JARVIS: Difference between revisions
Add example ssh config |
|||
(26 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
'''JARVIS''' (10.0.0.4) is a sandbox [[Wikipedia:Virtual machine|VM]] accessible to any member. It has a shared directory accessible from the space's networked computers, it can host member webpages and can be used via [[Wikipedia:Secure Shell|SSH]]. Computers can also be configured to access JARVIS via the internet using SSH. | '''JARVIS''' (10.0.0.4) is a sandbox [[Wikipedia:Virtual machine|VM]] accessible to any member. It has a shared directory accessible from the space's networked computers, it can host member webpages and can be used via [[Wikipedia:Secure Shell|SSH]]. Computers can also be configured to access JARVIS via the internet using SSH. | ||
==Specs== | ==Specs== | ||
Line 23: | Line 21: | ||
** Enter [[HMS]] credentials <username> and <password> in the dialogue box, leave other options as their default values. | ** Enter [[HMS]] credentials <username> and <password> in the dialogue box, leave other options as their default values. | ||
==SSH | ==SSH access== | ||
{{note|SSH and web address use the ''all lowercase'' form of your HMS <username>}} | :{{note|SSH and web address use the ''all lowercase'' form of your HMS <username>}} | ||
===Local network=== | ===Local network=== | ||
Line 32: | Line 30: | ||
ssh <username>@jarvis | ssh <username>@jarvis | ||
Enter your HMS <password> when prompted. You will be logged on as '<username>@jarvis' and be in your home directory (/home/<username>). | Enter your HMS <password> when prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~'). | ||
You will likely need to use <code>ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa <username>@jarvis</code> with more modern SSH clients. | |||
;Using Linux file manager | ;Using Linux file manager | ||
Line 45: | Line 45: | ||
===Internet access=== | ===Internet access=== | ||
JARVIS is accessible from the the internet on jarvis.nottinghack.org.uk port 3000, | JARVIS is accessible from the the internet on jarvis.nottinghack.org.uk port 3000. However, from the internet you will need to using a [[Wikipedia:Public-key cryptography|key]] to login, not your HMS <password>. This requires configuring your client computer (that will access JARVIS over the internet) and your JARVIS user account (as server). Part of the set up requires being logged into the Hackspace's network; therefore the whole set up can not be done over the internet. | ||
;1 - Get SSH key from client | |||
If your client computer hasn't got a SSH create one using: | |||
ssh-keygen | |||
You can create a key with a password (we'll refer to this as <key password>). | |||
This creates two key in the directory '~/.ssh': | |||
:The private key 'id_rsa' - don't share this one. | |||
:The public one 'id_rsa.pub' - bring this one to Hackspace | |||
;2 - SSH public key to Hackspace server | |||
The public key needs to be appended to the 'authorized_keys' file on your JARVIS user account. SSH into JARVIS on a computer connected to the local Hackspace network. | |||
ssh <username>@jarvis | |||
Enter your HMS <password> when prompted. Check the '.ssh' directory in your home directory of your JARVIS user account (create it if it doesn't exist). If there is no 'authorized_keys' file you can simple rename the 'id_rsa.pub' file from your client computer 'authorized_keys', then copy it into this directory ('/home/<username>/.ssh'). | |||
Your public_html directory on JARVIS at '/home/<username>/public_html'. Your index.html file goes here. | ;3 - SSH access from server | ||
Your client computer should now be able to SSH into JARVIS over the internet. | |||
;Using a Linux terminal | |||
ssh <username>@jarvis.nottinghack.org.uk -p 3000 | |||
Enter your <key password> if prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~'). | |||
;Using Linux file manager | |||
Select 'Connect to server' with settings: | |||
:type: SSH / SFTP | |||
:host: jarvis.nottinghack.org.uk | |||
:port: 3000 | |||
:login: <username> | |||
Or go to <nowiki>sftp://<username>@jarvis.nottinghack.org.uk:3000/</nowiki> | |||
If prompted to enter your <key password>. | |||
=== Recommended .ssh/config === | |||
In order to connect easily from home or the hackspace, it's possible to customise your local <code>.ssh/config</code> file. This adds the old host and public keys which jarvis still uses, allowing you to easily connect from home using <code>ssh jarvis</code> or from in the space, using <code>ssh jarvis.local</code>. Remember to replace your username | |||
Host jarvis | |||
Hostname jarvis.nottinghack.org.uk | |||
User <username> | |||
Port 3000 | |||
HostKeyAlgorithms ssh-rsa | |||
PubkeyAcceptedKeyTypes ssh-rsa | |||
Host jarvis.local | |||
Hostname jarvis.nottinghack.org.uk | |||
User <username> | |||
HostKeyAlgorithms ssh-rsa | |||
PubkeyAcceptedKeyTypes ssh-rsa | |||
====Resources==== | |||
*[http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password SSH with authentication key instead of password] - more detailed explanation of SSH keys | |||
===Link to folder in /home/shared=== | |||
If using Nautilus to SSH to your account on JARVIS it can be handy to link to folder in /home/shared. | |||
After connecting using SSH, the folder will be '/home/<lowercase HMS username>'. Create a link to the desired folder using: | |||
ln -s /home/shared/<folder_name> <link name> | |||
Clicking on <link name> will take you to '/home/shared/<folder_name>'. | |||
==Webpage access== | |||
:{{note|SSH and web address use the ''all lowercase'' form of your HMS <username>}} | |||
Members can have a webpage hosted at an address based on their username. | |||
Your 'public_html' directory is on JARVIS at '/home/<username>/public_html'. Your 'index.html' file goes here. | |||
This is served at web address: | This is served at web address: | ||
<nowiki>http://jarvis.nottinghack.org.uk/~</nowiki>''<username>''. | <nowiki>http://jarvis.nottinghack.org.uk/~</nowiki>''<username>''. | ||
As we only have one external IP address, WEB/port 80 connections to JARVIS are proxied by [[Holly]]. | |||
==See also== | |||
* [[Holly]] - not freely accessible by members as it is mission critical | |||
[[Category:Network]] | [[Category:Network]] | ||
[[Category:Software]] | [[Category:Software]] |
Latest revision as of 22:34, 2 May 2024
JARVIS (10.0.0.4) is a sandbox VM accessible to any member. It has a shared directory accessible from the space's networked computers, it can host member webpages and can be used via SSH. Computers can also be configured to access JARVIS via the internet using SSH.
