Peter Kern aka nomagic

nomagic.net

Mostly traveling between developer needs, cloud platforms and bug hunts. Team Player. Jack of all trades (aka T-shaped cloud engineer with focus on architecture)

PCFDev Virtual Machine SSH Login

How to login via ssh to the Pivotal Cloud Foundry (PCFDev) virtual machine on your local linux notebook.

Peter Kern

3-Minute Read

What?

If you start PCFDev on your local machine then a single virtual machine is running on top of host os and provides a subset of the cloud foundry components. For normal use cases it is sufficient to use the web interface and the cf command line for a developer.

But if want to gain a deeper understanding of cloud foundry then it could be useful to take a look behind the curtains and in to the vm.

Why?

I did not find a single step by step guide which explains how to do a ssh login to pcfdev. So I experimented a little by myself and found a solution. And now I would like to have some feedback if this the way to go. If you know a better solution or if you have a link to the respective docs then it would be cool if you would share your knowledge in the comments.

How?

After the installation of pcfdev you have an additional folder in your home directory called .cfdev

[peter@alastor ~]$ cd ~/.cfdev
[peter@alastor .cfdev]$ ls
analytics  bin  cache  daemons  log  services  state

Find the ssh endpoint

$ curl -k -X GET --url https://api.dev.cfdev.sh/v2/info
{
  "name": "Small Footprint PAS",
  "build": "2.4.4-build.2",
  "support": "https://support.pivotal.io",
  "version": 0,
  "description": "https://docs.pivotal.io/pivotalcf/2-3/pcf-release-notes/runtime-rn.html",
  "authorization_endpoint": "https://login.dev.cfdev.sh",
  "token_endpoint": "https://uaa.dev.cfdev.sh",
  "min_cli_version": "6.23.0",
  "min_recommended_cli_version": "6.23.0",
  "app_ssh_endpoint": "ssh.dev.cfdev.sh:2222",
  "app_ssh_host_key_fingerprint": "7b:35:c2:4c:ed:e7:0b:9b:42:f5:e4:c2:17:e3:10:9a",
  "app_ssh_oauth_client": "ssh-proxy",
  "doppler_logging_endpoint": "wss://doppler.dev.cfdev.sh:443",
  "api_version": "2.125.0",
  "osbapi_version": "2.14",
  "routing_endpoint": "https://api.dev.cfdev.sh/routing"
}

Via the info endpoint you get the address of an ssh server. As far as I understand it is this the ssh server to login to the application and service instances. This adress does not provide access at the vm level.

Since the vm only provides one ip adress for all hostnames *.dev.cfdev.sh it does not matter which hostname you use for your ssh connection as long as you use the standard ssh port and not port 2222.

ssh xyz.dev.cfdev.sh

Unauthorized use is strictly prohibited. All access and activity
is subject to logging and monitoring.
peter@xyz.dev.cfdev.sh: Permission denied (publickey).

It seems like my current user is not allowed to login. In the directory ~/.cfdev/state/bosh/ you can find a private key file for the user jumpbox. Maybe this will work to login.

$ ssh -i .cfdev/state/bosh/jumpbox.key jumpbox@xyz.dev.cfdev.sh -p 22

Unauthorized use is strictly prohibited. All access and activity
is subject to logging and monitoring.

Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.14.70-linuxkit x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

Last login: Sat May 11 19:39:51 UTC 2019 from 192.168.122.1 on pts/0
Last login: Sat May 11 19:50:23 2019 from 192.168.122.1

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

bosh/0:~$ 

What a lucky punch. We are logged in as user jumpbox.

What next?

Well I need to understand why this is working the way it works. Any hints?

comments powered by Disqus

Recent Posts

Categories

About

Unicorns ... invite them to your release party but do not expect them to do your work.

Datenschutz