<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="�" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig
{mso-style-priority:99;
mso-style-link:"E-mail Signature Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:windowtext;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.E-mailSignatureChar
{mso-style-name:"E-mail Signature Char";
mso-style-priority:99;
mso-style-link:"E-mail Signature";
font-family:"Calibri","sans-serif";
color:black;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Arial","sans-serif";
color:navy;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle25
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle26
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle28
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:240216669;
mso-list-type:hybrid;
mso-list-template-ids:1919213262 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=white lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I wonder if you’d mind helping me out on this.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I’ve followed the instructions on <a
href="http://www.trantor.org/theshire/doku.php/addons:ssh_tunnel">http://www.trantor.org/theshire/doku.php/addons:ssh_tunnel</a>,
but must be missing something somewhere.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I’ve got the following:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>1.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Password-less ssh between the server and the clients (for both
hobbit and root users, to be sure)<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>2.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The ssh-tunnels script copied to the appropriate location,
chmodded to 750:<br>
-rwxr-xr-x 1 root root 5469 Aug 15 09:05 /usr/lib/hobbit/server/ext/ssh-tunnels.sh<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>3.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Added the following to /usr/lib/hobbit/server/etc/hobbitlaunch.cfg:<br>
[ssh-tunnel]<br>
ENVFILE /usr/lib/hobbit/server/etc/hobbitserver.cfg<br>
CMD $BBHOME/ext/ssh-tunnels.sh<br>
LOGFILE $BBSERVERLOGS/ssh-tunnels.log<br>
INTERVAL 1m<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>4.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Appended the following to client entries in bb-hosts (deliberately
trying both ssh_tunnels and ssh_tunnel):<br>
10.2.0.5 servername ssh_tunnels<br>
10.2.0.6 servername ssh_tunnel<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>5.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>On the clients I’ve got this in /etc/default/hobbit-client:<br>
HOBBITSERVERS="127.0.0.1"<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>So the one thing I’m missing is where to set BBDISPLAY to
127.0.0.1 on the client. Is this different from having HOBBITSERVERS="127.0.0.1"
in /etc/default/hobbit-client?<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Restart the hobbit server, but the above don’t seem to be doing
the trick. /var/log/hobbit/ssh-tunnels.log is empty at this stage.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Would appreciate it if you could tell me if I’ve missed out on
something somewhere, or the best way of troubleshooting this. The way I’ve
done it before with the ssh tunnels being established via /etc/rc.local does
not appear work out as well as I thought it would.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks.<br>
<br>
<br>
<o:p></o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Lennon, Padraig
[mailto:Padraig.Lennon@pioneerinvestments.com] <br>
<b>Sent:</b> 14 August 2008 17:05<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>Not sure if this is of any use to you Johan..</span><span
style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>I have a server side script which controls the ssh tunnels to my
windows/*nix clients which are in the DMZ</span><span style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>Basically it requires that you put a tag at the end of the client
name in bb-hosts called ssh-tunnel</span><span style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>Its hardly a work of art but it works ok for us.. If it sees the
connection is down it will warn and continue to retry the connection..</span><span
style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>Hope this helps..</span><span style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>regards</span><span style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
<div>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
</div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>Padraig Lennon</span></strong><span style='color:windowtext'><o:p></o:p></span></p>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>Senior Systems Engineer</span></strong><span
style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>Production Services</span></strong><span style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>Pioneer Global Investments (Dublin)</span></strong><span
style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>5th Floor Georges Quay Plaza, Dublin 2</span></strong><span
style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>ext: 2081</span></strong><span style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><strong><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:windowtext'>Direct dial: 00353 1 480 2081</span></strong><span
