############################## Configuring a New Shell Server ############################## .. FIXME this first step is a bit wrong 1. Follow :doc:`../office/desktops` on whatever thing is your shell server (machine, VM, ...) If you are doing this inside the OpenStack setup, you probably want to have both CS-exiting and FF-exiting networks on hand. This will require a little bit of creative multi-providering. 2. Update magellan's ``/etc/hosts`` to have at least shell.acm.jhu.edu as a name for its IP address. It should probably have a unique name, too, which may or may not be managed by ``/etc/hosts`` as appropriate. 3. Update shorewall to DNAT some public address to the server's IP address, if applicable. 4. Update DNS to have both a server-specific name and A record as well as an A record for ``shell.acm.jhu.edu`` as well. 5. Crank out a keytab for the server-specific name and land it on the shell server. This does mean that kerberos-based login will not work to the global alias ``shell.acm.jhu.edu`` but that's mostly OK by us. 6. Follow the instructions at :ref:`dns_dane` to publish SSHFP records.