|
|
# How the remote works from fetdatorn
|
|
|
# General information
|
|
|
|
|
|
There's a script on fetdatorn at `/usr/bin/liu_reverse_ssh.sh` which contains:
|
|
|
In all snippets below, replace $FIAUSER with your username on fetdatorn and $LIUID with your LiU username.
|
|
|
|
|
|
```ssh -vvv -XC -NT -R 8090:localhost:22 fia@ini.re -o ServerAliveInterval=20```
|
|
|
When accessing fetdatorn locally (through [eduroam](https://eduroam.org/)) you can connect directly to its IP.
|
|
|
|
|
|
This forwards fetdatorns port 22 to port 8090 on ini.re. The script is executed by the service called `liu_reverse_ssh.service`, so if it doesn't work it might need to be restarted with `systemctl restart liu_reverse_ssh`. The script connects with a ssh key found in `/home/root/.ssh/inire_fia`.
|
|
|
When accessing fetdatorn remotely you'll need [two-factor authentication](https://www.student.liu.se/itsupport/tvastegsverifiering-pa-liu-konto?l=en) enabled. First you'll be asked for your password to LiU, then you'll have to authenticate through your 2FA app and finally you'll enter your password on fetdatorn.
|
|
|
|
|
|
Ask Rasmus Wallin if there's any questions regarding this script.
|
|
|
# Connect to Fetdatorn externally
|
|
|
|
|
|
# Connect to Fetdatorn from your computer remotely
|
|
|
Use the following snippet to connect to fetdatorn from an external network.
|
|
|
|
|
|
Use the following snippet to connect to fetdatorn remotely. Ask for usernames/passwords.
|
|
|
|
|
|
`ssh -J fia@ini.re $FIAUSER@localhost -p 8090`
|
|
|
`ssh -J $LIUID@ssh.edu.liu.se $FIAUSER@10.133.5.136`
|
|
|
|
|
|
## Using VS Code
|
|
|
|
... | ... | @@ -22,25 +20,24 @@ Then add this config: |
|
|
|
|
|
```
|
|
|
Host fetdatorn
|
|
|
HostName localhost
|
|
|
Port 8090
|
|
|
User *{{ask for username}}**
|
|
|
ProxyJump fia@ini.re
|
|
|
HostName 10.133.5.136
|
|
|
User $FIAUSER
|
|
|
ProxyJump $LIUID@ssh.edu.liu.se
|
|
|
```
|
|
|
|
|
|
If you are in the lab or on the eduroam network, you can instead connect "locally" through this config:
|
|
|
If you are on the eduroam network, you can instead connect locally through this config:
|
|
|
|
|
|
```plaintext
|
|
|
```
|
|
|
Host fetdatorn_local
|
|
|
HostName 10.133.5.136
|
|
|
User **{{ask for username}}**
|
|
|
Compression yes
|
|
|
ForwardX11 yes
|
|
|
User $FIAUSER
|
|
|
```
|
|
|
|
|
|
You will see the entries in the remote extension in VS Code and can connect to them. Example: ![image](uploads/66b6fcd8d40af80f4ffee0fbe88eaabb/image.png)
|
|
|
You will see the entries in the remote extension in VS Code and can connect to them. Example:
|
|
|
|
|
|
![image](uploads/66b6fcd8d40af80f4ffee0fbe88eaabb/image.png)
|
|
|
|
|
|
## NOTE: For improved security
|
|
|
### NOTE: For improved security
|
|
|
|
|
|
Because fetdatorn is being accessed by several host this setting should be enabled
|
|
|
|
... | ... | @@ -48,7 +45,7 @@ Because fetdatorn is being accessed by several host this setting should be enabl |
|
|
|
|
|
![image](uploads/1996d8cf03ba55ff977504a3212bcd96/image.png)
|
|
|
|
|
|
## IMPORTANT: For mac users.
|
|
|
### IMPORTANT: For mac users.
|
|
|
|
|
|
Edit settings.json file in order to tell vscode which operating system the host is running.
|
|
|
|
... | ... | @@ -61,13 +58,31 @@ This is how my settings.json file look like. Note that remote.SSH.remotePlatform |
|
|
## Connecting to fetdatorn via vscode on computers in the lab
|
|
|
|
|
|
1. See section above "NOTE: For improved security" and make sure that the tickbox is checked.
|
|
|
2. Update ssh.config to:
|
|
|
2. Use the configuration for accessing fetdatorn locally.
|
|
|
3. NOTE: When connecting to fetdatorn, you may be prompted to enter passwords twice.
|
|
|
|
|
|
# External jump host
|
|
|
|
|
|
Before we were allowed to access fetdatorn by jumping through ssh.edu.liu.se we used an external jump host. At the time of writing (2022-10-07) it's still up and running for backwards compatibility.
|
|
|
|
|
|
## The script
|
|
|
|
|
|
There's a script on fetdatorn at `/usr/bin/liu_reverse_ssh.sh` which contains:
|
|
|
|
|
|
```ssh -vvv -XC -NT -R 8090:localhost:22 fia@ini.re -o ServerAliveInterval=20```
|
|
|
|
|
|
This forwards fetdatorns port 22 to port 8090 on ini.re. The script is executed by the service called `liu_reverse_ssh.service`, so if it doesn't work it might need to be restarted with `systemctl restart liu_reverse_ssh`. The script connects with a ssh key found in `/home/root/.ssh/inire_fia`.
|
|
|
|
|
|
Ask Rasmus Wallin if there's any questions regarding this script.
|
|
|
|
|
|
## The configuration
|
|
|
|
|
|
To use this external proxy jump you use the below configuration.
|
|
|
|
|
|
```
|
|
|
Host fetdatorn
|
|
|
HostName localhost
|
|
|
Port 8090
|
|
|
User **{{ask for username}}**
|
|
|
User $FIAUSER
|
|
|
ProxyJump fia@ini.re
|
|
|
```
|
|
|
|
|
|
3. NOTE: When connecting to fetdatorn, you may be prompted to enter passwords twice. |
|
|
\ No newline at end of file |
|
|
``` |
|
|
\ No newline at end of file |