Between October 25 and November 4th we will be moving our Washington, DC office. One of the consequences of this move will be that we will be losing the dedicated IP address for dc1.fsl.com [126.96.36.199], the server that we use to login and support DefenderMX and BarricadeMX servers at your site.
Several months ago we sent out the information on the server that will be replacing dc1.fsl.com a while back and asked that you allow us to access your FSL server(s) from gw.fsl.com [188.8.131.52]. This server is located in a very secure data center in Baltimore MD.
To provide your systems with timely support, before we move, we now ask that you allow non-root access for our support username, fsl, from gw.fsl.com [184.108.40.206] and our new backup login server, repo2.fslupdate.com [220.127.116.11] through any Firewalls, Routers and Firewall software.
After November 3 2016, you can remove our access from dc1.fsl.com [18.104.22.168].
We will be happy to setup the user and sudo for you if we have access to your DefenderMX and BarricadeMX servers, just send a request to email@example.com and include the contact information for the the person(s) who will be coordinating the changes that need to be made to your systems.
For those of you who want to configure the systems yourselves. the necessary steps to give us secure access are:
1. Make sure that we can connect through and Firewall / Routers from:
2. If necessary, add the user fsl
See if the user fsl already exist on you system. login to your system as root and run:
If the fsl user exists you should be taken to user fsl’s home directory. If the directory does not exist you’ll need to login as user root and run:
You should be asked to create a password. Create a secure password and enter that password (twice) and then the user fsl, along with their home directory, will be created. Save the password for your records but we should not need it since we will login using secure ssh keys.
3. Install sudo if necessary. Login to the server as root.
Then issue the following command:
if sudo is installed the `which sudo` command will return:
if sudo is not installed the `which sudo` command will return something similar to:
/usr/bin/which: no sudo in /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/NX/bin:/root/bin)
Install sudo with the following command:
yum -y install sudo
4. Configure sudo to allow user fsl to gain root privileges. login to your system as root and run:
This will open and lock the /etc/sudousers file. After the lines:
# Allow root to run any commands anywhere
root ALL=(ALL) ALL
Add the line:
fsl ALL=(ALL) ALL
And save the file.
5. Here is a link to our Authorized Keys. Right-Click to download and copy the file or it’s contents to /tmp/authorized_keys, then login to the server as root and run:
cat /tmp/authorized_keys >> ~/fsl/.ssh/authorized_keys
chown -R fsl.fsl ~fsl/.ssh
chmod 700 ~fsl/.ssh/
chmod 700 ~fsl/.ssh/authorized_keys/
After you have changed the configuration please open a ticket with firstname.lastname@example.org so we can verify that we have access to your server.
And please contact email@example.com if you have any questions, concerns or problems with this request.
202 595-7760 ext 601