Changes between Version 11 and Version 12 of GENIRacksHome/InstageniRacks/ConfirmationTestStatus/UWisconsin


Ignore:
Timestamp:
10/24/13 14:05:28 (7 years ago)
Author:
lnevers@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIRacksHome/InstageniRacks/ConfirmationTestStatus/UWisconsin

    v11 v12  
    11661166Also access the boss node:
    11671167{{{
    1168 LNM:~$ ssh boss.instageni.wisconsin.edu
    1169 
    1170 sudo whoami
     1168LNM:~$ ssh boss.instageni.wisc.edu
     1169Last login: Thu Oct 24 12:07:20 2013 from dhcp89-073-116.bbn.com
     1170FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
     1171
     1172Welcome to FreeBSD!
     1173
     1174"man security" gives very good advice on how to tune the security of your
     1175FreeBSD system.
     1176> bash
     1177[lnevers@boss ~]$ sudo whoami
     1178root
     1179[lnevers@boss ~]$ uname -a
     1180FreeBSD boss.instageni.wisc.edu 9.0-STABLE FreeBSD 9.0-STABLE #0: Tue Apr 30 14:24:36 MDT 2013     root@n1.one-freebsd.testbed.emulab.net:/usr/obj/mnt/src/sys/TESTBED-XEN  i386
     1181[lnevers@boss ~]$
     1182
    11711183}}}
    11721184
     
    11741186{{{
    11751187[lnevers@boss ~]$ for i in pc1 pc2 pc3; do ssh $i "echo -n '===> Host: ';hostname;sudo whoami;uname -a;echo"; done
     1188Warning: Permanently added 'pc1.instageni.wisc.edu' (RSA) to the list of known hosts.
     1189===> Host: vhost1.shared-nodes.emulab-ops.instageni.wisc.edu
     1190root
     1191Linux vhost1.shared-nodes.emulab-ops.instageni.wisc.edu 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
     1192
     1193Warning: Permanently added 'pc2.instageni.wisc.edu' (RSA) to the list of known hosts.
     1194===> Host: vhost2.shared-nodes.emulab-ops.instageni.wisc.edu
     1195root
     1196Linux vhost2.shared-nodes.emulab-ops.instageni.wisc.edu 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
     1197
     1198Warning: Permanently added 'pc3.instageni.wisc.edu' (RSA) to the list of known hosts.
     1199===> Host: vhost3.shared-nodes.emulab-ops.instageni.wisc.edu
     1200root
     1201Linux vhost3.shared-nodes.emulab-ops.instageni.wisc.edu 3.2.46 #1 SMP Wed Jun 5 15:53:18 MDT 2013 x86_64 x86_64 x86_64 GNU/Linux
     1202
     1203[lnevers@boss ~]$
     1204
    11761205
    11771206}}}
     
    11921221Further verified access by ssh from ops.instageni.gpolab.bbn.com to boss.instageni.gpolab.bbn.com, which is usually restricted for non-admin users:
    11931222{{{
    1194 LNM:~$ ssh ops.wisconsin.edu
     1223LNM:~$ ssh ops.instageni.wisc.edu
     1224Last login: Thu Oct 24 12:07:28 2013 from dhcp89-073-116.bbn.com
     1225FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
     1226
     1227Welcome to FreeBSD!
     1228
     1229Handy bash(1) prompt:  PS1="\u@\h \w \!$ "
     1230                -- David Scheidt <dscheidt@tumbolia.com>
     1231> bash
     1232[lnevers@ops ~]$ sudo whoami
     1233root
     1234[lnevers@ops ~]$ uname -a
     1235FreeBSD ops.instageni.wisc.edu 9.0-STABLE FreeBSD 9.0-STABLE #0: Tue Apr 30 14:24:36 MDT 2013     root@n1.one-freebsd.testbed.emulab.net:/usr/obj/mnt/src/sys/TESTBED-XEN  i386
     1236[lnevers@ops ~]$ ssh boss
     1237The authenticity of host 'boss.instageni.wisc.edu (128.104.159.4)' can't be established.
     1238ECDSA key fingerprint is bd:05:23:a7:5b:cc:78:c8:8c:a8:d3:e9:f7:27:53:cb.
     1239Are you sure you want to continue connecting (yes/no)? yes
     1240Warning: Permanently added 'boss.instageni.wisc.edu' (ECDSA) to the list of known hosts.
     1241Last login: Thu Oct 24 12:54:47 2013 from dhcp89-073-116.bbn.com
     1242FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
     1243
     1244Welcome to FreeBSD!
     1245
     1246To see the 10 largest files on a directory or partition, use
     1247
     1248        du /partition_or_directory_name | sort -rn | head
     1249                -- Dru <genesis@istar.ca>
     1250> bash
     1251[lnevers@boss ~]$
    11951252
    11961253}}}
     
