Difference between revisions of "SPO600 Servers"

From CDOT Wiki
Jump to: navigation, search
(Simplified SSH Access)
(Common SSH Problems)
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
[[Category:SPO600]]
 
[[Category:SPO600]]
{{Admon/important|Backup Your Data|These computers are NEVER backed up. Please save all important files on other storage. '''These machines may fail, be removed or be reinstalled at any time.'''}}
+
{{Admon/important|Backup Your Data|These computers are NEVER backed up. Please save all important files on other storage. '''These machines may fail, be removed, be upgraded, or be reinstalled at any time.'''}}
 
In [[SPO600]], remote access to servers is provided for learning and project work. It is recommended that you also set up [[SPO600 Host Setup|a personal Linux system]].
 
In [[SPO600]], remote access to servers is provided for learning and project work. It is recommended that you also set up [[SPO600 Host Setup|a personal Linux system]].
  
Line 6: Line 6:
 
== Preparatory Steps ==
 
== Preparatory Steps ==
  
In order to gain access to these computers, you must send an [[SSH]] key to your [[User:Chris Tyler|professor]].
+
In order to gain access to these computers, you must send an [[SSH]] key to your [[User:Chris Tyler|professor]]. Please follow these instructions exactly:
  
 
# Follow the steps outlined under [[SSH#Using_Public_Keys_with_SSH|Using Public Keys with SSH]] to create your key.
 
# Follow the steps outlined under [[SSH#Using_Public_Keys_with_SSH|Using Public Keys with SSH]] to create your key.
# Copy the public key (<code>id_rsa.pub</code> or <code>id_dsa.pub</code>) to a file named <code>''yourUserId''.pub</code> -- for example, if your chosen user ID is "jldoe", save the key in the file <code>jldoe.pub</code> using a command such as: <code>cp ~/.ssh/id_rsa.pub ''jldoe''.pub</code>
+
# Copy the public key (<code>id_rsa.pub</code> or <code>id_dsa.pub</code>) to a file named <code>''yourUserId''.pub</code> -- for example, if your chosen user ID is "jldoe", save the key in the file <code>jdoe.pub</code> using a command such as: <code>cp ~/.ssh/id_rsa.pub ''jdoe''.pub</code>
 
# Attach that file to an e-mail message and send it to [mailto:chris.tyler@senecacollege.ca chris.tyler@senecacollege.ca] with the subject line "SPO600 Key".
 
# Attach that file to an e-mail message and send it to [mailto:chris.tyler@senecacollege.ca chris.tyler@senecacollege.ca] with the subject line "SPO600 Key".
  
Line 18: Line 18:
 
== Available Servers ==
 
== Available Servers ==
  
=== AArch64: aarchie, bbetty, ccharlie ===
+
{{Admon/important|Changes for Fall 2019|The server configuration for Fall 2019 has changed -- previous mentions of these systems by name may have referred to different hardware. Note that additional servers may be added as the semester proceeds.}}
  
The current, main [[ARMv8]] AArch64 system known as '''aarchie''' or '''archie'''. This is a system that is currently located inside the [[EHL]]. To connect to this system, you have to go through the EHL gateway on port 2200.
 
  
If you're using a command-line ssh system, you can issue a command such as this:
+
=== AArch64: aarchie ===
  
ssh -p 2200 ''username''@ehl.cdot.systems
+
A main AArch64 system is available, known as''aarchie''. You can access this system at the hostname aarchie.cdot.systems; if you're using a command-line ssh system, you can access aarchie with a command such as this:
  
Two secondary AArch64 systems have been added, known as ''bbetty'' (or ''betty'') and ''ccharlie'' (or ''charlie''). These systems are also located inside the [[EHL]]. Bbetty has 16GB of RAM and 200GB of space in <code>/home</code>, while ccharlie has 8GB of RAM and 40GB of space in <code>/home</code>.
+
ssh ''username''@aarchie.cdot.systems
  
Bbetty is accessed on port 2202:
 
  
ssh -p 2202 ''username''@ehl.cdot.systems
+
=== AArch64: bbetty ===
  
And ccharlie is accessed on port 2205:
+
An additional AArch64 system is known as ''bbetty''. This is a system that is currently located inside the [[EHL]]. To connect to this system, you have to go through the EHL gateway on port 2200.
 +
 
 +
If you're using a command-line ssh system, you can issue a command such as this:
 +
 
 +
ssh -p 2200 ''username''@ehl.cdot.systems
  
ssh -p 2205 ''username''@ehl.cdot.systems
 
  
 
=== x86_64: xerxes ===
 
=== x86_64: xerxes ===
  
Our x86_64 server is known as '''xerxes'''.
+
The x86_64 server system is known as ''xerxes''. If you're using a command-line ssh system, you can access xerxes with a command such as this:
 
