0

I'm not planning to use the SSH connection outside of the Jelastic platform and Direct Access to the Container solution isn't covered my case.

Just I need directly connecting between my environments without using any additional gateways. In the Jelastic docs I cannot find any information about my case. Is it possible?

abrasco83
  • 27
  • 5

2 Answers2

1

There are some details about this case here: http://kb.layershift.com/ssh-jelastic-nodes

In summary, you can establish an SSH connection between Jelastic nodes via the SSH gateway, but if you want to establish a direct SSH connection it needs firewall adjustments (to open SSH access from different sources) and of course the appropriate SSH key added to authorized_keys file.

Due to the managed nature of Jelastic nodes, this needs assistance from your hosting provider - so please contact your hosting provider's support to get it configured.

Damien - Layershift
  • 1,508
  • 8
  • 15
1

Yes it is possible. You should use the SSH Access to a Jelastic Account once for configuring SSH connections between your containers.

Let's configure your containers (I show you how to configure one connection, and you can use this instruction for other by analogy):

  1. Enter into the container 1 using SSH Access.
  2. Generate SSH Key: apache@node51989-env-6759653 ~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/var/www/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /var/www/.ssh/id_rsa. Your public key has been saved in /var/www/.ssh/id_rsa.pub.

  3. Copy content from ~/.ssh/id_rsa.pub file. apache@node51989-env-6759653 ~ $ cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVNYjvkfj6mhjyhbkiNisDFxksG7IoAMkUYNpuqMz4afutNLcnZwkjAar3WZ/2892CR9Y3PiUUDLJKEg1OavZYpc63Fw6qGSQBFdn/r1n7mkZMIF1k0JUdFleKxhUyoxoc4jsSgIu2zr2738K2Mkx9C6oAK3DyGmezXe+g6J/kg0LHA9bqYPfLeRriC6N3e4FYBqHwBD5Fv7yu/RO9K6GzUP9PAhjNxlTrR6XYLdB37wmICZujlLM2VdADQrAHYbXIx3qswJIDrMygJ9VDs42YEiXP1YKTftqtueXbLHPMl0tb0EwCDCSQtCa0o9eHd3K4sJ3aIvW3Fm0oahP8SlJr apache@node51989-env-6759653.jelastic

  4. Enter into container 2 using Jelastic SSH Gate Access.

  5. Paste copied public key from container 1 into the ~/.ssh/authorized_keys file in container 2. nginx@node51990-env-9925621 ~ $ echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVNYjvkfj6mhjyhbkiNisDFxksG7IoAMkUYNpuqMz4afutNLcnZwkjAar3WZ/2892CR9Y3PiUUDLJKEg1OavZYpc63Fw6qGSQBFdn/r1n7mkZMIF1k0JUdFleKxhUyoxoc4jsSgIu2zr2738K2Mkx9C6oAK3DyGmezXe+g6J/kg0LHA9bqYPfLeRriC6N3e4FYBqHwBD5Fv7yu/RO9K6GzUP9PAhjNxlTrR6XYLdB37wmICZujlLM2VdADQrAHYbXIx3qswJIDrMygJ9VDs42YEiXP1YKTftqtueXbLHPMl0tb0EwCDCSQtCa0o9eHd3K4sJ3aIvW3Fm0oahP8SlJr apache@node51989-env-6759653.jelastic' >> ~/.ssh/authorized_keys

  6. Allow SSH connection from container 2 by editing /etc/sysconfig/iptables-custom file in the container 1. (Custom Firewall Rules for Containers).

*filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -I INPUT -s <internal ip> -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT COMMIT

  1. Restart firewall into the 2nd container. nginx@node51990-env-9925621 ~ $ sudo /usr/bin/jem firewall fwstart

  2. Establis direct SSH connection. ssh jelastic@<internal ip>

  3. Enjoy.

Aless
  • 289
  • 1
  • 9