style='color:windowtext'><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
</div>
<p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:windowtext'>
<hr size=2 width="100%" align=center>
</span></div>
<p class=MsoNormal style='margin-bottom:12.0pt'><b><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif";color:windowtext'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'>
Johan Booysen [mailto:johan@matrix-data.co.uk] <br>
<b>Sent:</b> 14 August 2008 16:57<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client</span><span
style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I want to be able to monitor 2 hosts in the dmz.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Having <i>su -c "ssh hobbit@hobbitclient -T -n -N -g -x
-R1984:127.0.0.1:1984" hobbit</i> in /etc/rc.local seems to work for the
first host. I added a second line like that for a second host, but it
doesn’t work for the second host unless I execute the command manually –
at which point both dmz hosts report back.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Does anyone know why this is happening and how I can get it to
work?<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Johan Booysen
[mailto:johan@matrix-data.co.uk] <br>
<b>Sent:</b> 14 August 2008 14:02<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>This works for me (RHEL5 machines), if it helps anyone
else. Any comments most welcome:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Create the .ssh folder (on both the hobbit server and the hobbit
client) in /var/lib/hobbit as root, chown it to hobbit:hobbit, and chmod it to
700.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>On the hobbit server, now as the hobbit user:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Generate a private/public keypair with an empty password:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>$ pwd<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> /var/lib/hobbit<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>$ ssh-keygen -t dsa<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Copy the generated public key to the hobbit client:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>$ scp .ssh/id_dsa.pub hobbit@hobbitclient:/var/lib/hobbit<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>On the hobbit client:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Rename the public key:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>$ mv id_dsa.pub authorized_keys<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Copy the authorized_keys file to the user’s .ssh directory. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>$ mv authorized_keys .ssh/<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Check that the authorized_keys file has the following
permissions:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>-rw-r--r-- 1 hobbit hobbit 603 Aug 14 12:16 authorized_keys<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>From the server, log on to the client. You should not be
prompted for a password<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Modify the hobbit server's /etc/rc.local:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> su -c "ssh hobbit@hobbitclient -T -n -N -g -x
-R1984:127.0.0.1:1984" hobbit<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Configure /etc/default/hobbit-client on the hobbit client in the
DMZ to connect to localhost:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> HOBBITSERVERS="127.0.0.1"<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Add the client to /etc/hobbit/bb-hosts on the hobbit server:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> 10.2.0.5 target_machine<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Johan Booysen
[mailto:johan@matrix-data.co.uk] <br>
<b>Sent:</b> 14 August 2008 13:26<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Just to clarify:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I’ve set up ssh keys authentication between the hobbit server
and a client in our DMZ, for the hobbit user.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I can ssh from server to client without entering a password, so
it works.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If I run <i>ssh hobbit@x.x.x.x -T -n -N -g -x
-R1984:127.0.0.1:1984</i> from the commanline on the server, communications
between server and client works.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If I add <i>ssh hobbit@10.2.0.5 -T -n -N -g -x
-R1984:127.0.0.1:1984</i> either to initttab or /etc/rc.local, then the
client stops reporting (after a server reboot).<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Anyone know what I should do?<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Johan Booysen
[mailto:johan@matrix-data.co.uk] <br>
<b>Sent:</b> 14 August 2008 12:49<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Daniel,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Do you just simply add that command to inittab?<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Perumal, Santoshbabu
[mailto:santoshbabu_perumal@platts.com] <br>
