[Server-devel] Trying to access a school server from the outside world

Gonzalo Odiard godiard at sugarlabs.org
Tue Jun 16 11:59:08 EDT 2015


Thanks!

On Tue, Jun 16, 2015 at 12:51 PM, George Hunt <georgejhunt at gmail.com> wrote:

> I thought I had already set you up for using the Amazon passthrough. But
> here are the steps:
>
>
>    1. There is a user at the https://50.17.210.12:943/admin/ port with
>    username:gonzalo and a password I will send separately.
>    2. Sign on there and change your password. You can use this sign on at
>    any time to see if the "sora server" client connection is available at the
>    passthrough.
>    3. Then you will need to create a new user without administrative
>    privileges that will become the server's client connection to the vpn. The
>    generation of the keys for the "sora server" is triggered by accessing
>    https://50.17.210.12:943/ (without admin), and logging on with the
>    credentials you created when you set up the "sora server" user.
>    4. When you make this https:// access, the amazon openvpn application
>    will offer to let you download the openvpn client application.  I have
>    usually "yum installed" openvpn already. Hit refresh, and you will be given
>    a choice to download an unattended access key file.
>    5. Download the "cient.ovpn" file and change it so something similar
>    to the username you created. Place it in the /etc/openvpn/ directory of
>    "sora server"
>
> Sorry I missed your request when it came 3 days ago.
>
>
> On Sat, Jun 13, 2015 at 7:54 PM, Gonzalo Odiard <godiard at sugarlabs.org>
> wrote:
>
>> Could I use your passthrough server to access Sora server?
>> What we should do setup it?
>>
>> Gonzalo
>>
>> On Sat, Jun 13, 2015 at 4:16 PM, George Hunt <georgejhunt at gmail.com>
>> wrote:
>>
>>> Typically a server is behind some sort of NAT device, and some sort of
>>> firewall, and most likely has a variable ip address assigned by the ISP's
>>> dhcpd.  The trick is to have the server initiate an outgoing conversation
>>> to a device on the internet that is always on.  I purchased a micro
>>> instance on amazon cloud for the purpose.
>>>
>>> The amazon instance generates keys for clients which permits passthrough
>>> conversations between any clients. There's two levels of authentication --
>>> 1. need a vpn key to connect to the amazon instance, and 2. need
>>> authentication at the ssh port of the target (preferably a public key in
>>> .ssh/authorized_keys on the target -making dictionary attacks less likely).
>>>
>>> But I'm becoming a fan of teamviewer. You need to install Xorg, and I
>>> usually install XFCE because it's pretty light weight. Up until now, I've
>>> resisted a GUI for servers.
>>>
>>>
>>>
>>> On Sat, Jun 13, 2015 at 2:25 PM, Tim Moody <tim at timmoody.com> wrote:
>>>
>>>> I should also have mentioned that we have started using TeamViewer on
>>>> some of the servers which allows a session on the server without using the
>>>> vpn hub.
>>>>
>>>> _______________________________________________
>>>> Server-devel mailing list
>>>> Server-devel at lists.laptop.org
>>>> http://lists.laptop.org/listinfo/server-devel
>>>>
>>>
>>>
>>> _______________________________________________
>>> Server-devel mailing list
>>> Server-devel at lists.laptop.org
>>> http://lists.laptop.org/listinfo/server-devel
>>>
>>>
>>
>>
>> --
>> Gonzalo Odiard
>>
>> SugarLabs - Software for children learning
>>
>
>


-- 
Gonzalo Odiard

SugarLabs - Software for children learning
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/server-devel/attachments/20150616/59d8ca07/attachment.html>


More information about the Server-devel mailing list