Versions Compared

Old Version 6

changes.mady.by.user Eigil Obrestad

Saved on

compared with

New Version 7

changes.mady.by.user Lars Erik Pedersen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
eigilo@access:~$ openstack security group rule create --protocol tcp --ingress --dst-port 22 default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2017-02-02T14:24:22Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| headers           |                                      |
| id                | 619ff756-3903-4543-b953-ba371988dd69 |
| port_range_max    | 22                                   |
| port_range_min    | 22                                   |
| project_id        | 2a4b680765554d728aa2f4d8aadab653     |
| project_id        | 2a4b680765554d728aa2f4d8aadab653     |
| protocol          | tcp                                  |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 1                                    |
| security_group_id | 533a2023-35bb-41e2-adbc-d150d56250f0 |
| updated_at        | 2017-02-02T14:24:22Z                 |
+-------------------+--------------------------------------+
eigilo@access:~$ openstack security group rule create --protocol icmp --ingress  default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2017-02-02T14:24:44Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| headers           |                                      |
| id                | 0ac41487-66ae-49f3-bc1a-13e3c8c57d76 |
| port_range_max    | None                                 |
| port_range_min    | None                                 |
| project_id        | 2a4b680765554d728aa2f4d8aadab653     |
| project_id        | 2a4b680765554d728aa2f4d8aadab653     |
| protocol          | icmp                                 |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 1                                    |
| security_group_id | 533a2023-35bb-41e2-adbc-d150d56250f0 |
| updated_at        | 2017-02-02T14:24:44Z                 |
+-------------------+--------------------------------------+

...

Code Block
eigilo@access:~$ ssh debian@172.16.1.61 -i .ssh/id_rsa
The authenticity of host '172.16.1.61 (172.16.1.61)' can't be established.
ECDSA key fingerprint is SHA256:PIR85mFU0TiOZ0mXHz1ExMvds1D1YO1eF+/TTniAYfo.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.1.61' (ECDSA) to the list of known hosts.
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
debian@mysecondserver:~$

 

If you've created a Windows virtual machine, you obviously can't log into it through SSH. You need to access it through RDP. The steps for creating a Windows virtual machine are exactly the same as for every *nix image in the cloud - including the keypair part. To log in, you will need to add a security group that allows incoming RDP on the standard TCP port 3389 to your machine.

Code Block
larsep@access:~$ openstack security group rule create --protocol tcp --ingress --dst-port 3389 default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2017-08-10T07:12:43Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| headers           |                                      |
| id                | 01a192a8-b0b6-4944-8561-251f0f9e03ca |
| port_range_max    | 3389                                 |
| port_range_min    | 3389                                 |
| project_id        | e150a84ec8684a79a7ccd175138ad477     |
| project_id        | e150a84ec8684a79a7ccd175138ad477     |
| protocol          | tcp                                  |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 1                                    |
| security_group_id | 68c22b5c-eda0-4f1a-a59d-fa4feac1c0e2 |
| updated_at        | 2017-08-10T07:12:43Z                 |
+-------------------+--------------------------------------+

Our Windows images will disable the default Administrator user, and create a new user called "Admin." The password is randomly generated at boot, and will be encrypted with the public key provided at server creation time. To fetch the password, run the following command:

Code Block
larsep@access:~$ nova get-password win2016 .ssh/id_rsa
<your password for the Admin user>

You should now have everything you need to access the Windows machine through RDP. To achive this, you need to create an SSH tunnel via the skyhigh.hig.no jumphost. Example from a linux client (PuTTy would be different...):

Code Block
larserik@sarah:~$ ssh -f -L 13389:<windows floating ip>:3389 <username>@skyhigh.hig.no -N

This will forward localhost:13389 to <windows floating ip>:3389 , and you will be able to connect to your Windows virtual machine via localhost:13389 via your favourite RDP client.