[SAC] [OSGeo] #2459: new dedicated VM for demo.mapserver.org

OSGeoTrac · May 11, 2020, 3:37pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+-----------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Keywords:
---------------------------+-----------------------
Hi Regina,

The many mapserver.org services running off of the old adhoc server have
finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used mapserver.org services. Some more notes:
  - this would be similar I guess to pycsw's recent VM (#2452)
  - it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of course
from https://wiki.osgeo.org/wiki/SAC_Service_Status )
  - if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
  - proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since our
'msautotest' scripts will be testing now against old Adhoc MS 7.4.4 for
now)

mercy buckets!

-jeff

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 11, 2020, 3:37pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------
Description changed by Jeff McKenna:

Old description:

Hi Regina,

The many mapserver.org services running off of the old adhoc server have
finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used mapserver.org services. Some more notes:
- this would be similar I guess to pycsw's recent VM (#2452)
- it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of
course from https://wiki.osgeo.org/wiki/SAC_Service_Status )
- if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
- proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since
our 'msautotest' scripts will be testing now against old Adhoc MS 7.4.4
for now)

mercy buckets!

-jeff

New description:

Hi Regina,

The many demo.mapserver.org services running off of the old adhoc server
have finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used mapserver.org services. Some more notes:
  - this would be similar I guess to pycsw's recent VM (#2452)
  - it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of course
from https://wiki.osgeo.org/wiki/SAC_Service_Status )
  - if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
  - proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since our
'msautotest' scripts will be testing now against old Adhoc MS 7.4.4 for
now)

mercy buckets!

-jeff

--

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 11, 2020, 3:38pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------
Description changed by Jeff McKenna:

Old description:

Hi Regina,

The many demo.mapserver.org services running off of the old adhoc server
have finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used mapserver.org services. Some more notes:
- this would be similar I guess to pycsw's recent VM (#2452)
- it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of
course from https://wiki.osgeo.org/wiki/SAC_Service_Status )
- if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
- proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since
our 'msautotest' scripts will be testing now against old Adhoc MS 7.4.4
for now)

mercy buckets!

-jeff

New description:

Hi Regina,

The many demo.mapserver.org services running off of the old adhoc server
have finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used demo.mapserver.org services. Some more
notes:
  - this would be similar I guess to pycsw's recent VM (#2452)
  - it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of course
from https://wiki.osgeo.org/wiki/SAC_Service_Status )
  - if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
  - proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since our
'msautotest' scripts will be testing now against old Adhoc MS 7.4.4 for
now)

mercy buckets!

-jeff

--

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 11, 2020, 3:40pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------
Description changed by Jeff McKenna:

Old description:

Hi Regina,

The many demo.mapserver.org services running off of the old adhoc server
have finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used demo.mapserver.org services. Some more
notes:
- this would be similar I guess to pycsw's recent VM (#2452)
- it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of
course from https://wiki.osgeo.org/wiki/SAC_Service_Status )
- if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
- proposed VM name could be 'mapserver'

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since
our 'msautotest' scripts will be testing now against old Adhoc MS 7.4.4
for now)

mercy buckets!

-jeff

New description:

Hi Regina,

The many demo.mapserver.org services running off of the old adhoc server
have finally out-grown the architecture there. Recent GDAL/PROJ and even
!MapServer demand a more updated compiler (adhoc runs Debian Wheezy and
gcc 4.7.2). I've pushed that old server to its limits, but it's finally
time to upgrade.

I've always been very good to record any changes and maintenance at
https://wiki.osgeo.org/wiki/MapServer_at_AdhocVM

I request on behalf of the !MapServer project for a new dedicated VM to
host all of the heavily used demo.mapserver.org services. Some more
notes:
  - this would be similar I guess to pycsw's recent VM (#2452)
  - it will honestly take me much effort to move all of the services to
this new VM, so I propose that we keep both the adhoc and the new VM up
during, and I will record my progress on a new wiki page (linked of course
from https://wiki.osgeo.org/wiki/SAC_Service_Status )
  - if you ask my preference, I am much friendly to Ubuntu 18.04 , but can
work in any environment that you provide me.
  - proposed VM name could be 'mapserver'
  - my LDAP account is: jmckenna
  - my SSH key is installed on osgeo7

Let me know what you think. And thank you for this.

