|
|
| (8 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| === Introduction ===
| | {{header|infra}} |
| | {{shortcut|ISOP:SSHACCESS}} |
| | This SOP has moved to the fedora Infrastructure SOP git repo. Please see the current document at: https://infrastructure.fedoraproject.org/infra/docs/docs/sysadmin-guide/sops/sshaccess.rst |
|
| |
|
| This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication.
| | For changes, questions or comments, please contact anyone in the Fedora Infrastructure team. |
|
| |
|
| === Steps to reproduce ===
| |
|
| |
| '''First of all:'''
| |
|
| |
| <pre>
| |
| cd /home/user/.ssh
| |
| touch config && nano config
| |
| </pre>
| |
|
| |
| '''Note:''' You'll need to create an entry for every internal machine you plan to log in to.
| |
|
| |
| '''Note2:''' This example is valid only if you are trying to login into puppet01 to commit your changes to Infrastructure's Puppet tree. (see Note1)
| |
|
| |
| '''then,''' edit it as it follows:
| |
|
| |
| <pre>
| |
| Host puppet01 puppet1 puppet01.fedoraproject.org
| |
| Hostname %h (or if it doesn't resolve, go ahead to the troubleshooting section)
| |
| User FASUID (you don't need this if your local UID and your FAS one correspond)
| |
| ProxyCommand ssh -q FASUID@bastion.fedoraproject.org /usr/bin/nc %h 22
| |
| </pre>
| |
|
| |
| === Troubleshooting: ===
| |
|
| |
| * 'nc: getaddrinfo: Name or service not known', replace '''Hostname %h''' with '''Hostname 10.5.126.23''' (this is puppet's IP, so it will be different by machine to machine)
| |
| * if your local UID is different from the one registered in FAS, please remember to set up a '''User''' variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.
| |
|
| |
|
| [[Category:Infrastructure SOPs]] | | [[Category:Infrastructure SOPs]] |