    12001257XXXXXXXXX
    12011258[lnevers@boss ~]$ telnet procurve1
    1202 
    1203 
     1259Trying 10.1.1.253...
     1260Connected to procurve1.
     1261Escape character is '^]'.
     1262
     1263HP J9623A E2620-24 Switch
     1264Software revision RA.15.08.0009
     1265
     1266Copyright (C) 1991-2012 Hewlett-Packard Development Company, L.P.
     1267
     1268                   RESTRICTED RIGHTS LEGEND
     1269 Confidential computer software.  Valid license from HP required for possession,
     1270 use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
     1271 Software, Computer Software Documentation, and Technical Data for Commercial
     1272 Items are licensed to the U.S. Government under vendor's standard commercial
     1273 license.
     1274                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
     1275                   20555 State Highway 249, Houston, TX 77070
     1276
     1277We'd like to keep you up to date about:
     1278  * Software feature updates
     1279  * New product announcements
     1280  * Special events
     1281Please register your products now at:  www.hp.com/networking/register
     1282
     1283Username: manager
     1284Password:
     1285
     1286HP-E2620-24# show version
     1287Image stamp:    /ws/swbuildm/rel_galt_qaoff/code/build/xform(rel_galt_qaoff)
     1288                May  9 2012 15:28:43
     1289                RA.15.08.0009
     1290                474
     1291Boot Image:     Primary
     1292HP-E2620-24# show running-config
     1293
     1294Running configuration:
     1295
     1296; J9623A Configuration Editor; Created on release #RA.15.08.0009
     1297; Ver #02:13.2d:3c
     1298hostname "HP-E2620-24"
     1299max-vlans 50
     1300no stack
     1301no web-management
     1302ip default-gateway 10.1.1.254
     1303snmp-server community "xx" unrestricted
     1304aaa authentication ssh login public-key
     1305aaa authentication ssh enable public-key
     1306vlan 1
     1307   name "DEFAULT_VLAN"
     1308   no untagged 23-24
     1309   untagged 1-22,25-28
     1310   ip address 10.254.254.253 255.255.255.0
     1311   ip igmp
     1312   exit
     1313vlan 10
     1314   name "control-hardware"
     1315   untagged 23
     1316   ip address 10.1.1.253 255.255.255.0
     1317   exit
     1318vlan 11
     1319   name "control-alternate"
     1320   untagged 24
     1321   ip address 10.2.1.253 255.255.255.0
     1322   exit
     1323management-vlan 10
     1324no dhcp config-file-update
     1325password manager
     1326password operator
     1327
     1328HP-E2620-24#
    12041329}}}
    12051330
     
