Cool Solutions

One-Click ConsoleOne via SSH



By:

March 11, 2010 4:42 pm

Reads: 6963

Comments:4

Score:5

One-Click Access to ConsoleOne in Linux

Running ConsoleOne directly from the server is helpful and often necessary, especially if you are using SLES as the server OS. With OES, you have the NSS file system that lets you easily connect a Windows workstation to your domain (assuming that workstation has a Novell Client). If you’re using a Linux desktop that is capable of running the Novell Client for Linux, ConsoleOne can still be run locally while connecting to the domain database on the OES server. Using a SLES server further limits your options.

Instead of installing and configuring Samba or NFS (which I’m not sure is recommended anyway), using SSH to run ConsoleOne allows you to use a common protocol.

I most often use the Linux desktop and have been able to make one-click ConsoleOne access via SSH work. While Putty, a Windows SSH client, can provide similar functionality, I do not know of a way to generate the necessary SSH key with Putty in order to make this work in a one-click way.

For the remainder of this article, I’ll call the server running the domain and from where we want to run ConsoleOne ‘gwdom1′. I will assume that ConsoleOne with the current snapins is installed, executable, and fully functional from the domain server console for the purposes of administering GroupWise. I will also assume that we want to connect to this server as ‘root’.

Running ConsoleOne via SSH

This is the easy part. First, SSH to the server where the domain is running as the root user using the following command. The ‘-X’ is crucial as it enables X11 forwarding:

ssh -X root@gwdom1

After entering the root password, execute this command:

/usr/ConsoleOne/bin/ConsoleOne

At this point, ConsoleOne should appear on your Linux desktop (running from gwdom1) and you can login and connect to gwdom1′s domain database. This will verify that ConsoleOne can be run in the way it needs for this process to ultimately work.

This part should be possible using Putty for Windows. However, providing the specific steps of doing so is not the intent of this article.

Your Very Own Script

You can easily combine the above two commands into one script file. First, go to your home folder using the console and switch to a folder called /bin. For non-root users, it will be /home/username/. For root, it’s /root.

Once in the /bin folder of your home folder, create a file called ‘c1_gwdom1′ (or whatever you want to use as the command that calls this) using your favorite text editor. The file should contain the following:

#/bin/bash 

ssh -X root@gwdom1 "/usr/ConsoleOne/bin/ConsoleOne &"

The ‘#/bin/bash’ part is probably unnecessary, but I’ve gotten in the habit of putting this in my scripts. Nevertheless, save the file and exit your editor. Now, from the console, make your script executable. Use the command:

chmod 755 c1_gwdom1

Because your /bin folder in your home folder is, by default, in the path, you should be able to type ‘c1_gwdom1′ from any folder and it will start. Try it out. You will have to enter the root password for gwdom1 to have it connect (more on removing this later). ConsoleOne should start on your local workstation. If you want to have it start in the background, use ‘c1_gwdom1 &’ and you won’t have to keep your console window open.

No Password Required

Here it gets more complicated. However, this is also the key to one-click access. This is also the part that I am unsure how to duplicate in Windows. It may be there, but my limited use of Windows for administration of GroupWise has kept me from researching this further.

What we have to do is to first generate an SSH key, then enter the key info into gwdom1′s authorized list. This tells gwdom1 to trust connections from this machine. So keep in mind that if you have multiple machines from which you want to use one-click ConsoleOne, you will have to repeat this step for each.

From a console on your Linux desktop, enter ‘ssh-keygen -t rsa’ and you should get a prompt for a path. Use the default path and leave the passphrase blank. Once you’ve finished that command, you should have a file in your Linux desktop’s /home/username/.ssh/ folder called ‘id_rsa.pub’. View the contents of this file by typing:

cat /home/username/.ssh/id_rsa.pub

Highlight and copy the contents of that file to the clipboard using the GUI. Now open another console and SSH over to gwdom1 as root.

In the /root/.ssh/ folder of gwdom1 you should find a file called authorized_keys2. Make a quick backup copy of this file before you start editing it. Edit the file and go the bottom. Add another line, then Paste the contents of your local id_rsa.pub file into it. Save the file and exit out of the SSH session.

Test this by re-SSHing to gwdom1. If it worked, then you should be able to SSH without getting a password prompt.

Click Me!

To make it all nice, neat, and easily accessible you can now create yourself a shortcut. The steps for doing this will depend on whether you use GNOME or KDE (or another Desktop Environment). Chances are that you know how to do this so I will not go into specific steps to create a shortcut.

The application/command that you want the shortcut to run is:

/home/username/bin/c1_gwdom1

Create it and click to test.

What should happen is that ConsoleOne should now appear, having been run over SSH from the server running/hosting your domain.

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)
One-Click ConsoleOne via SSH, 5.0 out of 5 based on 1 rating

Categories: Uncategorized

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

4 Comments

  1. By:warper2

    I thought this was awesome when I saw it. I was actually hoping that it was going to work on the mac and it didn’t. I than tried it in linux and it did not work. Console 1 worked great but gwise can’t be done this way if it is clustered. For some reason it list s the path to the domain wrong. It put it like this which obviously does not exist.

    /media/nss/VOLUME/domain/CLUSTER_RESOURCE_SERVER/VOLUME/domain

    I know it is nss and use windows. I would just love not to have to require windows for mgmt of gwise.

    Thanks

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  2. By:dlpowell

    There are actually a couple of issues to overcome when porting this to Windows. As mentioned, we need to use public key authentiaction to make this truely one-click. That is rather easily accomplished with the puttygen tool. Instructions on its use can be found here including how to use the cert from withing the Putty tool.

    You also have to have some way to view Xwindows content. Many people use CygWin, but I found a very easy to install free Windows X server – Xming. You can find it here.

    Finally, don’t forget to enable X forwarding and also configure the “/usr/ConsoleOne/bin/ConsoleOne” command to run when the connection starts. These settings are found in the SSH section of the Putty connection configuration window.

    NOTE: It is considered a security risk to have ssh authenticate as root. A common practice is to ssh as a regular user and use sudo to run restricted comands. The problem here is that X forwarding gets broken when using sudo and Putty. You might consider giving a new group execution rights to ConsoleOne and read/write/execute file permissions to the GW file system path. Then place the users who are authorized to run ConsoleOne as members of same group.

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  3. By:aaronm04

    Wanted to update the thread to say that I’ve corresponded with ‘warper2′ above and he was able to get this to work. As I recall, the fix was to select the ‘wpdomain.db’ file when browsing for the domain directory rather than selecting the folder itself. I’ve found this to be occasionally necessary (and other times not) when selecting a domain path.

    And thanks to ‘dlpowell’ for the tips on doing this from Windows !!

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  4. By:hpsof

    ° start puttygen.exe (within whole putty-stuff) on client-machine. gui opens
    ° click button generate
    ° click button save private key to save the private key to a file for this client. remember path and filename [privkey]
    ° copy+paste the generated key (visible in a box) to a file /root/.ssh/authorized_keys2 on the server-machine (target of ssh)
    ° call putty with command-line option -i [privkey] root@server-machine

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

Comment

RSS