Armen [:armenzg] Reporter
	Description • 11 years ago

In the past, we have been obtaining the production keys for the Windows machines through scp'ing into another machine.

C:\mozilla-build\msys\bin\scp -o 'StrictHostKeyChecking no' -o 'BatchMode=no' -r  cltbld@bld-lion-r5-041:~/.ssh .ssh

Unfortunately, the netflow it now seems to be blocked.

I'm also fine with putting the keys somewhere else and grab it from there.

This prevents us from putting production Win64 machines into the pool.

C:\Users\cltbld>telnet 10.26.52.61 22
Trying 10.26.52.61...                
telnet: Unable to connect to remote host: Attempt to connect timed out without establishing a connection

	Armen [:armenzg] Reporter
	Comment 1 • 11 years ago

Using a machine from the same data-center did the work.

	Amy Rich [:arr] [:arich] Assignee
	Comment 2 • 11 years ago

Spoke to Armen and let him know that these machines can still talk to other hosts in scl1 (linux builders), so the keys could be copied from there.  Longer term, this can be done with GPO after we finish redoing the 2008R2 image and join it to the domain.

Worst case, one should be able to ssh keys from another machine to one's local machine, then scp them up to the host in question.

	Justin Wood (:Callek)
	Comment 3 • 11 years ago

(In reply to Amy Rich [:arich] [:arr] from comment #2)
> Worst case, one should be able to ssh keys from another machine to one's
> local machine, then scp them up to the host in question.

Windows does not accept scp-to-machine. which is why we always log[ed] into windows and scp'ed from a remote host in the releng VLAN

	Hal Wine [:hwine] use NI!
	Comment 4 • 11 years ago

Just to leave a cookie crumb, jhopkins has a script that will sftp to a windows host -- currently documented at https://wiki.mozilla.org/ReferencePlatforms/Win64#Deploy_MAPI_Headers. It's easy to re-purpose for other files.