Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Description

The following instructions describe setting up a secure tunnel via SSH to the internal UCONN database's. There are multiple connection methods described below. Please follow the method best suited for your operating system and configuration. 

 

MAC OS X ("Mountain" Lion 10.8 or Higher)

Configure SSH Access:

 

Terminal Method:

  • (one time, make sure that ssh_config is configured for kerberos)
  • Get a kerberos ticket by either using the terminal  or the ticket viewer GUI
  • If you want to connect to pre-production databases (DEV, TST, SUP) type:
    • ssh -fNL 1521:dbserver02.uits.uconn.edu:1521 <yournetid>@gateway.uits.uconn.edu
  • or if you want to connect to production databases (PRD, UAT) type:
    • ssh -fNL 1521:dbserver01.uits.uconn.edu:1521 <yournetid>@gateway.uits.uconn.edu

Enable kerberos ssh

  • Open terminal:
  • Either:
    • sudo vi /etc/ssh_config
      or
    • sudo nano /etc/ssh_config
  • make the line that looks like this:
    • # GSSAPIAuthentication no
      looks like this:
    • GSSAPIAuthentication yes
  • then save the file.

Getting a Kerberos Ticket through the ticket viewer

  • open the ticket viewer gui:
    • it may be located in 
      • /System/Library/CoreServices
        or
      • Applications/Utilities/
  • click the 'Add Identity' button
  • In the menue that appears fill out:
    • Identity: <your netid>@UCONN.EDU
    • Password: <your netid password>

Getting a Kerberos Ticket through the terminal

  • Open a terminal
  • type:
    • kinit <your netid>@UCONN.EDU
  • type your password and hit enter

 

Windows

Network Identity Manager / Putty Method:

  • Download and install Putty from Centrify website.http://www.centrify.com/resources/putty.asp
  • Download and install the latest MIT kerberos.
  • Configure user account in Kerberos and create a ticket.
  • Follow the instructions on the Centrify help document to configure Putty - Document is part of the downlaod package.
  • Start the Putty session from Start up -> Centrify -> Putty
  • type 'gateway.uits.uconn.edu' into the hostname field
  • select the Connection -> SSH -> Kerberos from the categories on the left hand side and enable "Attempt Kerberos Auth"
  • Enter <netid>@UCONN.EDU Service Principal Name section.
  • Under Auto-Login, select third radio - User name portion of user principal name
  • <SET UP THE TUNNEL>
  • Select the Sessions category from the left hand side
  • Type a meaningful name such as 'gateway server' into the saved sessions text field
  • click the save button

SSH shared keys / Putty Method:

http://www.howtoforge.com/ssh_key_based_logins_putty

 

  • Download Putty: http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe and save it to somewhere where you can access it
  • Download PuttyGen: http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe and save it to somewhere you can access it
  • Run PuttyGen.exe
  • click the 'Generate' button
  • move the mouse around in the window until the progress bar is complete (puttygen uses this to make the key random, this isn't a joke)
  • click the 'Save public key' button, and ignore the warning about the keyphrase (what do we click to ignore it?) save the file somewhere handy, name it 'public'
  • click the 'Save private key' button, save the file in the same location as the private key, name it 'private'
  • Send an email to Mitch and Jim with the subject 'putty public key' and attach the 'public' file that we saved two steps prior
  • close 'PuttyGen.exe'
  • open 'Putty.exe'
  • type 'gateway.uits.uconn.edu' into the hostname field
  • select the SSH -> Data from the categories on the left hand side 
  • type your netid (is this true for the gateway server?) into the 'Auto login user' field
  • select SSH -> Auth from the categories on the left hand side
  • click the 'Browse' button to the right of the 'Private key file for authentication' field
  • Select the file named private that was saved in one of the previous steps
  • <SET UP THE TUNNEL>
  • Select the Sessions category from the left hand side
  • Type a meaningful name such as 'gateway server' into the saved sessions text field
  • click the save button

 

<SET UP THE TUNNEL> Putty

  • in putty select tunnel from the category list from the left hand side "Connection -> SSH -> Tunnels"
  • In source port type 1521
  • in Destination type:
    • dbserver02.uits.uconn.edu:1521      (For non-production)
    • dbserver01.uits.uconn.edu:1521      (For production)
  • click the 'add' button

 

Usernames and passwords

 

For usernames and passwords please contact james.gedarovich@uconn.edu

 

Environment Connection Parameters

envparams

UAT_KFS,

UAT_KR

Server: dbserver02.uits.uconn.edu:1521

SID: kfs40cf

DEV_,

DEV_

 
  
  
  
  • No labels