 
If you're using a command-line ssh system, you can issue a command such as this:
 
  
 
  ssh ''username''@xerxes.cdot.systems
 
  ssh ''username''@xerxes.cdot.systems
 
  
 
== Simplified SSH Access ==
 
== Simplified SSH Access ==
  
If you're using OpenSSH (the ssh client used on most Linux systems and other platforms), you can simplify complex ssh command lines by placing host connection details in the file <code>~/.ssh/config</code>:
+
If you're using OpenSSH (the ssh client used on most Linux systems and other platforms), you can simplify ssh command lines by placing host connection details in the file <code>~/.ssh/config</code>:
  
Host "aarchie"
+
<!-- Host "aarchie"
 
         hostname "ehl.cdot.systems"
 
         hostname "ehl.cdot.systems"
 
         user "YourUserID"
 
         user "YourUserID"
Line 66: Line 64:
 
  Host "xerxes"
 
  Host "xerxes"
 
         hostname "xerxes.cdot.systems"
 
         hostname "xerxes.cdot.systems"
         user "YourUserId"
+
         user "YourUserId" -->
 +
 
 +
Host "aarchie"
 +
        hostname "aarchie.cdot.systems"
 +
        user "YourUserID"
 +
 +
Host "bbetty"
 +
        hostname "ehl.cdot.systems"
 +
        user "YourUserID"
 +
        port 2200
 +
 +
Host "xerxes"
 +
        hostname "xerxes.cdot.systems"
 +
        user "YourUserID"
 +
 
  
 
Once you have added these lines (inserting your user ID where appropriate) and set the permission on that file (<code>chmod 0600 ~/.ssh/config</code>) you can use these commands to access the servers:
 
Once you have added these lines (inserting your user ID where appropriate) and set the permission on that file (<code>chmod 0600 ~/.ssh/config</code>) you can use these commands to access the servers:
  
 
  ssh aarchie
 
  ssh aarchie
 +
 
  ssh bbetty
 
  ssh bbetty
  ssh ccharlie
+
   
 
  ssh xerxes
 
  ssh xerxes
  
Line 99: Line 112:
 
Remember that these machines are multi-user systems. Use the <code>w</code> or <code>who</code> commands to see who else is using them; you can also try using the <code>write</code> command to communicate with another user if required.
 
Remember that these machines are multi-user systems. Use the <code>w</code> or <code>who</code> commands to see who else is using them; you can also try using the <code>write</code> command to communicate with another user if required.
  
 +
 +
== OS Versions ==
 +
 +
Note that the servers may have different operating system releases.
  
 
== Backup Your Accounts ==
 
== Backup Your Accounts ==
Line 113: Line 130:
 
With other SSH clients:
 
With other SSH clients:
 
# Your key must be in OpenSSH format when you send it to your professor; this format is used by the default SSH client on Mac OS/X and Linux as well as PuTTY. If it is in SSH2 format, used by some other client programs, you can convert it with this command on a Linux system with OpenSSH (such as Matrix):
 
# Your key must be in OpenSSH format when you send it to your professor; this format is used by the default SSH client on Mac OS/X and Linux as well as PuTTY. If it is in SSH2 format, used by some other client programs, you can convert it with this command on a Linux system with OpenSSH (such as Matrix):
 +
 
  ssh-keygen -i -f ~/.ssh/''SSH2_PUBLIC_KEY_FILE''.pub > ~/.ssh/''OPENSSH_PUBLIC_KEY_FILE''.pub
 
  ssh-keygen -i -f ~/.ssh/''SSH2_PUBLIC_KEY_FILE''.pub > ~/.ssh/''OPENSSH_PUBLIC_KEY_FILE''.pub
  
 +
Your professor will do this automatically as part of the key processing; however, you will need to manually perform this step for any keys that you append to your <code>~/.ssh/authorized_keys</code> file(s).
  
 
== Disconnect/Reconnect Ability ==
 
== Disconnect/Reconnect Ability ==
  
 
The [[Screen Tutorial|screen]] utility provides disconnect/reconnect capability, which is very useful for unstable network connections, long interactive operations, and changing your work location.
 
The [[Screen Tutorial|screen]] utility provides disconnect/reconnect capability, which is very useful for unstable network connections, long interactive operations, and changing your work location.

Revision as of 18:13, 7 November 2019

Important.png
Backup Your Data
These computers are NEVER backed up. Please save all important files on other storage. These machines may fail, be removed, be upgraded, or be reinstalled at any time.

In SPO600, remote access to servers is provided for learning and project work. It is recommended that you also set up a personal Linux system.


