Hi Per On Fri, 07 Jul 2017 14:04:45 +0200 Per Jessen wrote:
Please note: those machines are currently NOT reachable from the outside any more (the xinetd redirection of the ssh port is disabled by intention).
I guess this is why I cannot currently reach baloo?
Yes, sorry. Depending on the urgency, we have a couple of options: * using Theo as proxy and let him do your work ;-) * giving you access to a jump host * implementing the same setup as before I would say: let's wait how long the openVPN setup needs and make a decision after the weekend. --- JFYI (needs to be documented): * anna and elsa are our new (ha)proxy machines => my idea is to limit them to this task and do not run other services on them * daffy is our new login machine (for authentication of users against the Novell Auth Server) => no other services on this machine (which needs a 2nd one for HA) * gate.opensuse.org should become our "gate" into the privat network - and also the new gateway for private machines who need external access. That way we know that "private"/management traffic only goes via this machine - and the machines that handle "public"/official traffic are not involved in any way. @Per: that would for example mean that we might need to reconfigure baloo in the next days, too. ^^^ does that make sense to anyone? Regards, Lars -- To unsubscribe, e-mail: heroes+unsubscribe@opensuse.org To contact the owner, e-mail: heroes+owner@opensuse.org