Sun Secure Global Desktop (Tarantella) ~ Creation Zone

How do you like launching some of the applications running on a system, securely using a web browser?

Consider this simple scenario.

You have a system that is exposed to the internet. You are trying to get your partner engineer access your system {say using telnet or ssh}; but the partner engineer is not able to access it due to their corporate firewall.

One option for the partner engineer is to bypass their company's firewall somehow, then connect to the system that is accessible from the internet.

Another option is to install Sun Secure Global Desktop (aka Tarantella) on the system that was exposed to the internet; and letting the partner engineer access it using a standard web browser.

Here's a screen shot:

There are plenty of other options, but this blog entry focuses on Sun Secure Global Desktop option.

How to install Sun Secure Global Desktop?

Download a fully functional 30-day trial latest copy of Sun Secure Global Desktop software from http://www.sun.com/software/products/sgd/get.jsp. 4.31 is the latest version of SGD as of this writing.

Add two user accounts: ttaserv, ttasys

# mkdir /export/home/ttaserv
# groupadd -g 102 ttaserv
# useradd -g 102 -d /export/home/ttaserv -s /bin/bash ttaserv
# useradd -g 102 -d /export/home/ttaserv -s /bin/bash ttasys

Install the Sun Secure Global Desktop software package

# pkgadd -d ./tta-4.31-905.sol-sparc.pkg

The following packages are available:
  1  tta     Sun Secure Global Desktop Software for SPARC Solaris 2.8+
             (SPARC) 4.31.905

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: all

Processing package instance <tta> from </export/home/oracle/tta-4.31-905.sol-sparc.pkg>

Sun Secure Global Desktop Software for SPARC Solaris 2.8+(SPARC) 4.31.905
Sun Microsystems, Inc. 
 
--------------------------------------------------------------------------
Setting up Sun Secure Global Desktop Software
--------------------------------------------------------------------------
Secure Global Desktop Setup recommends you use the following settings:
 
Installation type = install 4.31.905
Installation directory = /opt/ttaserv
 
Are these settings OK?
  Y - Yes, install using these settings
  N - No, tell me more about the options and let me change the settings
  Q - Quit now

OK to use these settings? [Y] N
 
--------------------------------------------------------------------------
Secure Global Desktop installation directory
--------------------------------------------------------------------------
Secure Global Desktop uses a single directory for all its code and other
static and dynamic components. Which directory would you like to use?

Installation directory [/opt/ttaserv] /export/home/ttaserv/
 
--------------------------------------------------------------------------
Setting up Sun Secure Global Desktop Software
--------------------------------------------------------------------------
 
Installation type = install 4.31.905
Installation directory = /export/home/ttaserv/
 
Are these settings OK?
  Y - Yes, install using these settings
  N - No, tell me more about the options and let me change the settings
  Q - Quit now

OK to use these settings? [Y] Y

...
...
...

## Executing postinstall script.

To complete the installation, please run /export/home/ttaserv/bin/tarantella start

Installation of <tta> was successful.

Configure the timeout values.

Modify the timeout values in /export/home/ttaserv/var/serverresources/expect/vars.exp.

# grep -i timeout vars.exp
# Timeouts
set timeouts(prelogin)            180
set timeouts(loggedin)            180
set timeouts(hostprobe)           180
set timeout 3600

Start the Sun Secure Desktop Desktop server

# /export/home/ttaserv/bin/tarantella start
 
--------------------------------------------------------------------------
Secure Global Desktop Software License Agreement
--------------------------------------------------------------------------
To use Secure Global Desktop you must agree to be bound by
the terms of the Software License Agreement.

  Y - I have read, and accept the terms of the license agreement
  N - I do not accept the terms of the license agreement
  R - Let me read the license agreement

Accept terms of Software License Agreement? [R] Y
 
--------------------------------------------------------------------------
Setting up Sun Secure Global Desktop Software
--------------------------------------------------------------------------
Secure Global Desktop Setup recommends you use the following settings:
 
Installation type = install 4.31.905
Peer DNS name = v490-a4
HTTP port = 80 [not currently in use]
Archive logs every week? = yes (Sunday 03:00 hours)
 
Are these settings OK?
  Y - Yes, install using these settings
  N - No, tell me more about the options and let me change the settings
  Q - Quit now

OK to use these settings? [Y] N
 
--------------------------------------------------------------------------
Peer (internal) DNS name
--------------------------------------------------------------------------
Each computer on the network may have a number of DNS names.  In
Secure Global Desktop, the peer DNS name is the name by which this host
is known to others within your firewall, if you have one. If you're
using an array of multiple Secure Global Desktop servers, this is the
name used by other servers in the array to identify this server.

Peer DNS name [v490-a4] dummy.sun.com

--------------------------------------------------------------------------
HTTP port
--------------------------------------------------------------------------
Secure Global Desktop includes a web server. You need to choose the TCP port
on which the web server listens for HTTP (unencrypted) connections.
The default port for HTTP is 80/tcp.

You must choose an unused TCP port for installation to complete.

HTTP port [80] 8000

--------------------------------------------------------------------------
Archive logs every week
--------------------------------------------------------------------------

Would you like the Secure Global Desktop server to archive its log files
every week?

