maintenance:general:ssh_jumphost
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| maintenance:general:ssh_jumphost [2020/01/29 19:45] – ↷ Page moved from guides:user:ssh_jumphost to maintenance:general:ssh_jumphost bdorlandt | maintenance:general:ssh_jumphost [2024/07/03 12:31] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== SSH jumphost ====== | ||
| + | To set up a permanent jumphost for all SSH sessions from NetYCE the following is required. | ||
| + | |||
| + | - Generate SSH keys on the netyce server '' | ||
| + | - Copy the contents of '' | ||
| + | - Verify you can login to the jumphost without a password '' | ||
| + | - modify the / | ||
| + | - < | ||
| + | Host jumphost | ||
| + | Hostname 192.168.182.136 | ||
| + | User your_user | ||
| + | IdentityFile ~/ | ||
| + | |||
| + | Host 192.168.182.191 192.168.182.192 | ||
| + | # you could also do: 192.168.182.* | ||
| + | ProxyCommand ssh jumphost -W %h:%p -F / | ||
| + | |||
| + | </ | ||
| + | - do not modify other aspects | ||
| + | - Verify you can connect to a node. '' | ||
| + | - you should see this line in the debug output: '' | ||
| + | |||
| + | From this point on all SSH session will use the jumphost. | ||
| + | |||
| + | More details on [[https:// | ||
| + | |||
| + | ===== Drawbacks ===== | ||
| + | |||
| + | ==== NCCM ==== | ||
| + | |||
| + | Without having direct return traffic from the node to NetYCE cripples the NCCM functionality. | ||
| + | |||
| + | You'll have to disable the pre and post backups for the command_jobs as well. | ||
| + | |||
| + | Set all disabled values to 1. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | ==== OS upgrades ==== | ||
| + | |||
| + | Since the NetYCE server isn't reachable from the node, the OS can't be retrieved for OS upgrades. | ||