Project

General

Profile

Vm access » History » Version 2

Herve Caumont, 2013-06-20 10:50

1 1 Herve Caumont
h1. SSH Connexion
2
3
{{>toc}}
4
5 2 Herve Caumont
h2. Pre-conditions
6 1 Herve Caumont
7 2 Herve Caumont
To access your Sandbox, you need a secure connection (via ssh or putty)
8
You will make use of your private keys to establish the handshake with the infrastructure.
9 1 Herve Caumont
10 2 Herve Caumont
Your X.509 certificate was generated during your initial Registration step. 
11
Your Sandbox IP, or <sandboxhost>, was provided in your "First connection" email.
12 1 Herve Caumont
13 2 Herve Caumont
h2. Connecting from Unix / Linux (using ssh)
14 1 Herve Caumont
15
* The user downloads his X.509 certificate from the user management portal (e.g. in PEM format), either with encrypted private key (recommended) or unencrypted private key (not recommended)
16
* On the command line, the user can now directly access the VM using:
17
18
<pre>ssh -i <username>.pem <username>@<sandboxhost></pre>
19
20
Depending on the downloaded format, the user has to provide his passphrase (if encrypted key was downloaded) or not (if the key was downloaded unencrypted).
21
22 2 Herve Caumont
h2. Connecting from Windows (using putty)
23 1 Herve Caumont
24
If the user wants to login from Windows using putty (a well-known freely available ssh client), the key must be converted into a putty-compatible format first:
25
26
* The user must download his X.509 certificate from in PEM format [*with unencrypted key*].
27
* From the file, the private key must be extracted manually (using a text editor): Copy the part
28
29
<pre>-----BEGIN RSA PRIVATE KEY-----
30
MII....
31
-----END RSA PRIVATE KEY-----</pre>
32
33
and paste it into a new file named e.g. <user>.private. Make sure this file is in a secure and safe place.
34
35
* This private key must now be imported with "puttygen":http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe either on the command line:
36
37
<pre>puttygen <user>.private</pre>
38
39
> or using the import or load function in puttygen. The import should succeed with the following message:
40
!/attachments/download/5/Screen%20Shot%202013-03-19%20at%2009.22.54.png!
41
42
* The file must now be saved as private key either with (recommended) or without (not recommended) passphrase. Preferably name the resulting key <user>.ppk by clicking the "Save private key" button in the screen below: 
43
!/attachments/download/6/Screen%20Shot%202013-03-19%20at%2009.24.54.png!
44
45
* Now the user can access the VM with "putty":http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe in the command line:
46
<pre>
47
putty –I <user>.ppk <user>@<sandboxhost>
48
</pre>
49
or save the corresponding info in a "Pageant":http://the.earth.li/~sgtatham/putty/latest/x86/pageant.exe session with the following four steps: In the session dialog, the "Host Name (or IP address)" field needs to be set to &lt;sandboxhost&gt; (Protocol SSH, Port 22):
50
> !http://controller.ciop.terradue.com/attachments/download/3/Untitled3.png!
51
52
* The, <user> must be added to the "Auto-login username" field in the Connection dialog:
53
> !http://controller.ciop.terradue.com/attachments/download/4/Untitled4.png!
54
and the created private key file needs to be referenced in the "Private key file for authentication" field of the Auth dialog:
55
> !http://controller.ciop.terradue.com/attachments/download/5/Untitled5.png!
56
Finally, the session can be saved (Session dialog) or just opened (Open button below).
57
58
* Make sure that the unencrypted X.509 PEM certificate is deleted (or at least stored in a secure and safe location) after this setup. The X.590 PEM certificate is not used to access the system with putty. Only the generated *<user>.ppk* file is needed.