Page MenuHomePhabricator

Add Aezell to phlogiston VPS
Closed, ResolvedPublic


Please add my user "Aezell" as a member of the "phlogiston" VPS so that I can add a report for the Anti-Harassment Tools team.

Event Timeline

aezell created this task.Sep 17 2018, 1:04 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 17 2018, 1:04 PM

Can you say more about what kind of report? Phlogiston can be complicated to work with; would you like to meet with me or @MBinder_WMF to discuss what you need and set it up together?

JAufrecht reassigned this task from JAufrecht to aezell.Sep 25 2018, 6:41 PM
JAufrecht added a subscriber: JAufrecht.

Sure. I am modeling the report on the work that @MBinder_WMF did for the CommTech team. I just took the changes he made for that team and changed the IDs to point to a different set of Phab items. I'm hoping it's effectively the same but pointed to different IDs because they are a different team. It seems simpler because the AHT team's work crosses over a lot fewer projects than does CommTech.

I can't really know if my criteria are all correct without running it on the development server. I understood that to do that, I needed this permission.

Access is granted. Please let me know if you get stuck on gaps in the documentation.

Thanks! I did have one idea for some additional documentation. Once I get my report working, I'll try to write it up and see if it's helpful.

Does your access work? If so, could you please close this task?

aezell closed this task as Resolved.Sep 27 2018, 6:10 PM

It does work. Thanks for doing that.

aezell reopened this task as Open.EditedSep 27 2018, 7:36 PM

I spoke too soon.

I'm getting Permission denied (publickey). when connecting from the bastion:

aezell@tools-bastion-03:~$ ssh aezell@phlogiston-2.eqiad.wmflabs
Permission denied (publickey).

I was doing two things at once and looked at the wrong terminal session which was correctly connected elsewhere.

  1. Try phlogiston-2.phlogiston.eqiad.wmflabs (because that's what's shown on, although the phlogiston-2.eqiad.wmflabs version works for me)
  1. I just changed you to projectadmin, matching the existing users. That's the only difference I can see in configuration. Try again now that the new role's been added?
  1. Is it possible that your username on a Cloud VPS server is not your local shell username? Maybe that's aliased for some but not all destinations?

Number 1 gives the same response.

Number 2 doesn't appear to make a difference.

I logged into toolsadmin and looked at the settings there. It gives my username as "aezell" for "Unix shell username" on my Wikimedia developer account and has the correct ssh key set up.

I just realized that I never put my public key anywhere on the bastion itself. Maybe I need to do that or forward the key when I connect to the bastion? I don't know a ton about how keys work in bastion scenarios. I can read the docs somewhere I guess.

You can connect to other Cloud VPSes through the bastion?

Can you connect to the bastion? You should be able to.

@bd808 is my starting point for fixing cloud ssh issues.

meanwhile I could kick off the report for you on dev so you don't have to wait for a resolution to access.

I can definitely connect to the bastion. I'm on there now and that's where I was sshing from to get to the phlogiston server.

I'll see if I can connect to any VPS servers. It certainly might be something I've got misconfigured with SSH.

The new scope/recategorization is in master. The prefix is "aht." Thanks for kicking it off. We'll see if I did it correctly.

aezell closed this task as Resolved.Sep 27 2018, 9:34 PM
aezell added a subscriber: MaxSem.

I got my ssh config fixed up with the help of @MaxSem and it works now!

Thanks @JAufrecht for all the help. I'm connected to the VPS server now.