JARVIS: Difference between revisions

From Nottinghack Wiki
Jump to navigation Jump to search
← Older edit
tidy
 
(49 intermediate revisions by 7 users not shown)
Line 1: Line 1:
'''JARVIS''' (10.0.0.4) is a sandbox [[Wikipedia:Virtual machine|VM]], any member can SSH to it using their [[HMS]] credentials.<br/>
'''JARVIS''' (10.0.0.4) is a sandbox [[Wikipedia:Virtual machine|VM]] accessible to any member. It has a shared directory accessible from the space's networked computers, it can host member webpages and can be used via [[Wikipedia:Secure Shell|SSH]]. Computers can also be configured to access JARVIS via the internet using SSH.
Since [[Holly]] has become very much mission critical for the hackspace, it is not feasible to let members have free access to it, but now that Holly is a VM running on [[Collective]] we can easily have other VMs for testing and running a few other services.<br/>


===Specs===
{{note|December 2025 - Jarvis has been replaced with a new Jarvis! If you've ssh'd into it before, you'll receive a warning about the host key changing. You can fix this by running <code>ssh-keygen -R jarvis.nottinghack.org.uk</code> and <code>ssh-keygen -R '[jarvis.nottinghack.org.uk]:3000'</code>.}}
 
 
==Specs==
Like Holly, JARVIS is a VM running on [[Collective]], it currently has the following resources
Like Holly, JARVIS is a VM running on [[Collective]], it currently has the following resources
* 1CPU core
* 1CPU core
* 1GB RAM
* 8GB RAM
* 50GB HDD
* HDD's: 20GB OS / 200GB /home
* Debian Wheezy 64bit<br/>
* Debian 13 (trixie) 64bit<br/>
Running service's include  
Running service's include  
* SSH
* SSH
Line 13: Line 15:
* MySQL
* MySQL
* SAMBA
* SAMBA
* MQTT
==File manager access==
Every member can create an unencrypted folder on the shared folder on the JARVIS server (/home/shared).
===Linux===
It should be possible to connect by going to smb://jarvis/shared.
===Windows===
Connect to \\jarvis\shared
==SSH access==
:{{note|SSH and web address use the ''all lowercase'' form of your HMS <username>}}
===Local network===
On the local network JARVIS can be accessed via SSH using password or key.
;Using a Linux terminal
ssh <username>@jarvis
Enter your HMS <password> when prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').
You will likely need to use <code>ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa <username>@jarvis</code> with more modern SSH clients.
;Using Linux file manager
Select 'Connect to server' with settings:
:type: SSH / SFTP
:host: jarvis
:login: <username>
You will be prompted to enter your HMS <password>.
===Internet access===
JARVIS is accessible from the the internet on jarvis.nottinghack.org.uk port 3000. However, from the internet you will need to using a [[Wikipedia:Public-key cryptography|key]] to login, not your HMS <password>. This requires configuring your client computer (that will access JARVIS over the internet) and your JARVIS user account (as server). Part of the set up requires being logged into the Hackspace's network; therefore the whole set up can not be done over the internet.
;1 - Get SSH key from client
If your client computer hasn't got an SSH key, create one using:
ssh-keygen
You can create a key with a password (we'll refer to this as <key password>).
This creates two key in the directory '~/.ssh':
:The private key 'id_rsa' or 'id_ed25519' - don't share this one.
:The public one 'id_rsa.pub' or 'id_ed25519.pub' - bring this one to Hackspace
;2 - SSH public key to Hackspace server
The public key needs to be appended to the 'authorized_keys' file on your JARVIS user account. SSH into JARVIS on a computer connected to the local Hackspace network.
ssh-copy-id <username>@jarvis
Enter your HMS <password> when prompted.
It's worth ensuring the permissions for the authorized_keys file is correct. If the permissions are too open, the ssh server will assume its untrusted.
  chmod 700 .ssh
  chmod 600 .ssh/authorized_keys
;3 - SSH access from server
Your client computer should now be able to SSH into JARVIS over the internet.
;Using a Linux terminal
ssh <username>@jarvis.nottinghack.org.uk -p 3000
Enter your <key password> if prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').
;Using Linux file manager
Select 'Connect to server' with settings:
:type: SSH / SFTP
:host: jarvis.nottinghack.org.uk
:port: 3000
:login: <username>
Or go to <nowiki>sftp://<username>@jarvis.nottinghack.org.uk:3000/</nowiki>
If prompted to enter your <key password>.
====Resources====
*[http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password SSH with authentication key instead of password] - more detailed explanation of SSH keys
===Link to folder in /home/shared===
If using Nautilus to SSH to your account on JARVIS it can be handy to link to folder in /home/shared.
After connecting using SSH, the folder will be '/home/<lowercase HMS username>'. Create a link to the desired folder using:
ln -s /home/shared/<folder_name> <link name>
Clicking on <link name> will take you to '/home/shared/<folder_name>'.
==Webpage access==
:{{note|SSH and web address use the ''all lowercase'' form of your HMS <username>}}
Members can have a webpage hosted at an address based on their username.


===SSH Access===
Your 'public_html' directory is on JARVIS at '/home/<username>/public_html'. Your 'index.html' file goes here.
Jarvis is accessible from the the internet on jarvis.nottinghack.org.uk port 3000, or can be ssh'd into from the hackspace Intranet using the name JARVIS and the usual port of 22.<br/>
From the Intranet both password and key login are enabled, however from the internet you will need to use [http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password key login]; this effectively means that the first time you connect to JARVIS, you must do so from the Hackspace network.


