Configuring a New Shell Server

  1. Follow Installing a New Desktop on whatever thing is your shell server (machine, VM, …)

    If you are doing this inside the OpenStack setup, you probably want to have both CS-exiting and FF-exiting networks on hand. This will require a little bit of creative multi-providering.

  2. Update magellan’s /etc/hosts to have at least as a name for its IP address. It should probably have a unique name, too, which may or may not be managed by /etc/hosts as appropriate.

  3. Update shorewall to DNAT some public address to the server’s IP address, if applicable.

  4. Update DNS to have both a server-specific name and A record as well as an A record for as well.

  5. Crank out a keytab for the server-specific name and land it on the shell server. This does mean that kerberos-based login will not work to the global alias but that’s mostly OK by us.

  6. Follow the instructions at DANE Records to publish SSHFP records.