Project

General

Profile

Actions
Copy link

Support #40185

closed

Sepia Lab Access Request

Added by Gal Salomon almost 5 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
David Galloway
Category:
User access
Target version:
-
% Done:

0%

Tags:
Reviewed:
Affected Versions:

Description

hello i'm new employee (under Matt.benjamin) need to have the ability to run CI

1) Do you just need VPN access or will you also be running teuthology jobs? need to run teuthology jobs

2) Desired Username: gsalomon

3) Alternate e-mail address(es) we can reach you at:

4) If you don't already have an established history of code contributions to Ceph, is there an existing community or core developer you've worked with who has reviewed your work and can vouch for your access request? No

If you answered "No" to # 4, please answer the following (paste directly below the question to keep indentation):

4a) Paste a link to a Blueprint or planning doc of yours that was reviewed at a Ceph Developer Monthly.

4b) Paste a link to an accepted pull request for a major patch or feature.

4c) If applicable, include a link to the current project (planning doc, dev branch, or pull request) that you are looking to test.

5) Paste your SSH public key(s) between the pre tags

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC0h+TpaUkm2V6Hbf7aPCTys/nsm51CmY9s+bdwEXAiSAWpq/7Xi2LlN0mZgsrAYBHbr5L+Pz8x0YdigvWysUK6U9XRSPM28cbWmh8F25re9HEk8ARESkMZKTv/hKFs1v7kTHbT9hNNynbQGQOqEaazjr0shcli+Byvop27riX3QDDSsd5xfCjjyDz9fiA9YESlF0kbXyFUKPsoaBhRv9FUhtH6DxlygxtxTsKyKgeoiKw2sCfeUMckcJKnGCMtkXW4U8h7NL/fPZFyBaMDRi/TtoBKaVGLaWqF7RuukfjoMCwhuIDmuTG3WhanH4HJrfNenPZkpZUBhzWwZcleao8SD3mXXfZ9gcZb8QB2ymEtTqrAEyDoNWO4q8ljNP3WJXIgF0h0Sjmx/CV/i0ArEYlBMwBD7DFVnPJqCqSyypuQdDGsDNQZxaRCiYg7nIslFOpDr+0PLp78m+CHyYbSFLTvVVJoJ1k0YhMnDPHM29nt7fMGx6Qrigwnuk0yKg1bfgJ/t0TOqEw0bqGKIvHnyoP/n0ObazEsiPl5pRr2ehs/Rqf35Iwhc1i02Hhz/3Sqwc1eAgqm4/OVghxqUJGpRocua5Gf/vO32wwoyGxh2sl7y6K2pNDA3glhKYbZeIh1fjnaTjikgleqIQkCBxbTeAE7n5+T6TcFtnII6RSxYv3tQ== gal.salomon@gmail.com

6) Paste your hashed VPN credentials between the pre tags (Format: user@hostname 22CharacterSalt 65CharacterHashedPassword)

gsalomon@dhcp-4-193.tlv.redhat.com BHjZDt6aUT8F30IE7pho4g 96be029f3d83ea4ae04f561e1dc7b36488c7723f15cc87605674ae88a4427775

Actions
Copy link
 #1

Updated by David Galloway almost 5 years ago

  • Category set to User access
  • Status changed from New to 4
  • Assignee set to David Galloway

Hi Gal,

You should have access to the Sepia lab now. Please verify you're able to connect to the vpn and ssh gsalomon@teuthology.front.sepia.ceph.com using the private key matching the pubkey you provided.

Be sure to check out the following links for final workstation setup steps:
https://wiki.sepia.ceph.com/doku.php?id=vpnaccess#vpn_client_access
https://wiki.sepia.ceph.com/doku.php?id=testnodeaccess#ssh_config

Most developers choose to schedule runs from the shared teuthology VM. For information on that, see http://docs.ceph.com/teuthology/docs/intro_testers.html

Thanks.