Archive logs every week? [yes] yes

On what day should the archive occur?
Type a number between 0 (Sunday) and 6 (Saturday).

Archive day [0] 

At what time should the archive occur?
Type a number between 0 (midnight) and 23 (11pm).

Archive time [03]  
 
--------------------------------------------------------------------------
Setting up Sun Secure Global Desktop Software
--------------------------------------------------------------------------
 
Installation type = install 4.31.905
Peer DNS name = dummy.sun.com
HTTP port = 8000 [not currently in use]
Archive logs every week? = yes (Sunday 03:00 hours)
 
Are these settings OK?
  Y - Yes, install using these settings
  N - No, tell me more about the options and let me change the settings
  Q - Quit now

OK to use these settings? [Y] Y
--------------------------------------------------------------------------
Configuring your installation...
Running templates Setup script...OK
Running files_rename Setup script...OK
Running dbcreate Setup script...OK
Running extended_templates Setup script...OK
Running config Setup script...OK
Running printing Setup script...OK
Running sysadmin Setup script...OK
Running loadprobe_config Setup script...OK
Configuring and starting Secure Global Desktop web server...OK
Running wcp/configchanges Setup script...OK
Running tsp/resources Setup script...OK
Running 3270/resources Setup script...OK
Running 3270/configchanges Setup script...OK
Running 3270/purge Setup script...OK
Running 5250/resources Setup script...OK
Running 5250/configchanges Setup script...OK
--------------------------------------------------------------------------
What's next?
--------------------------------------------------------------------------
Secure Global Desktop is now installed and ready to use.

To get started:

 - In a web browser, go to:
   http://dummy.sun.com:8000/
 - When prompted, log in with username "Administrator" and root's password.
 - On your webtop, click Administration Guide to learn more about the product
   (we strongly recommend you read the "Getting started" section).
   Or click Object Manager to start creating user webtops.

To add license keys, click Array Manager on your webtop or type:
/export/home/ttaserv/bin/tarantella license add <key>...
--------------------------------------------------------------------------
Successfully installed Sun Secure Global Desktop Software
--------------------------------------------------------------------------

Once the SGD server is up, supply the URL http://dummy.sun.com:8000 and the login credentials to the partner engineer so (s)he can access the system using a standard web browser.

Q: How to check the status of Sun Secure Global Desktop server?

eg., At the startup:

# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): Accepting standard connections.
 - Webtop sessions (0):
 - Emulator sessions (0):

After some clients connect to the server:

# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): Accepting standard connections.
 - Webtop sessions (1):
    - Standard connections: 1
 - Emulator sessions (1):
    - X Protocol Engine: 1

Q: How to stop, start the SDG server?
eg., Stop the SDG server

# /export/home/ttaserv/bin/tarantella stop
 WARNING: Users are connected to this Secure Global Desktop server.
Stopping the server will shut down any emulator sessions for these users.
This may result in loss of data.

Are you sure you want to continue? [no] y
Secure Global Desktop services have been stopped.

Start the SDG server

# /export/home/ttaserv/bin/tarantella start
Starting Secure Global Desktop server (version 4.31.905). Please wait...
Secure Global Desktop services are now available on this host.

Q: How to stop, start the web server?

eg., Stop the web server:

# /export/home/ttaserv/bin/tarantella webserver stop
Stopping Tomcat servlet container...
Using CLASSPATH:     /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2/bin/bootstrap.jar:/export/home/ttaserv/bin/jdk.spso...
Using CATALINA_BASE: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using CATALINA_HOME: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using JAVA_HOME:     /export/home/ttaserv/bin/jdk.spso_1.6.0
...OK
Stopping Apache web server...
/export/home/ttaserv/webserver/apache/1.3.36_mod_ssl-2.8.27_openssl-0.9.8d_jk1.2.15/bin/apachectl stop: httpd stopped
...OK

# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): NOT ACCEPTING CONNECTIONS.

Start the web server:

# /export/home/ttaserv/bin/tarantella webserver start
Starting Tomcat servlet container...
Using CLASSPATH:     /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2/bin/bootstrap.jar:/export/home/ttaserv/bin/jdk.spso ...
Using CATALINA_BASE: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using CATALINA_HOME: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using JAVA_HOME:     /export/home/ttaserv/bin/jdk.spso_1.6.0
...OK
Starting Apache web server...
/export/home/ttaserv/webserver/apache/1.3.36_mod_ssl-2.8.27_openssl-0.9.8d_jk1.2.15/bin/apachectl start: httpd started
...OK

Q: Is there a demo version on-line?

Yes, there is. If you want to feel the experience before you install SDG software on your system(s), access the following URL using a standard web browser, and then click on 'Login' link.

https://sgddemo.sun.com/

You can login anonymously just by clicking on 'Login' button without user name and password.

(Last Updated: October 11, 2007 @ 01:40 PM. Thanks to 'Fat' for the correction.)

__________________
Technorati tags:

Sun Microsystems |

Tarantella

Creation Zone

Thursday, 20 September 2007

Sun Secure Global Desktop (Tarantella)

0 comments:

Post a Comment

Popular Posts

Categories

Blog Archive

About Me