A conversation between Octatron and Gorilla on the 11th of July about the details of ssh farming
Octatron> Has anyone here mastered the black art of ssh tunnelling? <gorilla> Kind of... But waiting on approval on requisition for more chickens to sacrifice on the next full moon. <Octatron> gorilla: Cool well I have chickens wanting to run through chookhouse 5900 running ssh to another chookhouse at 5900 what gates (ports) need to be opened? 22 + 5900? and do the farmers have to exchange just their public keys or that and their private keys both ways? <gorilla> Basically you are creating a chook run as hutch 5900 at you local chookhouse. Any chook entering that hutch will be transported via hutch 22 to the remote chook house and then to 5900 on the desintation chookhouse <gorilla> the following should get you close: ssh -L 5900:localhost.localfarm:5900 remote.chookhouse.farm <gorilla> regarding the exchanging keys to the chookhouses, the same rules apply as straight ssh. <Octatron> gorilla: Thank you I'll give that a burn however when I do that and it asks for a password, is it for the ssh password or root password and for which chookhouse? <gorilla> it should be the ssh password for the remote chookhouse. Ahh. if you are trying to connect as root or [email protected] then you need to ensure that you are allowing root to loginwith password or exchange the appropriate public keys. <Octatron> gorilla: Do the public keys on both farms have to be placed in each chookhouse ~/? or the private keys as well? or is it one way <gorilla> just the public keys. Get standard ssh from one chookhouse to the other working first and then move to tunneling 5900. <Octatron> Gorilla: ok so is it a case of handing the keys over manually to a certain folder from a certain folder? or do I simply run a command? Also, do I need to cut the keys first by running a command to create them then transfer, or do they already exist and I simply move them? Thanks for this btw <gorilla> Octatron: yes, just copy the relevant key over. best to cut and paste the relevant line from .ssh/id_[rd]sa.pub (I'm going from memory here) <Octatron> gorilla: kewl, so for each farm I might have say .ssh/id_farm1.pub then id_farm2.pub etc and this would need to put into the machine I wish to pipe too from the one wishing to connect <gorilla> Octatron: yes, or you can use the same .pub file for all machines. It simplifies admin but if the same key is compromised that all the farms becomes accessible. * gorilla wonders if we should post the transcipt of this irc conversation. <Octatron> I was just thinking the same thing, I think we should :P <Octatron> I suppose the only other thing than is to setup putty on all non-linux (Windoze) pc's and move it's repective windoze_putty.pub key across to the Linux.farm.box and watch those chooks fly! <gorilla> Octatron: Windows... off with their heads! <Octatron> gorilla: no no.. off with their cash! * gorilla prefers his chooks to be headless. No need for a GUI. <Octatron> Thank-you I've got it working now.. I didn't put the username in on username@remote_chookhouse.farm when piping the hutches! so it was attempting to connect to the root chookhouse silly me! <Octatron> I tried setting up a VPN but found out too late you need server 2008 for windoze users to connect more than one user and it was super touchy and slowed the network down majorly.. businesses need a way to securely access files remotely from the roadside or elsewhere <gorilla> Ahh.. Yeah. no rooster connections. <Octatron> Yeah I don't like to root with cockpit connections unless it's needed :P <Octatron> gorilla: all cockfighting aside, is their a command I can run to check the chookhouse 5900 is really running through hutch 22? <Octatron> *thinks someone should make drag and drop gui for setting up ports and pipes with chookhouses down each side* <gorilla> Octatron: It will show up in netstat on the local machine. * head_victim lets a bunch of chickens loose in the channel <Octatron> Seems netstat doesn't show me port 22 being used? do I have to indeed pipe it to grep ssh? <Octatron> I mean netstat doesn't show me the hutch 22 being used are the chooks running though another hutch somewhere or did the fox get them? <Octatron> hey head_victim welcome to the farmers market :P
-- ubuntu-au mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