(marking ticket as 'major' as with the recent MS 7.6.0 release done now,
I'd like to get moving on upgrading all services, and especially since our
'msautotest' scripts will be testing now against old Adhoc MS 7.4.4 for
now)

mercy buckets!

-jeff

--

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 13, 2020, 6:08pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------

Comment (by Jeff McKenna):

Note this is related to ticket #2384 (upgrade old-adhoc from Wheezy).
Please let me know what is the best way to move forward on this.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 14, 2020, 9:30pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------

Comment (by robe):

Sounds like a good plan. Jeff -- I'll set up a debian 10 server, give you
admin rights to it and you can install what you need on it and let me know
if you need me to do anything. I unfortunately don't have a Ubuntu 18.04
with ldap authentication image in place, but I think debian / ubuntu are
much the same as far as installing stuff.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 14, 2020, 10:02pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------

Comment (by Jeff McKenna):

thanks, yes I figured that also, after my many edits here ha.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:6>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 14, 2020, 10:07pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------
Changes (by robe):

* milestone: Unplanned => Sysadmin Contract 2020-I

Comment:

Jeff I set up a dedicated called "mapserver" on osgeo7 and gave you sudo
rights. You can add others as you see fit.

You can log in similar to how you log into old-adhoc, but mapserver as
detailed here
https://wiki.osgeo.org/wiki/SAC_Service_Status#Accessing_osgeo7_containers_via_ssh

The container I set up similar to pycw has the following specs, ability to
log in with OSGeo LDAP

----
Debian 10
Docker 19.03.8
4 GB ram provisioned
200 GB disk (this includes backup space as well so you will see less)
4 CPU
Prometheus Node Exporter (still need to register this so visible on
monitor.osgeo.org)
----

We can see later after metrics have collected and you start using it if
these limits are sufficient. Let me know if you need help installing
anything. I didn't install apache or anything as I wasn't sure your
preferences. Also didn't install PostgreSQL but can help with that if you
need help installing those.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 14, 2020, 10:11pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by robe):

forgot to ask - should I setup something like staging.demo.mapserver.org
so you can start testing before move? If so let me know what port on the
server to connect to. Doesn't need to be port 80.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 14, 2020, 10:34pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

great idea for staging, yes please. how about port 8081 ?

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:9>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 15, 2020, 1:54am

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by robe):

Okay done - http://staging.demo.mapserver.org

should start showing a site instead of bad gateway when you are done

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:10>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 1:44pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

thanks Regina, I'm connected. (at first I was trying to !ProxyJump from
my home Windows machine through download onto this new instance, but then
realized that is forbidden) It of course works fine as you said,
connecting to download first and then connecting to the new instance.
thanks again.

(I guess I was trying to just jump, so I didn't have to copy my private
key to a cloud server)

Anyway out of my efforts I've now updated to the Windows OpenSSH 8.1-beta
release ha, which in the end wasn't needed because jumping through
download is forbidden ha. Oh well, I'm sure my new Windows OpenSSH
expertise will come in handy later ha!

Short summary: I'm off and running on the new server. thanks again for
this.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:11>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:01pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by robe):

Hmm you shouldn't need to copy your private key. I'm running msys2 and
using that so maybe it's different.

Not sure other modes of connecting via windows. That shouldn't be
forbidden.

My conf file looks like this:

{{{
Host download.osgeo.org
IdentityFile "/path/to/private.key"

Host osgeo7-*
ProxyCommand ssh robe@download.osgeo.org -W $(sed -e
"s/^osgeo7-//;s/$/.lxd/" <<< "%h"):%p
IdentityFile "/path/to/private.key"

}}}

I do notice I need both entries though.

Then I do

{{{
ssh robe@osgeo7-mapserver
}}}

That did prompt me for my LDAP password since I didn't have that installed
on mapserver container. But typing in my password works fine since I
don't have password access blocked on the internal servers.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:12>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:18pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

I totally agree that I shouldn't have to copy private key remotely.

However all throughout my testing I get this error (same setup as yours) :

{{{
   debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
   channel 0: open failed: administratively prohibited: open failed
   stdio forwarding failed
   kex_exchange_identification: Connection closed by remote host
}}}

StackExchange says the error is because of a missing setting on the setup
of the Container (I have no access to that part).

