[SAC] ssh config to connect to LXC containers
Regina Obe
lr at pcorp.us
Wed Jun 5 08:46:09 PDT 2019
Why aren't you going thru download (port 22)
Download container can see new-secure fine since all the containers are on
the same network.
It's just the host that is on a different network, and I don't really think
we want people going thru via the host.
-----Original Message-----
From: strk at kbt.io [mailto:strk at kbt.io]
Sent: Wednesday, June 5, 2019 6:39 AM
To: sac at lists.osgeo.org
Cc: Regina Obe <lr at pcorp.us>; Chris Giorgi <chrisgiorgi at gmail.com>
Subject: ssh config to connect to LXC containers
I've spent some time figuring this out, so here it is, for sharing, what I
put in my .ssh/config file:
Host osgeo-secure
User root
Hostname 10.88.1.204
ProxyCommand ssh tech_dev at osgeo7.osgeo.osuosl.org -p 2222 -W %h:%p
With the above, I can use ssh based commands by just referencing the
"osgeo-secure" host, like:
ssh osgeo-secure
Note that the above configuration is based on hard-coded IP for the "secure"
machine, this is not good I suppose, as we might not have static IPs
assigned to LXC containers.
Also, the above only works when sshd is running in the container (it is the
case for the "new-secure" container).
If you have suggestions to improve the configuration (maybe using also a
wildcard for "osgeo-vm-*") I'd love to read about it.
It would be useful to have such instructions in a SAC member handbook
somewhere...
--strk;
() Free GIS & Flash consultant/developer
/\ https://strk.kbt.io/services.html
More information about the Sac
mailing list