    12081333[lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd
    12091334xxxxxxx
    1210 [lnevers@boss ~]$ ssh manager@procurve2
     1335[lnevers@boss ~]$ telnet procurve2
     1336Trying 10.3.1.253...
     1337Connected to procurve2.
     1338Escape character is '^]'.
     1339
     1340HP J8697A Switch E5406zl
     1341Software revision K.15.06.5008
     1342
     1343Copyright (C) 1991-2012 Hewlett-Packard Development Company, L.P.
     1344
     1345                   RESTRICTED RIGHTS LEGEND
     1346 Confidential computer software.  Valid license from HP required for possession,
     1347 use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
     1348 Software, Computer Software Documentation, and Technical Data for Commercial
     1349 Items are licensed to the U.S. Government under vendor's standard commercial
     1350 license.
     1351                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
     1352                   20555 State Highway 249, Houston, TX 77070
     1353
     1354We'd like to keep you up to date about:
     1355  * Software feature updates
     1356  * New product announcements
     1357  * Special events
     1358Please register your products now at:  www.hp.com/networking/register
     1359
     1360Username: manager
     1361Password:
     1362HP-E5406zl# show version
     1363Image stamp:    /ws/swbuildm/of_bridge_qaoff/code/build/btm(of_bridge_qaoff)
     1364                Feb 18 2012 11:26:28
     1365                K.15.06.5008
     1366                79
     1367Boot Image:     Primary
     1368HP-E5406zl# show running-config
     1369
     1370Running configuration:
     1371
     1372; J8697A Configuration Editor; Created on release #K.15.06.5008
     1373; Ver #02:10.0d:1f
     1374
     1375hostname "HP-E5406zl"
     1376module 1 type J9549A
     1377interface A1
     1378   speed-duplex auto-1000
     1379exit
     1380interface A2
     1381   speed-duplex auto-1000
     1382exit
     1383interface A3
     1384   speed-duplex auto-1000
     1385exit
     1386interface A4
     1387   speed-duplex auto-1000
     1388exit
     1389interface A5
     1390   speed-duplex auto-1000
     1391exit
     1392interface A6
     1393   speed-duplex auto-1000
     1394exit
     1395interface A7
     1396   speed-duplex auto-1000
     1397exit
     1398interface A8
     1399   speed-duplex auto-1000
     1400exit
     1401interface A9
     1402   speed-duplex auto-1000
     1403exit
     1404interface A10
     1405   disable
     1406   speed-duplex auto-1000
     1407exit
     1408interface A19
     1409   speed-duplex auto-1000
     1410exit
     1411ip default-gateway 10.3.1.254
     1412vlan 1
     1413   name "DEFAULT_VLAN"
     1414   forbid A1-A9
     1415   untagged A10-A18,A21-A23
     1416   no untagged A1-A9,A19-A20,A24
     1417   no ip address
     1418   exit
     1419vlan 10
     1420   name "control-hardware"
     1421   untagged A20
     1422   ip address 10.3.1.253 255.255.255.0
     1423   exit
     1424vlan 257
     1425   name "5001"
     1426   untagged A1-A9
     1427   no ip address
     1428   exit
     1429vlan 925
     1430   name "5008"
     1431   tagged A4,A7,A19,A24
     1432   no ip address
     1433   exit
     1434vlan 926
     1435   name "5009"
     1436   tagged A19,A24
     1437   no ip address
     1438   exit
     1439vlan 927
     1440   name "5010"
     1441   tagged A19,A24
     1442   no ip address
     1443   exit
     1444vlan 928
     1445   name "5011"
     1446   tagged A19,A24
     1447   no ip address
     1448   exit
     1449vlan 929
     1450   name "5012"
     1451   tagged A19,A24
     1452   no ip address
     1453   exit
     1454vlan 912
     1455   name "5013"
     1456   tagged A4,A7,A19
     1457   no ip address
     1458   exit
     1459vlan 2497
     1460   name "5018"
     1461   tagged A1,A7,A19
     1462   no ip address
     1463   exit
     1464no web-management
     1465openflow
     1466   vlan 1750
     1467      enable
     1468      controller "tcp:10.3.1.7:6633" fail-secure on
     1469      exit
     1470   vlan 2497
     1471      enable
     1472      controller "tcp:10.3.1.7:6633" fail-secure on
     1473      exit
     1474   exit
     1475snmp-server community "xx" unrestricted
     1476aaa authentication ssh login public-key
     1477aaa authentication ssh enable public-key
     1478management-vlan 10
     1479no autorun
     1480no dhcp config-file-update
     1481no dhcp image-file-update
     1482password xx
     1483password xx
     1484
     1485HP-E5406zl# show vlan 2497
     1486
     1487 Status and Counters - VLAN Information - VLAN 2497
     1488
     1489  VLAN ID : 2497   
     1490  Name : 5018                           
     1491  Status : Port-based
     1492  Voice : No
     1493  Jumbo : No
     1494
     1495  Port Information Mode     Unknown VLAN Status   
     1496  ---------------- -------- ------------ ----------
     1497  A1               Tagged   Learn        Up       
     1498  A7               Tagged   Learn        Up       
     1499  A19              Tagged   Learn        Up       
     1500 
     1501
     1502HP-E5406zl#
    12111503}}}
    12121504