Hey Tobias,
=======================================================================================================================
Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29 alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8 adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56 andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222 dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150 ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111 david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45 scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169 =======================================================================================================================
...
Ian is the ssh gateway so you have to connect to ian _first_ and use (1) local forwarding or (2) proxy jumping. I have installed the Public keys from most of you for the 'ssh' user on ian.
Please verify by ssh -p1022 -lssh 104.130.6.82 you should see restrict shell, no commands # (you get out with crtl-d, ctrl-c, or killing ssh)
How to reach the other servers? Example for 'andreas'
variant (1): Do a local forward by ssh -AN -L22221:10.176.200.8:22 -p1022 -lssh 104.130.6.82 and then ssh -lYOURNAME -p22221 localhost (-N maybe optional, but then you see 'restrict shell, no commands #')
Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 LocalForward 222221 10.176.200.8:22
(10.176.200.8 is alan, not andreas and 222221 is not a valid port number, but I got your point).
Host andreas.squeak.org User YOURNAME Hostname localhost Port 222221 And then say 'ssh -AN ian.squeak.org' and then 'ssh andreas.squeak.org'
However, my access failed:
======================= ssh andreas.squeak.org The authenticity of host '[localhost]:22221 ([127.0.0.1]:22221)' can't be established. ECDSA key fingerprint is a3:05:db:9d:51:b0:53:a9:4e:98:94:df:ff:34:09:2a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[localhost]:22221' (ECDSA) to the list of known hosts. Permission denied (publickey). ========================
Could you double check my ssh key?
... We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over.
I assume you will not carry forward the chroot directory structure from "box3". Are you planning to collaborate with the volunteers or do some kind of hand-off after the rsync or take everything completely across the finish-line?
[ACTION REQUIRED]
- Who needs access to which servers?
I would like access, including sudo, to dan and ted, please.
- Chris