From Fedora Project Wiki

Revision as of 14:32, 28 May 2011 by Averi (talk | contribs) (Created page with '=== Introduction === This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication....')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Introduction

This page will contain some useful instructions about how you can safely login into Fedora internal machines successfully using a PubAuthKey authentication.

Steps to reproduce

First of all:

cd /home/user/.ssh
touch config && nano config

Note: You'll need to create an entry for every internal machine you plan to log in to.

Note2: This example is valid only if you are trying to login into puppet01 to commit your changes to Infrastructure's Puppet tree. (see Note1)

then, edit it as it follows:

Host puppet01 puppet1 puppet01.fedoraproject.org
   Hostname %h (or if it doesn't resolve, go ahead to the troubleshooting section) 
   User FASUID (you don't need this if your local UID and your FAS one correspond)
   ProxyCommand ssh -q FASUID@bastion.fedoraproject.org /usr/bin/nc %h 22

Troubleshooting:

  • 'nc: getaddrinfo: Name or service not known', replace 'Hostname %h' with 'Hostname 10.5.126.23' (this is puppet's IP, so it will be different by machine to machine)
  • if your local UID is different from the one registered in FAS, please remember to set up a 'User' variable (like above) where you specify your FAS UID. If that's missing SSH will try to login by using your local UID, thus it will fail.