SSH Access Infrastructure SOP
This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication.
Steps to reproduce
First of all:
cd /home/user/.ssh touch config && nano config
Note: You'll need to create an entry for every internal machine you plan to log in to.
Note2: This example is valid only if you are trying to login into puppet01 to commit your changes to Infrastructure's Puppet tree. (see Note1)
then, edit it as it follows:
Host puppet01 puppet1 puppet01.fedoraproject.org Hostname %h (or if it doesn't resolve, go ahead to the troubleshooting section) User FASUID (you don't need this if your local UID and your FAS one correspond) ProxyCommand ssh -q FASUID@bastion.fedoraproject.org /usr/bin/nc %h 22
- 'nc: getaddrinfo: Name or service not known', replace 'Hostname %h' with 'Hostname 10.5.126.23' (this is puppet's IP, so it will be different by machine to machine)
- if your local UID is different from the one registered in FAS, please remember to set up a 'User' variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.