- Created by Steffen Drya, last modified by Martin Reiss on May 31, 2021
- Not Reviewed
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 6 Next »
As we explained in Quickstart , only the jump server can be accessed directly from the internet. All the other instances are only accessible through that jump server. The following explains how to configure your ssh client to make that possible.
Preconditions
You do have a key created via Create an SSH Key and its is provisioned by root360 to the requested environment.
The permissions on the file of your secret ssh key must be set so that only the owner can read them. For example in Linux with rights "600".
Username of Project User
The ssh username is of the format "project-environment
". You can get the name of your project with us through our Orbiter dashboard on my.root360.cloud: The listed environments always have the format "company-project-environment
".
IP to connect to
You need to connect to the jumpserver, also known as the bastionhost or natgw. You can get its public IP through our Orbiter dashboard of the environment you want to connect to in Instances → project-environment-natgw
→ Public IP.
Linux/macOS
On your local machine (e.g. workstation or enterprise-internal jump server) add your secret ssh key to your ssh-agent with ssh-add
and use ssh -A to use the ssh-agent. This is needed to connect to your application instances from the jumpserver:
ssh-add /path/to/privatekey ssh -A ProjectUser@Jumpserver-ip
The most likely path to your secret ssh key is ~/.ssh/id_rsa
. You can check your currently loaded keys with ssh-add -l
.
Windows (Putty)
Putty Agent pageant.exe must be active and have the appropriate key loaded. You can download it at https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
In the configuration of Putty, the AgentForwarding must be activated under Category> Connection > SSH> Auth.
Under Category> Connection> Data, the ProjectUser is stored.
Commands on the Jump Server / Bastion Host
On Jump Server you can make use of
r3 --help
To Jump to an instance use
ssh [WebInstanceIP]
Known Issues
If you haven't added your private key to your ssh agent the following error occur:
ProjectUser@[company]-[project]-[environment]-natgw-i-xxxxxxxxxxx:~$ ssh 10.**.**.** Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.rwrewrwere": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.WZkeireirj": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.IOWJjijiwe": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.ioejriweEf": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.ijejpirksf": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.PomwmkwWdx": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.Alkkeepwww": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.klklowkeko": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.Kksmd887we": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.1kopopweko": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.1kpookpeWd": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.ophwkowm23": invalid format Load key "/tmp/ssh.tmp.ewekoMceec/ssh.tmp.jowjojnmmw": invalid format ProjectUser@10.**.**.**: Permission denied (publickey).
Related tutorials
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Related components
-
Page:
INTERMEDIATE
Related questions
-
Page:
-
Page:
-
Page:
-
Page:
- No labels