welcome: please sign in

Diff for "MemberManual/ShellAccess"

Differences between revisions 5 and 16 (spanning 11 versions)
Revision 5 as of 2008-02-20 18:54:51
Size: 1905
Editor: MichaelOlson
Comment:
Revision 16 as of 2015-01-01 22:35:29
Size: 2886
Editor: ClintonEbadi
Comment: add the host key fingerprint for bog. May need to go on a static page ... Relying on paranoid members to be paranoid and check the revision history for now :)
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
[[TableOfContents]] <<TableOfContents>>
Line 7: Line 7:
= Our Machines = == Logging In ==
Line 9: Line 9:
We have several machines, which are hosted at Peer1. Here are brief descriptions of each of the machines you'll need to know about, and what they do. Only `ssh.hcoop.net` is accessible to members. To login, use [[http://www.openssh.org/|SSH]] where
Line 11: Line 11:
|| '''Machine name''' || '''IP address'''|| '''Description''' ||
|| {{{mire.hcoop.net}}} || 69.90.123.68 || This is the machine that serves all of our members' websites. Members can log into this machine. ||
|| {{{deleuze.hcoop.net}}} || 69.90.123.67 || This is our mail server, database server, primary DNS nameserver, and the machine that serves [http://hcoop.net] ('''when the migration period is complete'''). Members may not log into this machine. ||
 username :: Your HCoop username
 host :: `ssh.hcoop.net`
 host key fingerprint :: 2048 46:8f:76:54:87:dc:52:7b:76:02:92:3b:a7:8a:2e:89 root@bog (RSA)
Line 15: Line 15:
For further details on our machines, including the machines that are not listed here, take a look at the [:Hardware:] page. You may also use MitKerberos for [[/PasswordlessLogin]].
Line 17: Line 17:
= Logging In = The current shell machine is [[ServerBog|bog]], and is running [[http://www.debian.org/releases/squeeze/|Debian GNU/Linux Squeeze]]. Further information about our servers is on the [[Hardware]] page.
Line 19: Line 19:
The only machine that you can log into as a member is {{{mire.hcoop.net}}}. Use SSH to log in, by typing the following, where '''USER''' is your HCoop username. === GNU/Linux, OS X, BSD ===

Open a shell and run:
Line 22: Line 24:
ssh USER@mire.hcoop.net ssh USERNAME@ssh.hcoop.net
Line 25: Line 27:
= Changing the Default Shell = === Microsoft Windows ===

If you use Windows and are unfamiliar with SSH, you will most likely want to install [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|Putty]], a popular and FreeSoftware SSH client. See the [[http://the.earth.li/~sgtatham/putty/0.62/htmldoc/Chapter2.html#gs|putty getting started guide]] for more information.

== Security Restrictions ==

We have some security restrictions in place on the shell servers designed to thwart would-be attackers. Basic http, irc to trusted networks, etc. work by default, and we liberally grant requests for additional network permissions (See FirewallRules).

== Installing Software ==

Our shell server is running a basic installation of Debian Squeeze. You may find that all of the software you need is already installed, but if not you may [[https://members.hcoop.net/portal/apt|request installation of packages]] available in [[http://packages.debian.org/squeeze/|squeeze]] and [[http://packages.debian.org/squeeze-backports/|squeeze-backports]].

Software not provided by Debian may be manually installed somewhere like `~/local/` in your home directory.

== Tips ==

=== Changing Your Password ===

/* Not sure this belongs here, but this document seems like the place where a member might want to know how to change their password? */

On your first login, and thereafter on some regular basis (quarterly is generally alright), you should change your password. To do this, login to the shell server and run

{{{
kpasswd
}}}

It will prompt for your current password and your new password twice.

(We use `kpasswd` instead of the standard UNIX `passwd` because of an unfortunate interaction between MitKerberos and Debian's default PAM configuration).

=== Changing the Default Shell ===
Line 35: Line 67:
= Web Interface for Login =

We also have an AJAX SSH service at [http://ssh.hcoop.net/]. This allows you to use a web browser to log into {{{mire}}}, provided that you have a fairly modern web browser.

= Password-less Login =

Consult the [:/PasswordlessLogin:Password-less Login] subpage for instructions.

= Security Restrictions =

We have some security restrictions in place on the shell servers. They are documented here: ShellServerSecurityRestrictions.
----
CategoryNeedsWork CategoryMemberManual

This is the chapter of the MemberManual that describes how to log in to our machines, and provides a brief explanation of what our machines do.

Logging In

Only ssh.hcoop.net is accessible to members. To login, use SSH where

username
Your HCoop username
host

ssh.hcoop.net

host key fingerprint
2048 46:8f:76:54:87:dc:52:7b:76:02:92:3b:a7:8a:2e:89 root@bog (RSA)

You may also use MitKerberos for /PasswordlessLogin.

The current shell machine is bog, and is running Debian GNU/Linux Squeeze. Further information about our servers is on the Hardware page.

GNU/Linux, OS X, BSD

Open a shell and run:

ssh USERNAME@ssh.hcoop.net

Microsoft Windows

If you use Windows and are unfamiliar with SSH, you will most likely want to install Putty, a popular and FreeSoftware SSH client. See the putty getting started guide for more information.

Security Restrictions

We have some security restrictions in place on the shell servers designed to thwart would-be attackers. Basic http, irc to trusted networks, etc. work by default, and we liberally grant requests for additional network permissions (See FirewallRules).

Installing Software

Our shell server is running a basic installation of Debian Squeeze. You may find that all of the software you need is already installed, but if not you may request installation of packages available in squeeze and squeeze-backports.

Software not provided by Debian may be manually installed somewhere like ~/local/ in your home directory.

Tips

Changing Your Password

On your first login, and thereafter on some regular basis (quarterly is generally alright), you should change your password. To do this, login to the shell server and run

kpasswd

It will prompt for your current password and your new password twice.

(We use kpasswd instead of the standard UNIX passwd because of an unfortunate interaction between MitKerberos and Debian's default PAM configuration).

Changing the Default Shell

If you wish to change your login shell, then create a symlink called ~/.loginshell whose target is your shell of choice. Here is one example:

ln -sf /bin/zsh ~/.loginshell


CategoryNeedsWork CategoryMemberManual

MemberManual/ShellAccess (last edited 2019-01-30 20:47:49 by SrikanthSastry)