===HTTP/Web Access===
This is served at web address:
As we only have one external IP address, WEB/port 80 connections to JARVIS are proxied by [[Holly]]. Your public_html directory on JARVIS can be found at <nowiki>http://jarvis.nottinghack.org.uk/~</nowiki>''<HMS username>''.
<nowiki>http://jarvis.nottinghack.org.uk/~</nowiki>''<username>''.


===File manager Access===
Http/s connections to jarvis.nottinghack.org.uk are proxied by [[Holly]].
Every member can create an unencrypted folder on the shared folder on the JARVIS server.


====Linux====
==See also==
In Nautilus on Ubuntu:
* [[Holly]] - not freely accessible by members as it is mission critical
* Browse Network > Windows Network > nottinghack > JARVIS > Shared
** Enter Hackspace username and password in the dialogue box, leave other options as found


[[Category:Network]]
[[Category:Network]]
[[Category:Software]]
[[Category:Software]]

Latest revision as of 13:58, 5 December 2025

JARVIS (10.0.0.4) is a sandbox VM accessible to any member. It has a shared directory accessible from the space's networked computers, it can host member webpages and can be used via SSH. Computers can also be configured to access JARVIS via the internet using SSH.

Note Note: December 2025 - Jarvis has been replaced with a new Jarvis! If you've ssh'd into it before, you'll receive a warning about the host key changing. You can fix this by running ssh-keygen -R jarvis.nottinghack.org.uk and ssh-keygen -R '[jarvis.nottinghack.org.uk]:3000'.


Specs

Like Holly, JARVIS is a VM running on Collective, it currently has the following resources

  • 1CPU core
  • 8GB RAM
  • HDD's: 20GB OS / 200GB /home
  • Debian 13 (trixie) 64bit

Running service's include

  • SSH
  • Apache with PHP5
  • MySQL
  • SAMBA
  • MQTT

File manager access

Every member can create an unencrypted folder on the shared folder on the JARVIS server (/home/shared).

Linux

It should be possible to connect by going to smb://jarvis/shared.

Windows

Connect to \\jarvis\shared

SSH access

Note Note: SSH and web address use the all lowercase form of your HMS <username>

Local network

On the local network JARVIS can be accessed via SSH using password or key.

Using a Linux terminal
ssh <username>@jarvis

Enter your HMS <password> when prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').

You will likely need to use ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa <username>@jarvis with more modern SSH clients.

Using Linux file manager

Select 'Connect to server' with settings:

type: SSH / SFTP
host: jarvis
login: <username>

You will be prompted to enter your HMS <password>.

Internet access

JARVIS is accessible from the the internet on jarvis.nottinghack.org.uk port 3000. However, from the internet you will need to using a key to login, not your HMS <password>. This requires configuring your client computer (that will access JARVIS over the internet) and your JARVIS user account (as server). Part of the set up requires being logged into the Hackspace's network; therefore the whole set up can not be done over the internet.

1 - Get SSH key from client

If your client computer hasn't got an SSH key, create one using: 

ssh-keygen

You can create a key with a password (we'll refer to this as <key password>).

This creates two key in the directory '~/.ssh':

The private key 'id_rsa' or 'id_ed25519' - don't share this one.
The public one 'id_rsa.pub' or 'id_ed25519.pub' - bring this one to Hackspace
2 - SSH public key to Hackspace server

The public key needs to be appended to the 'authorized_keys' file on your JARVIS user account. SSH into JARVIS on a computer connected to the local Hackspace network. 

ssh-copy-id <username>@jarvis

Enter your HMS <password> when prompted.

It's worth ensuring the permissions for the authorized_keys file is correct. If the permissions are too open, the ssh server will assume its untrusted. 

 chmod 700 .ssh
 chmod 600 .ssh/authorized_keys
3 - SSH access from server

Your client computer should now be able to SSH into JARVIS over the internet.

Using a Linux terminal
ssh <username>@jarvis.nottinghack.org.uk -p 3000

Enter your <key password> if prompted. You will be logged on as '<username>@jarvis' and be in your home directory ('/home/<username>' AKA '~').

Using Linux file manager

Select 'Connect to server' with settings:

type: SSH / SFTP
host: jarvis.nottinghack.org.uk
port: 3000
login: <username>

Or go to sftp://<username>@jarvis.nottinghack.org.uk:3000/

If prompted to enter your <key password>.

Resources

Link to folder in /home/shared

If using Nautilus to SSH to your account on JARVIS it can be handy to link to folder in /home/shared.

After connecting using SSH, the folder will be '/home/<lowercase HMS username>'. Create a link to the desired folder using: 

ln -s /home/shared/<folder_name> <link name>

Clicking on <link name> will take you to '/home/shared/<folder_name>'.

Webpage access

Note Note: SSH and web address use the all lowercase form of your HMS <username>

Members can have a webpage hosted at an address based on their username.

Your 'public_html' directory is on JARVIS at '/home/<username>/public_html'. Your 'index.html' file goes here.

This is served at web address: http://jarvis.nottinghack.org.uk/~<username>.

Http/s connections to jarvis.nottinghack.org.uk are proxied by Holly.

See also

  • Holly - not freely accessible by members as it is mission critical
Retrieved from "https://wiki.nottinghack.org.uk/index.php?title=JARVIS&oldid=32039"