Specs
Like Holly, JARVIS is a VM running on Collective, it currently has the following resources
- 1CPU core
- 1GB RAM
- 50GB HDD
- Debian Wheezy 64bit
Running service's include
- SSH
- Apache with PHP5
- MySQL
- SAMBA
File manager access
Every member can create an unencrypted folder on the shared folder on the JARVIS server (/home/shared).
Linux
In Nautilus on Ubuntu:
- Browse Network > Windows Network > nottinghack > JARVIS > Shared
- Enter HMS credentials <username> and <password> in the dialogue box, leave other options as their default values.
SSH access
- Note: SSH and web address use the all lowercase form of your HMS <username>
Local network
On the local network JARVIS can be accessed via SSH using password or key.
- Using a Linux terminal
ssh <username>@jarvis
Enter your HMS <password> when prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').
You will likely need to use ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa <username>@jarvis
with more modern SSH clients.
- Using Linux file manager
Select 'Connect to server' with settings:
- type: SSH / SFTP
- host: jarvis
- login: <username>
You will be prompted to enter your HMS <password>.
Internet access
JARVIS is accessible from the the internet on jarvis.nottinghack.org.uk port 3000. However, from the internet you will need to using a key to login, not your HMS <password>. This requires configuring your client computer (that will access JARVIS over the internet) and your JARVIS user account (as server). Part of the set up requires being logged into the Hackspace's network; therefore the whole set up can not be done over the internet.
- 1 - Get SSH key from client
If your client computer hasn't got a SSH create one using:
ssh-keygen
You can create a key with a password (we'll refer to this as <key password>).
This creates two key in the directory '~/.ssh':
- The private key 'id_rsa' - don't share this one.
- The public one 'id_rsa.pub' - bring this one to Hackspace
- 2 - SSH public key to Hackspace server
The public key needs to be appended to the 'authorized_keys' file on your JARVIS user account. SSH into JARVIS on a computer connected to the local Hackspace network.
ssh <username>@jarvis
Enter your HMS <password> when prompted. Check the '.ssh' directory in your home directory of your JARVIS user account (create it if it doesn't exist). If there is no 'authorized_keys' file you can simple rename the 'id_rsa.pub' file from your client computer 'authorized_keys', then copy it into this directory ('/home/<username>/.ssh').
- 3 - SSH access from server
Your client computer should now be able to SSH into JARVIS over the internet.
- Using a Linux terminal
ssh <username>@jarvis.nottinghack.org.uk -p 3000
Enter your <key password> if prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').
- Using Linux file manager
Select 'Connect to server' with settings:
- type: SSH / SFTP
- host: jarvis.nottinghack.org.uk
- port: 3000
- login: <username>
Or go to sftp://<username>@jarvis.nottinghack.org.uk:3000/
If prompted to enter your <key password>.
Recommended .ssh/config
In order to connect easily from home or the hackspace, it's possible to customise your local .ssh/config
file. This adds the old host and public keys which jarvis still uses, allowing you to easily connect from home using ssh jarvis
or from in the space, using ssh jarvis.local
. Remember to replace your username
Host jarvis Hostname jarvis.nottinghack.org.uk User <username> Port 3000 HostKeyAlgorithms ssh-rsa PubkeyAcceptedKeyTypes ssh-rsa Host jarvis.local Hostname jarvis.nottinghack.org.uk User <username> HostKeyAlgorithms ssh-rsa PubkeyAcceptedKeyTypes ssh-rsa
Resources
- SSH with authentication key instead of password - more detailed explanation of SSH keys
If using Nautilus to SSH to your account on JARVIS it can be handy to link to folder in /home/shared.
After connecting using SSH, the folder will be '/home/<lowercase HMS username>'. Create a link to the desired folder using:
ln -s /home/shared/<folder_name> <link name>
Clicking on <link name> will take you to '/home/shared/<folder_name>'.
Webpage access
- Note: SSH and web address use the all lowercase form of your HMS <username>
Members can have a webpage hosted at an address based on their username.
Your 'public_html' directory is on JARVIS at '/home/<username>/public_html'. Your 'index.html' file goes here.
This is served at web address: http://jarvis.nottinghack.org.uk/~<username>.
As we only have one external IP address, WEB/port 80 connections to JARVIS are proxied by Holly.
See also
- Holly - not freely accessible by members as it is mission critical