An easy solution for users to login to Fermi kerberized computers via ssh. Solution uses Vagrant to provision a VirtualBox VM that provides kerberized ssh.
Note: Since this depends on VirtualBox VM then your host hardware needs to be able to run a VirtualBox VM. See VitualBox Documentation for more info.
1. Features
-
Provisioned via Vagrant -→ VirtualBox VM
-
Installed with this VM are:
-
openssh
-
kerberos config file for Fermi
-
2. Installation of Vagrant, VirtualBox , Vagrantfile
Note that the installation requires some downloads from Fermi and other sites.
Host OS | Vagrant | VirtualBox | Status | Notes |
---|---|---|---|---|
SL 6 |
1.8.7-1 |
5.1.8 |
Works |
|
SL 6 |
1.8.6 |
5.1.8 |
Works |
|
SL 6 |
1.8.5 |
5.1 |
FAILS |
|
SL 6 |
1.8.4 |
5.0.26 |
Works |
|
SL 7 |
1.8.7-1 |
5.1.8 |
Works |
|
SL 7 |
1.8.6 |
5.1.8 |
Works |
|
SL 7 |
1.8.5 |
5.1 |
FAILS |
|
SL 7 |
1.8.4 |
5.0.26 |
Works |
|
MAC 10.10.5 |
1.8.7 |
5.1.8 |
Works |
|
MAC 10.10.5 |
1.8.5 |
5.0.26 |
FAILS |
|
MAC 10.10.5 |
1.8.4 |
5.0.26 |
Works |
|
Windows 7 |
1.8.7 |
5.1.8 |
Works |
|
Windows 7 |
1.8.5 |
5.0.26 |
FAILS |
|
Windows 7 |
1.8.4 |
5.0.26 |
Works |
|
Windows 10 |
1.8.7 |
5.1.8 |
Works |
|
Windows 10 |
1.8.5 |
5.1.4 |
FAILS |
|
Windows 10 |
1.8.4 |
5.0.26 |
FAILS |
|
Ubuntu 16.04 |
1.8.4 |
5.0.24 |
Works |
|
Fedora 24 |
1.8.4 |
5.0.26 |
Works |
-
Download and install Vagrant from https://www.vagrantup.com/downloads.html
The need for a down rev version of vagrant is not needed any more as the current version of vagrant fixed the bug.
-
Download and install VirtualBox from http://www.virtualbox.org/
-
Download and install VirtualBox extentions from http://www.virtualbox.org/
Note
|
Mac may need "parallels" stopped before VirtualBox will start. |
-
Make Vagrant directory
mkdir "someplace you like" or equivalent for Windows
cd "someplace you like" or equivalent for Windows
-
Download the customized "fermi-kerberized-ssh" Vagrant config file from
http://sldist.fnal.gov/linux/fermi/contrib/vagrant/fermi-kerberized-ssh/Vagrantfile
-
Make sure the Vagrantfile downloaded is in the directory you made earlier .
3. Provision Virtual box using Vagrant via the "command line"
Provisioning means to install and configure the VM to make it usable for
what you want to do.
The following will be provisioned (it may take many minutes to run)
-
This will update to latest versions of packages.
-
Add/Update Virtual Box Guest Additions.
-
Turn off not needed network services.
-
Kerberize ssh for use at Fermilab.
vagrant up
The virtual machine has now been provisioned.
4. LOGIN
-
TO LOGIN via text mode
vagrant ssh
kinit "your kerberos principal"
ssh <your kerberos principal>@<fermi kerberized computer running sshd that you have access to>
-
via GUI for Windows users
Start up your VirtualBox App (the GUI)
Locate your new VM ( called "fermi-kerberized-ssh" ) and start it
Login with user "vagrant" and password "vagrant"
kinit "your kerberos principal"
ssh <your kerberos principal>@<fermi kerberized computer running sshd that you have access to>
5. TO SHUTDOWN
Exit from the "vagrant ssh"
exit
On your VM host computer
vagrant halt
To start up again
vagrant up
vagrant ssh
or
Start VirtualBox gui and start "fermi-kerberized-ssh"