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:13>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:19pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

It's actually ok though, as I tried so many different methods, and kept
hitting that wall (container setting). I'm ok now to just move foward
with private key on server. (2 days battling this ha)

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:14>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:20pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

{{{
Host jump
     HostName download.osgeo.org
     Port 22
     User jmckenna
     #IdentityFile C:\Users\Jeff\.ssh\id_rsa
     IdentityFile C:\Users\Jeff\.ssh\id_rsa.openssl-decrypt
     IdentitiesOnly yes
     #ServerAliveInterval 240
     #AllowTcpForwarding yes
     #PermitOpen any

Host osgeo7-mapserver
     HostName osgeo7-mapserver.lxd
     #Port 22
     User jmckenna
     #IdentityFile C:\Users\Jeff\.ssh\id_rsa
     IdentityFile C:\Users\Jeff\.ssh\id_rsa.openssl-decrypt
     ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe -W %h:%p jump
     #ProxyJump jump
     #ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe jump nc %h %p
}}}

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:15>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:31pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

ssh -v osgeo7-mapserver

(my local and remote keys are accepted, as below) :

{{{
OpenSSH_for_Windows_8.1p1, LibreSSL 2.6.5
debug1: Reading configuration data C:\\Users\\Jeff/.ssh/config
debug1: C:\\Users\\Jeff/.ssh/config line 12: Applying options for
osgeo7-mapserver
debug1: Setting implicit ProxyCommand from ProxyJump:
"C:\\WINDOWS\\System32\\OpenSSH\\ssh.exe" -v -W "[%h]:%p" jump
debug1: Executing proxy command: exec
"C:\\WINDOWS\\System32\\OpenSSH\\ssh.exe" -v -W
"[osgeo7-mapserver.lxd]:22" jump
debug1: identity file C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt type
-1
debug1: identity file C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt-cert
type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
OpenSSH_for_Windows_8.1p1, LibreSSL 2.6.5
debug1: Reading configuration data C:\\Users\\Jeff/.ssh/config
debug1: C:\\Users\\Jeff/.ssh/config line 1: Applying options for jump
debug1: Connecting to jump [140.211.15.30] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt type
-1
debug1: identity file C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt-cert
type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1
Debian-10+deb9u7
debug1: match: OpenSSH_7.4p1 Debian-10+deb9u7 pat
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
compat 0x04000002
debug1: Authenticating to download.osgeo.org:22 as 'jmckenna'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
<implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256
SHA256:9Rj8e6GTNUeah218p0NaUqh143OD/90r2+MPpv90yeQ
debug1: Host 'download.osgeo.org' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\Jeff/.ssh/known_hosts:7
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or
directory
debug1: Will attempt key: C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt
explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss
,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\Jeff\\.ssh\\id_rsa.openssl-decrypt
debug1: Authentication succeeded (publickey).
Authenticated to download.osgeo.org ([140.211.15.30]:22).
debug1: channel_connect_stdio_fwd osgeo7-mapserver.lxd:22
debug1: channel 0: new [stdio-forward]
debug1: getpeername failed: Bad file descriptor
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
channel 0: open failed: administratively prohibited: open failed
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
}}}

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:16>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:41pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

By the way, from reading the many forums, for Windows users this is the
recommended SSH tool now (I've learned a lot ha): OpenSSH for Windows:
https://github.com/PowerShell/Win32-OpenSSH/releases The latest beta
allows direct !ProxyJump.

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:17>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:43pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

PS. I think next version of MS4W will include these SSH tools, so very
nice! (OpenSSH for Windows)

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:18>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · May 17, 2020, 4:49pm

#2459: new dedicated VM for demo.mapserver.org
---------------------------+---------------------------------------
Reporter: Jeff McKenna | Owner: sac@…
Type: task | Status: new
Priority: major | Milestone: Sysadmin Contract 2020-I
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+---------------------------------------

Comment (by Jeff McKenna):

My guess is that the remove server has !AllowTcpForwarding or !PermitOpen
disabled, but I haven't been able to prove that.

Yikes

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2459#comment:19>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.