Connect to a server (SSH)

One-time setup

Add your public SSH key to the relevant remote servers.

By default, the SSH port is closed. The easiest way to open it depends on whether your IP address is dynamic or static.

Dynamic IP: Port knock

To open the SSH port for 30 seconds, send traffic to port 8255, replacing example.open-contracting.org with the server you want to connect to:

curl --silent --connect-timeout 1 example.open-contracting.org:8255 || true

You can then use ssh as usual. Once you’re connected, the server will close the port, but not your connection.

Note

Port 8255 returns no data. Without --connect-timeout 1, curl waits forever for a response.

If you are working on this repository, you can also run:

./manage.py connect user@host

Static IP: Allow list

1. Add your IP address to the firewall.ssh_ipv4 and firewall.ssh_ipv6 lists in the common private Pillar file
2. Add your full name in a comment
3. Deploy all services

If you’re unsure, contact sysadmin@open-contracting.org.