<b>Sent:</b> 13 August 2008 19:20<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> RE: [hobbit] need help in monitoring edmz client<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'>HI Daniel</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> Thanks for your steps. Yes my target machine is UNIX
box.</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>from the hobbit server , run
from inittab (<b>I don’t understand run from innittab ..I can run
the below command from command line shell promt right</b>)<br>
<br>
ssh user@taregt_machine -T -n -N -g -x -R1984:127.0.0.1:1984 <o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal>on the target machine, set the hobbit client to connect to
localhost --I have to edit hobbitclient.cfg and change BBDISP value
to 127.0.0.1 right..want to make sure…<o:p></o:p></p>
<p class=MsoNormal> <o:p></o:p></p>
<p class=MsoNormal> <o:p></o:p></p>
<p class=MsoNormal>Also hobbit server has to communicate with target
machines(clients) on port 1984 right.otherwise this step does not work right.<o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'>Thanks</span><o:p></o:p></p>
<div>
<p class=MsoAutoSig><span style='font-family:"Verdana","sans-serif";color:navy'> </span><o:p></o:p></p>
</div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'> </span><o:p></o:p></p>
<div>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:windowtext'>
<hr size=2 width="100%" align=center>
</span></div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Daniel Bourque
[mailto:dbourque@weatherdata.com] <br>
<b>Sent:</b> Wednesday, August 13, 2008 1:52 PM<br>
<b>To:</b> hobbit@hswn.dk<br>
<b>Subject:</b> Re: [hobbit] need help in monitoring edmz client</span><o:p></o:p></p>
</div>
<p class=MsoNormal> <o:p></o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>If the target machine is
unix/linux. The simplest way is to use ssh keys & tunneling.<br>
<br>
from the hobbit server , run from inittab <br>
<br>
ssh user@taregt_machine -T -n -N -g -x -R1984:127.0.0.1:1984<br>
<br>
on the target machine, set the hobbit client to connect to localhost.<o:p></o:p></p>
<pre>Daniel Bourque<o:p></o:p></pre><pre>Sr. Systems Engineer<o:p></o:p></pre><pre>WeatherData Service Inc<o:p></o:p></pre><pre>An Accuweather Company<o:p></o:p></pre>
<p class=MsoNormal><br>
<br>
Perumal, Santoshbabu wrote: <o:p></o:p></p>
<div>
<div>
<p>Hi, <o:p></o:p></p>
<p> <o:p></o:p></p>
<p> We have some servers in edmz.port 1984 is blocked by
firewall.so client cannot able to communicate with hobbit server on port
1984.when I search around I read about msgcache,hobbitfetch utilities but I am
not familiar with that. can anyone please give me the configuration steps that
I need to make on both server side and edmz client site. <o:p></o:p></p>
<p> <o:p></o:p></p>
<p>Thanks in advance <o:p></o:p></p>
<p> <o:p></o:p></p>
<p>Thanks <o:p></o:p></p>
<p>santhosh <o:p></o:p></p>
<p> <o:p></o:p></p>
<p> <o:p></o:p></p>
</div>
</div>
<div>
<p>The information contained in this message is intended only for the
recipient, and may be a confidential attorney-client communication or may
otherwise be privileged and confidential and protected from disclosure. If the
reader of this message is not the intended recipient, or an employee or agent
responsible for delivering this message to the intended recipient, please be
aware that any dissemination or copying of this communication is strictly
prohibited. If you have received this communication in error, please
immediately notify us by replying to the message and deleting it from your
computer. The McGraw-Hill Companies, Inc. reserves the right, subject to
applicable local law, to monitor and review the content of any electronic
message or information sent to or from McGraw-Hill employee e-mail addresses
without informing the sender or recipient of the message. <o:p></o:p></p>
</div>
</div>
<div>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
</div>
<div>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:windowtext'>
<hr size=2 width="100%" align=center>
</span></div>
</div>
<div>
<p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";
color:windowtext'>The information contained in this message is intended only
for the recipient, and may be a confidential attorney-client communication or
may otherwise be privileged and confidential and protected from disclosure. If
the reader of this message is not the intended recipient, or an employee or
agent responsible for delivering this message to the intended recipient, please
be aware that any dissemination or copying of this communication is strictly
prohibited. If you have received this communication in error, please
immediately notify us by replying to the message and deleting it from your
computer. The McGraw-Hill Companies, Inc. reserves the right, subject to
applicable local law, to monitor and review the content of any electronic
message or information sent to or from McGraw-Hill employee e-mail addresses
without informing the sender or recipient of the message.<o:p></o:p></span></p>
</div>
<div>
<div class=MsoNormal align=center style='text-align:center'><span
style='font-size:9.0pt;font-family:"Courier New";color:windowtext'>
<hr size=2 width="100%" align=center>
</span></div>
</div>
</div>
</body>
</html>