Grokbase Groups Google salt-users July 2014
FAQ
Hi

I am trying to use salt to have the minion open a reverse ssh tunnel to my
master on demand.

I am not sure if I am having problems with the firewall or the salt command.

if someone could verify i have my command correct then I know I need to
focus on my firewall rules.

my minion name is ajm-brix, trying to open the tunnel over port 22 signing
on as root.
from the master I issue this command

  salt ajm-brix cmd.run "ssh -lt root -p 22 localhost"

--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.

Search Discussions

  • Lorenzo Marschall at Jul 21, 2014 at 8:14 pm
    1. your master is not localhost from the minion's point of view - the ssh
    channel is independent from the zmq bus
    2. remember, anything in salt is non-interactive; e.g. better add -o
    stricthostkeychecking=no, if not, you risk to run into a "are you sure you
    want to continue ... yes/no" question
    3. make sure root has private/public key based access to your master or use
    sshpass to avoid interactive password questions

    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
    For more options, visit https://groups.google.com/d/optout.
  • Al merando at Jul 21, 2014 at 8:15 pm
    Thank you I realized that also but thanks I will try what you have



    From: [email protected] On Behalf Of Lorenzo Marschall
    Sent: Monday, July 21, 2014 4:14 PM
    To: [email protected]
    Subject: [salt-users] Re: setting up reverse tunnel to minion



    1. your master is not localhost from the minion's point of view - the ssh channel is independent from the zmq bus
    2. remember, anything in salt is non-interactive; e.g. better add -o stricthostkeychecking=no, if not, you risk to run into a "are you sure you want to continue ... yes/no" question
    3. make sure root has private/public key based access to your master or use sshpass to avoid interactive password questions

    --
    You received this message because you are subscribed to a topic in the Google Groups "Salt-users" group.
    To unsubscribe from this topic, visit https://groups.google.com/d/topic/salt-users/_u0AlFNi-9E/unsubscribe.
    To unsubscribe from this group and all its topics, send an email to salt-users+[email protected] .
    For more options, visit https://groups.google.com/d/optout.

    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
    For more options, visit https://groups.google.com/d/optout.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupsalt-users @
postedJul 21, '14 at 3:26p
activeJul 21, '14 at 8:15p
posts3
users2

2 users in discussion

Al merando: 2 posts Lorenzo Marschall: 1 post

Content

People

Support

Translate

site design / logo © 2023 Grokbase