Skip to content

Getting Started

Jump to bottom
ChrisP edited this page Oct 13, 2023 · 5 revisions

Requesting for VPN Access for a remote environment using SSH (if allowed by project mentor)

Prerequisites

  • Linux-based operating system OR virtual machine (must be Fedora, Centos 8, RHEL 8, or Ubuntu 20.04+).

Guide

  • Make sure you are in the home directory in your linux terminal. To do this, just type cd and the path would end up in is denoted by ~.
  • Follow https://wiki.sepia.ceph.com/doku.php?id=vpnaccess until you reach the command output to submit in the ticket. When using wget, you may have to add sudo before the command.
  • Find your SSH key, replacing the email in quotes with your own. ssh-keygen -t rsa -C "name@email.com"
  • Press Enter three times to save the key in a default location specified or you can specify your own file location. There is no need for a passphrase unless you want one to secure it.
  • Then CAT the file where your public key is saved. cat /home/USER/ .ssh/id_rsa.pub
  • Provide both the command output and SSH public key to your project mentor.

Known Bugs/Problems

System has not been booted with system as init system (PID 1) when running sudo systemctl status openvpn-client@sepia (WSL-specific)

image

Solution You're going to need to enable systemd on your WSL application.

  1. Whichever you used to install WSL, open Command Prompt or Windows Powershell and check your WSL version with wsl -l -v. If it is version 1, you will need to set the version to 2 using wsl --set-version <distro name> 2 with whatever distro you are using (e.g. Ubuntu). This will take long.

  2. Make sure WSL is up-to-date with wsl --update.

  3. Open Ubuntu or whatever distro you are using and sudo -e /etc/wsl.conf. Add the following text to the file:

    [boot]

    systemd=true

  4. Exit the distro and reboot WSL using wsl --shutdown in Powershell or Command Prompt. Then run sudo systemctl status to check if it is enabled.

Error opening configuration file: sepia.conf

image

Solution

  1. Copy the sepia.conf file to your openvpn client directory. The file location may vary. To verify where your sepia.conf is located, cd /etc/openvpn and ls to check all the files in that directory. If not there, check in the sepia directory. When you are in the file path containing sepia.conf, copy the file to the client directory using sudo cp sepia.conf /etc/openvpn/client.

  2. Edit the sepia.conf file with a text editor of your choice, such as vim or nano, with sudo vim /etc/openvpn/client/sepia.conf. Make sure the user is nobody and the group is nogroup. Also locate the lines containing tls-auth, ca, and auth-user-pass. Change the file paths after those configurations into absolute paths by adding /etc/openvpn/ in front of the provided paths. The result should look like:

    tls-auth /etc/openvpn/sepia/tlsauth 1 ca /etc/openvpn/sepia/ca.crt auth-user-pass /etc/opnevpn/sepia/secret

  3. Restart the connection with the sepia network with sudo systemctl restart openvpn-client@sepia. Check the status with sudo systemctl status openvpn-client@sepia to see if the tunnel is active.

Clone this wiki locally