunteers or
do some kind of hand-off after the rsync or take everything completely
across the finish-line?
> [ACTION REQUIRED]
>
> - Who needs access to which servers?
I would like access, including sudo, to dan and ted, please.
- Chris
More information about the Box-Admins
mailing list