Karl Berry wrote: > To log into vcs, first log into mgt. > > He can't. He doesn't have a static IP address (as far as I know -- > Tomasz, if I'm wrong, let me know). I asked him to ask sysadmin for an > account on fencepost but I don't think that has happened yet.
But should be able to get to fencepost as I described. > There is a firewall on all of the VMs that prevents direct access > from the Internet. > > At least at the iptables level, that is not true for vcs, which is > precisely why I (tried to) set Tomasz up the way I did. It allows ssh > from anywhere since that is necessary for some VC access. Ah! Yes you are right. I just tried it now and of course it worked. Otherwise version control can't work. (My hand smacks my forehead.) A silly mistake on my part. Sorry for the noise. I was confused because each VM has its own iptables rules that are unique. > However, do you know if there is some other "firewall"-type thing > (whatever that means) that would stop "ssh r...@vcs.sv.gnu.org" at the > user level (not the ssh level), resulting in the usual "Permission > denied (publickey)."? Tomasz hasn't been able to log in yet. All very > frustrating. Nope. And in fact I tested this and it worked okay for me just now. Which would lead back to a problem on the Tomasz's client side again. Bob
