SSH Access Infrastructure SOP

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Created page with '=== Introduction === This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication....')
 
m
Line 27: Line 27:
 
=== Troubleshooting: ===
 
=== Troubleshooting: ===
  
* 'nc: getaddrinfo: Name or service not known', replace 'Hostname %h' with 'Hostname 10.5.126.23' (this is puppet's IP, so it will be different by machine to machine)
+
* 'nc: getaddrinfo: Name or service not known', replace '''Hostname %h''' with '''Hostname 10.5.126.23''' (this is puppet's IP, so it will be different by machine to machine)
* if your local UID is different from the one registered in FAS, please remember to set up a 'User' variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.
+
* if your local UID is different from the one registered in FAS, please remember to set up a '''User''' variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.
  
 
[[Category:Infrastructure SOPs]]
 
[[Category:Infrastructure SOPs]]

Revision as of 14:33, 28 May 2011

Introduction

This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication.

Steps to reproduce

First of all:

cd /home/user/.ssh
touch config && nano config

Note: You'll need to create an entry for every internal machine you plan to log in to.

Note2: This example is valid only if you are trying to login into puppet01 to commit your changes to Infrastructure's Puppet tree. (see Note1)

then, edit it as it follows:

Host puppet01 puppet1 puppet01.fedoraproject.org
   Hostname %h (or if it doesn't resolve, go ahead to the troubleshooting section) 
   User FASUID (you don't need this if your local UID and your FAS one correspond)
   ProxyCommand ssh -q FASUID@bastion.fedoraproject.org /usr/bin/nc %h 22

Troubleshooting:

  • 'nc: getaddrinfo: Name or service not known', replace Hostname %h with Hostname 10.5.126.23 (this is puppet's IP, so it will be different by machine to machine)
  • if your local UID is different from the one registered in FAS, please remember to set up a User variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.