systems

This is an old revision of the document!


PHP Systems

PHP is supported by a number of machines provided by a number of generous sponsors. This is a basic inventory of those machines and what services they provide.

History

Machine Access

SSH jump hosts

People with SSH accounts on the above machines must use one of our jump hosts to connect to them. Add this to your ~/.ssh/config:

  Host git.php.net americas.jump.php.net europe.jump.php.net
      ProxyJump none
  
  Host *.php.net
      ProxyJump <USERID>@americas.jump.php.net:9022
      User <USERID>

Replace americas with europe depending on where you are. The jump hosts also provide 2FA using Google Authenticator.

Reference: https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts

2FA setup instructions

  1. Get someone to add your public key to the jump server and the servers you need access to.
  2. Install Google Authenticator on an iOS or Android device
  3. ssh -p 9022 americas.jump.php.net
  4. google-authenticator (you can answer y to all the questions, but you don't have to)
  5. Add the above mentioned configuration to your .ssh/config on your local machine.
  6. Now when you ssh to a php.net server it will first check your public key and if that matches it will ask you for your Google Authenticator (GA) code. Type in this code from your GA app

Note: You'll need to find someone who can replicate your account to europe.jump.php.net so you can use it there, too.

Tip, you can tell ssh to use a php-specific key for php-related things by adding something like this to your Host *.php.net section:

  IdentityFile /Users/bjori/.ssh/php_id_rsa

Machine Status

We use Nagios and Munin to monitor the machines. There is a public network status page as well as a protected area (log in with your SVN credentials) with more detailed information. The Munin web interface is available here.

FreeBSD upgrades

Note regarding FreeBSD machines: Upgrades should be performed according to this guide.

systems.1606844113.txt.gz · Last modified: 2020/12/01 17:35 by cmb