[Server-devel] Separate Squid and XS boxes

Tony Pearson tpearson at us.ibm.com
Sun Feb 17 13:12:16 EST 2008 

Wad,
thanks for the help.  I should have realized the subnets overlapped! Here 
is what I got working:

Red zone:
(ISP) 192.168.0.1 ---------------------- 192.168.0.10 (Windows XP)
(ISP)192.168.0.1---------------------- 192.168.0.29 eth0 (squid)

Yellow zone: (I just used a cross over cable between the two boxes)
(squid) 10.0.0.1 -------------------------10.0.0.77 (schoolserver)

Green zone:
(schoolserver) 17.x.x.x --------------- XO laptop

To get SSH to work from my Windows XP over to the XS (schoolserver) 
involves:

Step 1: On Windows, create public/private keys
ssh-keygen -t dsa  ==>   .ssh/id_win.pub

Step 2:  On Squid, copy windows public key
cat id_win.pub >> /root/.ssh/authorized_keys

Step 3: On Squid, generate a second set of public/private keys
ssh-keyget -t dsa ==>  .ssh/id_squid.pub

Step 4: On XS, copy squid public key
cat id_squid.pub >> /root/.ssh/authorized_keys

Step 5: restart sshd on both Squid and XS machines to pick up these 
changes

Step 6: From Windows, SSH over to Squid, then from within Squid SSH over 
to XS.  Here is what
it looks like:

C:\Documents and Settings\Anthony>ssh -l root 192.168.0.29
Enter passphrase for key '/home/Anthony/.ssh/id_dsa':
Last login: Sun Feb 17 10:57:41 2008 from 192.168.0.10

Welcome to an OLPC Schoolserver
[root at squid ~]# ssh -l root 10.0.0.77
Enter passphrase for key '/root/.ssh/id_dsa':
Last login: Sun Feb 17 11:06:51 2008 from 10.0.0.1

Welcome to an OLPC Schoolserver
[root at schoolserver ~]#

Ok, so now I have "root at squid" and "root at schoolserver" to distinguish the 
two.






Tony Pearson
Senior Storage Consultant, IBM System Storage?
Telephone: +1 520-799-4309 |  tie 321-4309 |  Cell: +1 520 990-8669
email: tpearson at us.ibm.com |  GSA: http://tucgsa.ibm.com/~tpearson
Blog: http://www.ibm.com/developerworks/blogs/page/InsideSystemStorage 
AKA: 990tony Paravane, eightbar specialist 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20080217/53ad9f93/attachment.htm

More information about the Server-devel mailing list