A Laboratory is a virtual network on Terradue Cloud Platform, dedicated to the hosting of your Cloud services. A laboratory and its services are secured by user authentication and VPN access. The following sections will guide you through the procedure related to user SSH key pair management and VPN setup.
SSH key pair is a way to identify trusted computers without involving passwords. You can generate a SSH key pair and add the public key to your account on Terradue Cloud Platform by following the procedures below.
Store your SSH key pair into the .ssh directory in your HOME directory:
cd <your/download/directory>
chmod 400 id_rsa
cp id_rsa $HOME/.ssh/
PuTTY is a well-known freely available SSH client http://www.putty.org/. To download and install it:
Now you can download and install your OpenVPN Client, in order to establish a connection with Terradue’s VPN server.
Important
if you have a previously installed VPN client (e.g. Tunnelblick) on your system, such previously installed client must be disconnected and then be disabled (we recommend uninstalling it).
Congrats
You have now completed your setup for accessing your laboratory on Terradue’s Cloud Platform. You shall be able to access your user dashboard here: http://<sandbox_host>/dashboard. So, let’s try a first Connect to your Sandbox now !
When the OpenVPN client is installed on a Linux/Unix OS, the OpenVPN Server is unable to alter the DNS settings on the client in question. A typical behaviour in such cases is that you are able to ping your Sandbox through its IPv4 address, but not through the hostname. To solve this kind of issue, add manually Terradue’s DNS server as a new line in your /etc/resolv.conf file:
nameserver 10.16.20.14
If you are using the NetworkManager tool (e.g. in the GNOME desktop environment), you should instead statically add the nameserver address 10.16.20.14 through the GUI.
When the OpenVPN Connect client is installed behind a corporate HTTP proxy server, the connection fails because the proxy server doesn’t allow the VPN traffic. Thus the OpenVPN Connect client is not able to automatically download the .ovpn configuration file.
Hereafter a procedure to configure your VPN connection in that situation:
remote access.terradue.com 443 udp
remote access.terradue.com 443 udp
remote access.terradue.com 443 tcp
remote access.terradue.com 443 udp
remote access.terradue.com 443 udp
remote access.terradue.com 443 udp
remote access.terradue.com 443 udp
remote access.terradue.com 443 udp
With:
remote access.terradue.com 443 tcp
http-proxy <proxy_address> <proxy_port>
http-proxy-retry
Check with your Network Administrator the values of <proxy_address> <proxy_port>.
If the system you are using has not a Graphical User Interface for OpenVPN, you have to use the OpenVPN’s command line. Also, in some scenarios you need to use the OpenVPN’s command line interface, for example in a script to automatically start the VPN connection. It can also be useful when you want to automatically start the VPN from a startup script.
So you can execute the OpenVPN client through the “openvpn” command by using the prompt (Unix Shell or Windows Prompt).
The CLI parameters are listed and described in the manual page of OpenVPN. You can check them by typing the command:
man openvpn
from a Unix shell, the OpenVPN’s manual page will be displayed. A great number of parameters are available to directly use in the command line prefixed by two consecutive hyphens (–). The same parameters (not prefixed by –) can also be specified in the configuration file.
Note
Except for a few cases, it is better to specify the parameters in a configuration file rather than having them in a too long and heavy to read command line.
To download the “OpenVPN Connect” client for installation on another computer, you can access installation material and configuration templates from here:
https://access.terradue.com/?src=connect
You can establish a VPN connexion with Terradue’s OpenVPN server by using the command line.
openvpn --config client.ovpn
For the most operating system in which OpenVPN works, binary packages already compiled exist. Anyway, sometimes, above all for some Linux Distributions, you could need to build OpenVPN by starting with the source code.
tar xvfz openvpn-2.0.9.tar.gz
cd openvpn-2.0.9
./configure --prefix=/usr
make
make install
If the ./configure procedure claims that the lzo libraries and headers are not found in the system, install the lzo compression software as follows below:
tar xvfz lzo-2.02.tar.gz
./configure --prefix=/usr
make
make install
Warning
Because the files will be written below the system directory /usr, the make install command must be executed with root privileges.