Who can get a V2 VDE-only account?
Anyone who has an account for the computers labs of the department of Computer Science at University of Bologna can get an account. If the main account gets suspended, revoked or cancelled, the user loses his V2 account. Exceptions to this rule must be approved by prof. Renzo Davoli.
The V2 account is part of an experimental service and can be revoked for technical or other reasons without previous notice.
What can be done using a V2 VDE-only account?
The VirtualSquare project has a number of servers used for testing and development of cross-architecture tools related to virtualization. Two kinds of account are available:
- A full account (with shell access) is reserved for people who actively collaborate to the project.
- A limited (or VDE-only) account has no specific requirements. It allows the user to connect to a VDE switch over a ssh connection and to get a public IP address from the 22.214.171.124/24 (IPv4) and 2001:760:2e00:ff00::/64 (IPv6) subnetworks.
Which rules must be followed by the users?
Users are expected to behave according to the Italian laws, the Computers Lab rules and regulations and to the netiquette. The Computers Labs rules also apply in case of violations, and may also cause the suspension of the main labs account (and, as a consequence, of the V2 account).
Obtaining a V2 VDE-only account
In order to get a VDE-only account three things are needed: a SSH client, a mail address in the cs.unibo.it domain and PGP, GPG or equivalent software. The first step is to make a SSH connection to account.v2.cs.unibo.it (currently IPv4 only), with user new and password account:
$ ssh email@example.com The authenticity of host 'account.v2.cs.unibo.it (126.96.36.199)' can't be established. RSA key fingerprint is fe:42:18:01:9c:84:6f:88:72:d4:c9:ef:86:d2:b9:af. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'account.v2.cs.unibo.it,188.8.131.52' (RSA) to the list of known hosts. Password: account
Afterwards, a guided procedure asks for the user's @cs.unibo.it login name, send an encrypted GPG message to his mail address @cs.unibo.it, and print the passphrase to be used to decrypt the message. This passphrase will not be used for the regular login but it's needed for decrypting the mail, which contains the V2 account password (the login name is the same as the @cs.unibo.it one).
In order to decrypt the message, if the mail client doesn't automatically ask for a password, is enough to save the message in a text file and run gpg filename.
NOTE: Sometimes the encrypted email (sent by admin at v2.cs.unibo.it) gets caught by antispam filters. The spam folder should be checked before asking for support.
Managing a V2 VDE-only account
Once the account has been created, some operations like changing the password or adding/removing public keys from the SSH authorized_keys file can be done by making a SSH connection with the user's login name to account.v2.cs.unibo.it:
$ ssh firstname.lastname@example.org Password: user's password here Virtual Square Account Administration ------------------------------------------------------------------------------ (type help for a list of commands) >
Using a V2 VDE-only account
The connection to the VDE switch must be done with a SSH connection to vde.v2.cs.unibo.it (IPv4) or 2001:760:2e00:ff00::1 (IPv6) specifying vde_plug as a command:
$ dpipe vde_plug = ssh email@example.com vde_plug
On the local side, the VDE plug should be connected to a VDE switch connected to a TAP interface. Once the SSH connection has been established, a DHCP client can be used on the TAP interface to get a public IPv4 address (or it's enough to wait for getting a IPv6 address using autoconfiguration).
NOTE: explicit routing rules for reaching vde.v2.cs.unibo.it may be needed when a IPv4 address is obtained inside of a VDE connection which runs over a IPv4 connection.
For generic VDE questions, the primary source of information is the VirtualSquare Wiki. For questions specific to this service, the contact address is admin at v2.cs.unibo.it.