##############################
Configuring a New Shell Server
##############################

.. FIXME this first step is a bit wrong

1. Follow :doc:`../office/desktops` on whatever thing is your shell server
   (machine, VM, ...)

	If you are doing this inside the OpenStack setup, you probably want
	to have both CS-exiting and FF-exiting networks on hand.  This
	will require a little bit of creative multi-providering.

2. Update magellan's ``/etc/hosts`` to have at least shell.acm.jhu.edu as a
   name for its IP address.  It should probably have a unique name, too,
   which may or may not be managed by ``/etc/hosts`` as appropriate.

3. Update shorewall to DNAT some public address to the server's IP address,
   if applicable.

4. Update DNS to have both a server-specific name and A record as well as
   an A record for ``shell.acm.jhu.edu`` as well.

5. Crank out a keytab for the server-specific name and land it on the shell
   server.  This does mean that kerberos-based login will not work to the
   global alias ``shell.acm.jhu.edu`` but that's mostly OK by us.

6. Follow the instructions at :ref:`dns_dane` to publish SSHFP records.