Actions
Copy link
 #2

Updated by Gal Salomon almost 5 years ago

hi David

something is missing .. authentication is failing
log bellow 

Tue Jun 11 14:43:58 2019 us=201948 Current Parameter Settings:
Tue Jun 11 14:43:58 2019 us=201991 config = '/etc/openvpn/sepia.conf'
Tue Jun 11 14:43:58 2019 us=202005 mode = 0
Tue Jun 11 14:43:58 2019 us=202017 persist_config = DISABLED
Tue Jun 11 14:43:58 2019 us=202024 persist_mode = 1
Tue Jun 11 14:43:58 2019 us=202031 show_ciphers = DISABLED
Tue Jun 11 14:43:58 2019 us=202038 show_digests = DISABLED
Tue Jun 11 14:43:58 2019 us=202044 show_engines = DISABLED
Tue Jun 11 14:43:58 2019 us=202048 genkey = DISABLED
Tue Jun 11 14:43:58 2019 us=202053 key_pass_file = '[UNDEF]'
Tue Jun 11 14:43:58 2019 us=202057 NOTE: --mute triggered...
Tue Jun 11 14:43:58 2019 us=202070 273 variation(s) on previous 10 message(s) suppressed by --mute
Tue Jun 11 14:43:58 2019 us=202078 OpenVPN 2.4.7 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Tue Jun 11 14:43:58 2019 us=202093 library versions: OpenSSL 1.1.1b FIPS 26 Feb 2019, LZO 2.08
Tue Jun 11 14:43:58 2019 us=202527 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 11 14:43:58 2019 us=202540 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 11 14:43:58 2019 us=202549 LZO compression initializing
Tue Jun 11 14:43:58 2019 us=202616 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Tue Jun 11 14:43:58 2019 us=204096 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Tue Jun 11 14:43:58 2019 us=204127 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue Jun 11 14:43:58 2019 us=204135 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue Jun 11 14:43:58 2019 us=204744 TCP/UDP: Preserving recently used remote address: [AF_INET]8.43.84.129:1194
Tue Jun 11 14:43:58 2019 us=204770 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Jun 11 14:43:58 2019 us=204777 UDP link local: (not bound)
Tue Jun 11 14:43:58 2019 us=204783 UDP link remote: [AF_INET]8.43.84.129:1194
Tue Jun 11 14:43:58 2019 us=204788 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
WRTue Jun 11 14:43:58 2019 us=348379 TLS: Initial packet from [AF_INET]8.43.84.129:1194, sid=15fca929 d0529119
WTue Jun 11 14:43:58 2019 us=348719 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
WRTue Jun 11 14:43:58 2019 us=497733 VERIFY OK: depth=1, O=Redhat, CN=openvpnca-sepia
Tue Jun 11 14:43:58 2019 us=498438 VERIFY KU OK
Tue Jun 11 14:43:58 2019 us=498491 Validating certificate extended key usage
Tue Jun 11 14:43:58 2019 us=498514 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jun 11 14:43:58 2019 us=498532 VERIFY EKU OK
Tue Jun 11 14:43:58 2019 us=498555 VERIFY OK: depth=0, O=Redhat, CN=openvpn-sepia
WRWRWRWTue Jun 11 14:43:59 2019 us=825310 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2432 bit RSA
Tue Jun 11 14:43:59 2019 us=825425 [openvpn-sepia] Peer Connection Initiated with [AF_INET]8.43.84.129:1194
Tue Jun 11 14:44:01 2019 us=6598 SENT CONTROL [openvpn-sepia]: 'PUSH_REQUEST' (status=1)
WRR*Tue Jun 11 14:44:01 2019 us=149230 AUTH: Received control message: AUTH_FAILED
*Tue Jun 11 14:44:01 2019 us=149332 TCP/UDP: Closing socket
Tue Jun 11 14:44:01 2019 us=149355 SIGTERM[soft,auth-failure] received, process exiting

Actions
Copy link
 #3

Updated by David Galloway almost 5 years ago

Please ping me on IRC (nick dgalloway) so we can work through this together.

Actions
Copy link
 #4

Updated by David Galloway almost 5 years ago

  • Status changed from 4 to Resolved
Actions
Copy link

Also available in: Atom PDF