Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Description

The following instructions describe setting up a secure tunnel via SSH to the internal UCONN database's. There are multiple connection methods described below. Please follow the method best suited for your operating system and configuration. 

 

MAC OS X ("Mountain" Lion 10.8 or Higher)

Configure SSH Access:

Please follow these instructions to configure Mac OS X to work properly with UCONN's SSH requirements.

 

Acquire Kerberos Ticket:

Getting a Kerberos Ticket using Ticket Viewer app

Ticket Viewer is a Kerberos GUI application included in OS X. It can be found under /System/Library/CoreServices and a shortcut can be created to it (desktop or taskbar)

Once ticket viewer is open, choose Add Identity and enter your <netid>@UCONN.EDU and then your password to save the "ticket" into ticket viewer. Tickets can then be created/destroyed using the "arrow" and "X" icons under the identity name.

Getting a Kerberos Ticket through the Terminal

Terminal is the basic command line application that comes with OS X. To create a Kerberos ticket using Terminal open a session.

  • Enter the command kinit <netid>@UCONN.EDU
  • Enter your password when prompted
  • Enter the command klist to verify your ticket was created successfully, similar to the below screen

 

Creating the Database Tunnel:


Terminal Method:

Application Method:

There are various GUI applications for creating SSH tunnels on OS X.  SSH TUNNEL MANAGER and FUGU SSH are both supported.

SSH Tunnel Manager

FUGU SSH

 

 

Network Identity Manager / Putty Method:

  • Download and install Putty from Centrify website.http://www.centrify.com/resources/putty.asp
  • Download and install the latest MIT kerberos.
  • Configure user account in Kerberos and create a ticket.
  • Follow the instructions on the Centrify help document to configure Putty - Document is part of the downlaod package.
  • Start the Putty session from Start up -> Centrify -> Putty
  • type 'gateway.uits.uconn.edu' into the hostname field
  • select the Connection -> SSH -> Kerberos from the categories on the left hand side and enable "Attempt Kerberos Auth"
  • Enter <netid>@UCONN.EDU Service Principal Name section.
  • Under Auto-Login, select third radio - User name portion of user principal name
  • <SET UP THE TUNNEL>
  • Select the Sessions category from the left hand side
  • Type a meaningful name such as 'gateway server' into the saved sessions text field
  • click the save button

SSH shared keys / Putty Method:

http://www.howtoforge.com/ssh_key_based_logins_putty

 

  • Download Putty: http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe and save it to somewhere where you can access it
  • Download PuttyGen: http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe and save it to somewhere you can access it
  • Run PuttyGen.exe
  • click the 'Generate' button
  • move the mouse around in the window until the progress bar is complete (puttygen uses this to make the key random, this isn't a joke)
  • click the 'Save public key' button, and ignore the warning about the keyphrase (what do we click to ignore it?) save the file somewhere handy, name it 'public'
  • click the 'Save private key' button, save the file in the same location as the private key, name it 'private'
  • Send an email to Mitch and Jim with the subject 'putty public key' and attach the 'public' file that we saved two steps prior
  • close 'PuttyGen.exe'
  • open 'Putty.exe'
  • type 'gateway.uits.uconn.edu' into the hostname field
  • select the SSH -> Data from the categories on the left hand side 
  • type your netid (is this true for the gateway server?) into the 'Auto login user' field
  • select SSH -> Auth from the categories on the left hand side
  • click the 'Browse' button to the right of the 'Private key file for authentication' field
  • Select the file named private that was saved in one of the previous steps
  • <SET UP THE TUNNEL>
  • Select the Sessions category from the left hand side
  • Type a meaningful name such as 'gateway server' into the saved sessions text field
  • click the save button

 

<SET UP THE TUNNEL> Putty

  • in putty select tunnel from the category list from the left hand side "Connection -> SSH -> Tunnels"
  • In source port type 1521
  • in Destination type:
    • dbserver02.uits.uconn.edu:1521      (For non-production)
    • dbserver01.uits.uconn.edu:1521      (For production)
  • click the 'add' button

 

Usernames and passwords

 

For usernames and passwords please contact james.gedarovich@uconn.edu

 

Environment Connection Parameters

envparams

UAT_KFS,

UAT_KR

Server: dbserver02.uits.uconn.edu:1521

SID: kfs40cf

DEV_,

DEV_

 
  
  
  
  • No labels