give access to loaned buildslave to developer

RESOLVED FIXED

Status

Infrastructure & Operations
NetOps
RESOLVED FIXED
7 years ago
5 years ago

People

(Reporter: bear, Assigned: ravi)

Tracking

Details

(Whiteboard: SSL VPN)

Attachments

(1 attachment)

(Reporter)

Description

7 years ago
developer Daniel Brooks (:db48x) is being given access to machine 

talos-r3-fed64-040.build.mozilla.org

and will need to be given access thru the vpn/firewall
(Reporter)

Updated

7 years ago
Blocks: 622810
(Reporter)

Comment 1

7 years ago
bumping priority to poke to find out what is blocking this from happening
Severity: normal → critical

Updated

7 years ago
Severity: critical → normal

Comment 2

7 years ago
We don't have an easy method to get non-employees access to build resources.  Yet, anyways.

Netops is working on an SSL VPN that we can use for this and should have it this week.  Will that timing work?
Depends on: 622210
(Reporter)

Comment 3

7 years ago
ah - didn't realize he was non-moco.

yes, this week will have to work as that will be the only secure way for him to access the resource.
(Reporter)

Updated

7 years ago
Duplicate of this bug: 622810
(Reporter)

Updated

7 years ago
Blocks: 593743
No longer blocks: 622810
(Reporter)

Comment 5

7 years ago
backing out my errant dup close
Blocks: 622810
No longer blocks: 593743
(In reply to comment #2)
> Netops is working on an SSL VPN that we can use for this and should have it
> this week.  Will that timing work?

Sounds good. Is there an ETA?
(Assignee)

Comment 7

7 years ago
I should have a working VPN config tomorrow.  How will you be connecting?  SSH?
Assignee: network-operations → ravi
Status: NEW → ASSIGNED
Whiteboard: SSL VPN
(In reply to comment #7)
> I should have a working VPN config tomorrow.  How will you be connecting?  SSH?

Yes, SSH sounds good. This isn't my normal computer though, I'll need to create another key...
Status: ASSIGNED → NEW
Created attachment 503510 [details]
public key

Please add this public key to my account. Thanks.

Updated

7 years ago
Attachment #503510 - Attachment mime type: application/octet-stream → text/plain
(Assignee)

Comment 10

7 years ago
If you have a local login to the box I can get you the URL to connect right now.  If you can only connect with an SSH key I likely won't have this complete for you until tomorrow.
(Assignee)

Comment 11

7 years ago
Okay, I have the SSL VPN up and running.  I just need to discuss which is the appropriate LDAP attribute/group for you so you can have access.  I'll update the bug tomorrow with instructions for connecting.
Status: NEW → ASSIGNED
(Assignee)

Comment 12

7 years ago
Okay, give this a go:

https://ssl1.sjc1.mozilla.com/

Login with your Mozilla credentials and select Community from the drop down menu.

Under the Client Application Sessions group is Network Connect -- click Start.  This will launch a Java applet which essentially is a VPN client.  It should indicate a successful connect at which time you should be able to ssh to talos-r3-fed64-040.build.mozilla.org from a local terminal.

This is a new deployment so there are only self-signed certificates at the moment.

FF4 is also cot currently supported.  3.6, Chrome, or Safari are.
(In reply to comment #12)
> Okay, give this a go:
> 
> https://ssl1.sjc1.mozilla.com/
> 
> Login with your Mozilla credentials and select Community from the drop down
> menu.

I'm unable to log in. I'm quite sure that I'm typing my password in correctly...

> FF4 is also cot currently supported.  3.6, Chrome, or Safari are.

That's a bit unusual. Would you mind elaborating? I'm merely curious.
(Assignee)

Comment 14

7 years ago
What login are you using? Are you able to use it elsewhere that uses LDAP auth? 

What is unusual?
(Assignee)

Comment 15

7 years ago
I see failed logins as 'db48x@yahoo.com'.  Would you like me to reset your password, perhaps?
(In reply to comment #15)
> I see failed logins as 'db48x@yahoo.com'.  Would you like me to reset your
> password, perhaps?

Yea, that's me. Shouldn't need to reset the password, I was able to log into (ironically) the password reset page successfully.
(In reply to comment #14)
> What is unusual?

I'm merely curious about why FF4.0 isn't supported. Is there a bug?
(Assignee)

Comment 18

7 years ago
Puzzling.  I have a test account with near identical settings as yours (username, password, and ssh key are different) and am able to login with success.

Perhaps try resetting the password.  Maybe something is wedged somewhere?  Alternately I could reset it and test with the temp one and then on success have you test with it.
(In reply to comment #18)
> Puzzling.  I have a test account with near identical settings as yours
> (username, password, and ssh key are different) and am able to login with
> success.
> 
> Perhaps try resetting the password.  Maybe something is wedged somewhere? 
> Alternately I could reset it and test with the temp one and then on success
> have you test with it.

We might as well try that.
(Assignee)

Comment 20

7 years ago
Worked as expected with the generated password.  Give it a go with that one and then again with whatever password you end up changing it to.
Yea, now it works just fine. I guess I was mistyping my password on this page but not others after all.
(Assignee)

Comment 22

7 years ago
Glad you got in.  I'll let you close out once you successfully connect.

Re: FF4 - Something changed that during the install it asks for a system password to complete.  After correctly entering in the password it stalls.  I've reached out to the vendor to ask them if they have FF4 in mind, but I suspect they may be reluctant to allocate time to it while it is still in beta and we haven't announced an actual release date.

On OSX it will launch in a broken state if you install the app using any of the supported browsers.  A force quit/kill is the only thing that works to quit the failed launch of the Java applet.
Ok, this is working fairly well, although I can't look up domain names, so it's not perfect.

Also, I forgot and did it in FF4.0, but it seems to have worked ok. It did ask me to allow it to run downloaded programs about 8 times or so though.
Excellent, that last change got the dns working as well. Thanks Ravi.
Status: ASSIGNED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Which fx4 version worked for you?  Trunk?  b8?  b9?
(In reply to comment #25)
> Which fx4 version worked for you?  Trunk?  b8?  b9?

4.0b9 on Windows 7.
Product: mozilla.org → Infrastructure & Operations
You need to log in before you can comment on or make changes to this bug.