Closed Bug 623715 Opened 14 years ago Closed 14 years ago

give access to loaned buildslave to developer

Categories

(Infrastructure & Operations Graveyard :: NetOps, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: bear, Assigned: ravi)

References

Details

(Whiteboard: SSL VPN)

Attachments

(1 file)

public key
2.19 KB, text/plain
Details 
developer Daniel Brooks (:db48x) is being given access to machine 

talos-r3-fed64-040.build.mozilla.org

and will need to be given access thru the vpn/firewall
Blocks: 622810
bumping priority to poke to find out what is blocking this from happening
Severity: normal → critical
Severity: critical → normal
We don't have an easy method to get non-employees access to build resources.  Yet, anyways.

Netops is working on an SSL VPN that we can use for this and should have it this week.  Will that timing work?
ah - didn't realize he was non-moco.

yes, this week will have to work as that will be the only secure way for him to access the resource.
Blocks: about:startup
No longer blocks: 622810
backing out my errant dup close
Blocks: 622810
No longer blocks: about:startup
(In reply to comment #2)
> Netops is working on an SSL VPN that we can use for this and should have it
> this week.  Will that timing work?

Sounds good. Is there an ETA?
I should have a working VPN config tomorrow.  How will you be connecting?  SSH?
Assignee: network-operations → ravi
Status: NEW → ASSIGNED
Whiteboard: SSL VPN
(In reply to comment #7)
> I should have a working VPN config tomorrow.  How will you be connecting?  SSH?

Yes, SSH sounds good. This isn't my normal computer though, I'll need to create another key...
Status: ASSIGNED → NEW
Attached file public key 
Please add this public key to my account. Thanks.
Attachment #503510 - Attachment mime type: application/octet-stream → text/plain
If you have a local login to the box I can get you the URL to connect right now.  If you can only connect with an SSH key I likely won't have this complete for you until tomorrow.
Okay, I have the SSL VPN up and running.  I just need to discuss which is the appropriate LDAP attribute/group for you so you can have access.  I'll update the bug tomorrow with instructions for connecting.
Status: NEW → ASSIGNED
Okay, give this a go:

https://ssl1.sjc1.mozilla.com/

Login with your Mozilla credentials and select Community from the drop down menu.

Under the Client Application Sessions group is Network Connect -- click Start.  This will launch a Java applet which essentially is a VPN client.  It should indicate a successful connect at which time you should be able to ssh to talos-r3-fed64-040.build.mozilla.org from a local terminal.

This is a new deployment so there are only self-signed certificates at the moment.

FF4 is also cot currently supported.  3.6, Chrome, or Safari are.
(In reply to comment #12)
> Okay, give this a go:
> 
> https://ssl1.sjc1.mozilla.com/
> 
> Login with your Mozilla credentials and select Community from the drop down
> menu.

I'm unable to log in. I'm quite sure that I'm typing my password in correctly...

> FF4 is also cot currently supported.  3.6, Chrome, or Safari are.

That's a bit unusual. Would you mind elaborating? I'm merely curious.
What login are you using? Are you able to use it elsewhere that uses LDAP auth? 

What is unusual?
I see failed logins as 'db48x@yahoo.com'.  Would you like me to reset your password, perhaps?
(In reply to comment #15)
> I see failed logins as 'db48x@yahoo.com'.  Would you like me to reset your
> password, perhaps?

Yea, that's me. Shouldn't need to reset the password, I was able to log into (ironically) the password reset page successfully.
(In reply to comment #14)
> What is unusual?

I'm merely curious about why FF4.0 isn't supported. Is there a bug?
Puzzling.  I have a test account with near identical settings as yours (username, password, and ssh key are different) and am able to login with success.

Perhaps try resetting the password.  Maybe something is wedged somewhere?  Alternately I could reset it and test with the temp one and then on success have you test with it.
(In reply to comment #18)
> Puzzling.  I have a test account with near identical settings as yours
> (username, password, and ssh key are different) and am able to login with
> success.
> 
> Perhaps try resetting the password.  Maybe something is wedged somewhere? 
> Alternately I could reset it and test with the temp one and then on success
> have you test with it.

We might as well try that.
Worked as expected with the generated password.  Give it a go with that one and then again with whatever password you end up changing it to.
Yea, now it works just fine. I guess I was mistyping my password on this page but not others after all.
Glad you got in.  I'll let you close out once you successfully connect.

Re: FF4 - Something changed that during the install it asks for a system password to complete.  After correctly entering in the password it stalls.  I've reached out to the vendor to ask them if they have FF4 in mind, but I suspect they may be reluctant to allocate time to it while it is still in beta and we haven't announced an actual release date.

On OSX it will launch in a broken state if you install the app using any of the supported browsers.  A force quit/kill is the only thing that works to quit the failed launch of the Java applet.
Ok, this is working fairly well, although I can't look up domain names, so it's not perfect.

Also, I forgot and did it in FF4.0, but it seems to have worked ok. It did ask me to allow it to run downloaded programs about 8 times or so though.
Excellent, that last change got the dns working as well. Thanks Ravi.
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Which fx4 version worked for you?  Trunk?  b8?  b9?
(In reply to comment #25)
> Which fx4 version worked for you?  Trunk?  b8?  b9?

4.0b9 on Windows 7.
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: