maintenance:general:ssh_jumphost
LDAP: couldn't connect to LDAP server
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| maintenance:general:ssh_jumphost [2020/07/06 14:13] – bdorlandt | maintenance:general:ssh_jumphost [2020/07/06 14:26] (current) – [SSH jumphost] bdorlandt | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== SSH jumphost ====== | ||
| + | To set up a permanent jumphost for all SSH sessions from NetYCE the following is required. | ||
| + | |||
| + | - Generate SSH keys on the netyce server '' | ||
| + | - Copy the contents of '' | ||
| + | - Verify you can login to the jumphost without a password '' | ||
| + | - modify the / | ||
| + | - < | ||
| + | Host jumphost | ||
| + | Hostname 192.168.182.136 | ||
| + | User your_user | ||
| + | IdentityFile ~/ | ||
| + | |||
| + | Host 192.168.182.191 192.168.182.192 | ||
| + | # you could also do: 192.168.182.* | ||
| + | ProxyCommand ssh jumphost -W %h:%p -F / | ||
| + | |||
| + | </ | ||
| + | - do not modify other aspects | ||
| + | - Verify you can connect to a node. '' | ||
| + | - you should see this line in the debug output: '' | ||
| + | |||
| + | From this point on all SSH session will use the jumphost. | ||
| + | |||
| + | More details on [[https:// | ||
| + | |||
| + | ===== Drawbacks ===== | ||
| + | |||
| + | ==== NCCM ==== | ||
| + | |||
| + | Without having direct return traffic from the node to NetYCE cripples the NCCM functionality. | ||
| + | |||
| + | You'll have to disable the pre and post backups for the command_jobs as well. | ||
| + | |||
| + | Set all disabled values to 1. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | ==== OS upgrades ==== | ||
| + | |||
| + | Since the NetYCE server isn't reachable from the node, the OS can't be retrieved for OS upgrades. | ||
maintenance/general/ssh_jumphost.txt · Last modified: 2020/07/06 14:26 by bdorlandt