Applogic SSH

This is an alternative to using the shell terminal in the 3tera applogic tool, which is sometimes constrained by bandwidth or CPU utilization issues.

Creating an SSH Key Pair (private/public) using PuTTY

Recommend that you read this page in its entirety
http://unixwiz.net/techtips/putty-openssh.html

a. download & install the putty suite on your desktop using the Windows installer option. 
b. use puttygen to generate public and private keys & save both private & public keys.

Configure Gateway or Switch Appliances

There are two ways to approach an SSH telnet session in the 3tera environment.

  • Designing an SSH Telnet session between in INSSL gateway appliance and connected application appliance.
  • Designing an SSH Telnet session utilizing a PS8 port forwarding switch appliance.

<u></u>

<u></u><u>INSSL Gateway</u>

a. Change INSSL gateway appliance Property Values to...
       l3_accept_proto = tcp
       l3_accept_port = 22
b. Create an ssl(input) on the appliance that the INSSL appliance is serving as a gateway for. (See Creating inputs/outputs on 3tera appliances.)
c. Connect aux(out) on the INSSL gateway to ssl(in) on the associated appliance server.

<u>PS8 Port Forwarding Switch</u>

a. Change INSSL gateway appliance Property Values to...
      l3_accept_proto = tcp
      l3_accept_port = all
b. Change PS8 switch appliance Property Values to...
      out*x*_protocol = tcp
      out*x*_in_port = 22
      out*x*_out_port= 22
where "x" is a specific numbered port among the 8 available ports on the switch appliance.
c. Create an ssl(input) on the appliance that the PS8 appliance is serving as a switch for. (See Creating inputs/outputs on 3tera appliances.)
d. Connect port*x* out on the PS8 appliance to the ssl(in) on the associated appliance server.

Configure the Server Appliance for SSL connections

Each application appliance running on LINUX has an /etc/rc.local file, in which user scripts are run. This script must be edited, adding a line that will copy appropriate SSH public keys to the "./root/.ssh/authorized_keys" file. The following two lines are placed at the end of the rc.local file. Following is a a placement example...

a. Establish a terminal session to the appropriate appliance.

  • LINUX5 Appliance (admin)

    h4. ./etc/rc.local
_    #add keys
    cat /appliance/keyfile >>/root/.ssh/authorized_keys
_   h4. =

b. Create keyfile file containing user's public keys.
    ba. cd /appliance
    bb. vi keyfile
    bc. insert the public SSH key string/s.  (Each user will have their own public key which is added to a seperate line of the file.  The key string exists unbroken on a single line which may wrap in your terminal.
Ex. ssh-rsa AAAAB3Nzayc2EAAAQAAAIBTrmK9R7tH55Ej5MchGImipSd/OI8S1LQu72RhkPgk8fvoMMF/dfxqS3z4n/gK6PY3p8PkulyeXoLHmkjJIWQh1. rube.berg@sfgov.org
    bd. save the file.
Note: The application must be restarted once for the SSH keys to be loaded on the appliance as they load upon initial boot up of the appliance. Associating a user ID with Public Key h1. a. Open a grid terminal session and type the following command...

    user set {user id} ssh="{public key string}"

ex. user set barf.williams@sfgov.org ssh="AAAAsdfs34fEdsfsfasafsadfgfgdfkjhasdfkjashdfkuioiuhiusadfiouhasidfuh"

Configure & Start your SSH terminal session in PuTTY.

a. Under the Session section, type in the INSSL appliance IP address associated with the particular server appliance you wish to connect to.  Select port 22.  Connection type is SSH.  In the "Saved Sessions" field, type in an arbitrary name for your session and select the "Save" button.


b. Under SSH / Auth section, insert your private key file path and filename.
c. Select the Session section and select the "Save" button.  Your session information should now be saved and associated with the name you selected in the "Saved Sessions" field.


_Select "YES" for saving the key to the registry.
_  Initiate the session by selecting "Open".  Login as your userID (first initial plus last name) and use the password you created for your private key.
See http://unixwiz.net/techtips/putty-openssh.html for information on creating your public and private key using PuttyGen.  You will need to copy and paste the public key that appears in puttygen into and e-mail to send to the system administrator.

PuTTY Notes & Recommendations

  • Under Connection - We recommend enabling 180 second "TCP keepalives" to prevent timing out of terminal sessions.  We observed timeouts after 5 minutes without it.
  • Under Window / Colours - When using standard black terminal background, blue is very faint. We recommend that you change default blue to white.  All text will be clearly readable.
  • Under Window - We recommend increasing "Lines of scrollback" from 200 to 9999.

ssh to the grid

If you have root access to the grid, you can ssh to that IP.

From there you "choose application"

  1. ca mad_sfmaps

To ssh to a VM, you must first

  1. list comp

choose the vm, then

  1. ssh main.sfmaps_db

Very nice.

can ssh to any component on the grid.