2014-02-14

Step #06 : Install and use GateOne; the HTTP terminal server

Description

After this step in the series you'll be able to continue from any machine, anywhere, even a Chromebook!

 We finished the previous step, Install OpenERP using a SaltStack state file, with OpenERP up and running in a Salt minion.  Inappropriately for a production-grade service, we installed it in a disposable pay-by-the-hour virtual machine.

On the other hand, for occasionally required services such as a Salt master, pay-by-the-hour VMs like iwstack.com's are a boon for several reasons: cost and security.

I have a very lightweight VM (384MB) with a minuscule virtual disk for my administrative work.  It's dead for most of its life.  When I need to work on a client's machines -- off site back up, for example -- I attach their admin virtual disk to my little admin VM, boot it up, do my housekeeping work, like saving a backup copy, and kill it again.

I used to use SSH for that work, but really regretted it one day when a client had an emergency and I was hours away from access to any copy of my SSH private key.

That's when I found GateOne.
GateOne is a terminal server with a HTTP client.

Now, my SysAdmin work day involves :
  1. Logging into iwStack.com 
  2. Booting up my admin VM
  3. Logging into the GateOne terminal of the admin VM using my Google ID
  4. Finding all my old terminal sessions up, running and logged back in
  5. Dusting the shelves and mopping the floor
  6. Killing my admin VM
  7. Logging out of iwStack.com 

Here's the video:


Tasks performed

  1. Make the Master also be it's own minion, check that both daemons are running and have the Master accept the Minion's keys
  2. Finalize the Salt state stack for GateOne, link it into Salt's path and then run it
  3. Start up GateOne
  4. Access GateOne by IP address in the browser.
  5. Fix the missing "origin" in GateOne's configuration
  6. Restart GateOne, and gain clear anonymous access to it
  7. Ensure we are already logged in to Google
  8. Switch the "auth" configuration parameter from "none" to "google"
  9. Restart GateOne, and get automatically redirected to Google's confirmation page
  10. Confirm our trust in the GateOne page
  11. Gain clear authenticated access to GateOne
  12. Use GateOne's identity manager to create an SSH key pair.
  13. Ensure SSH is intalled and that a .ssh directory exists with correct permissions
  14. Add the public key to tour authorized keys file
  15. Open an SSH session with the server, authenticate with SSH keys instead of UID/PWD

An overview of all the steps is available here:

Author at
Location: Cornwall, ON, Canada

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)