Preparatory Steps

In order to gain access to these computers, you must send an SSH key to your professor. Please follow these instructions exactly:

  1. Follow the steps outlined under Using Public Keys with SSH to create your key.
  2. Copy the public key (id_rsa.pub or id_dsa.pub) to a file named yourUserId.pub -- for example, if your chosen user ID is "jldoe", save the key in the file jdoe.pub using a command such as: cp ~/.ssh/id_rsa.pub jdoe.pub
  3. Attach that file to an e-mail message and send it to chris.tyler@senecacollege.ca with the subject line "SPO600 Key".

An account will be created within a few work days of sending the key.

Idea.png
Check Your Key!
Your professor uses an automated script to create accounts, so the key must be valid, in the OpenSSH format, and correctly named in order to work successfully.

Available Servers

Important.png
Changes for Fall 2019
The server configuration for Fall 2019 has changed -- previous mentions of these systems by name may have referred to different hardware. Note that additional servers may be added as the semester proceeds.


AArch64: aarchie

A main AArch64 system is available, known asaarchie. You can access this system at the hostname aarchie.cdot.systems; if you're using a command-line ssh system, you can access aarchie with a command such as this:

ssh username@aarchie.cdot.systems


AArch64: bbetty

An additional AArch64 system is known as bbetty. This is a system that is currently located inside the EHL. To connect to this system, you have to go through the EHL gateway on port 2200.

If you're using a command-line ssh system, you can issue a command such as this:

ssh -p 2200 username@ehl.cdot.systems


x86_64: xerxes

The x86_64 server system is known as xerxes. If you're using a command-line ssh system, you can access xerxes with a command such as this:

ssh username@xerxes.cdot.systems

Simplified SSH Access

If you're using OpenSSH (the ssh client used on most Linux systems and other platforms), you can simplify ssh command lines by placing host connection details in the file ~/.ssh/config:


Host "aarchie"
        hostname "aarchie.cdot.systems"
        user "YourUserID"

Host "bbetty"
        hostname "ehl.cdot.systems"
        user "YourUserID"
        port 2200

Host "xerxes"
        hostname "xerxes.cdot.systems"
        user "YourUserID"


Once you have added these lines (inserting your user ID where appropriate) and set the permission on that file (chmod 0600 ~/.ssh/config) you can use these commands to access the servers:

ssh aarchie

ssh bbetty

ssh xerxes

You can similarly configure simplified access in most other SSH client programs.

SSH Access from Other Client Systems

If you wish to access the servers from additional computers, you can append the SSH public keys from those computers to the ~/.ssh/authorized_keys file.


Sudo Access

To perform operations which require privilege, such as installing software, use the sudo command to execute the desired instruction as the root user.

For example, to install the software packaged ncurses-devel, execute: sudo dnf install ncurses-devel on xerxes or sudo yum install ncurses-devel on betty. The commands are different because Xerxes is running Fedora, which has transitioned from the older yum system to dnf, while Betty is running LEAP (based on CentOS), which still uses the older system.

Stop (medium size).png
Danger! Use Superuser privilege at your Own Risk.
Note that the use of the superuser account via sudo removes almost all restrictions on what you can do. It is easily possible for you to completely destroy the operating system! Take your time, double-check your commands, and if in doubt, ask. Be aware that your actions may affect other users and vice-versa.
Stop (medium size).png
Do Not Build or Install Software Except Via RPM (dnf/yum)
Do not build or install software as the root user (using sudo), except in RPM form using the dnf or yum commands. Building or installing software as root may overwrite system files and be very difficult to track down.

It is OK to install software into your own directories (e.g., ~/bin or ~/local), which can be done without root privilege.

In order to use sudo, you will need to know your password. An initial random password is provided in the file ~/password.txt (note that your password will be different on each server). Feel free to change this with the passwd command -- not by editing the file, which is provided only for your information!


Multiuser Access

Remember that these machines are multi-user systems. Use the w or who commands to see who else is using them; you can also try using the write command to communicate with another user if required.


OS Versions

Note that the servers may have different operating system releases.

Backup Your Accounts

These accounts are never backed up, and the machines may fail, lose data, or be reinstalled without warning at any time. Please back up your work frequently by copying it to another system or storage device.


Common SSH Problems

With the OpenSSH client:

  1. Your ssh private key must be in your ~/.ssh directory (which must have 0700 permission) and the private key file must have 0600 permissions -- no more and no less.
  2. If your SSH public key is not named ~/.ssh/id_rsa, your SSH client may not automatically find it. You can specify the identity (private key) file using the -i argument to the SSH command.}}

With other SSH clients:

  1. Your key must be in OpenSSH format when you send it to your professor; this format is used by the default SSH client on Mac OS/X and Linux as well as PuTTY. If it is in SSH2 format, used by some other client programs, you can convert it with this command on a Linux system with OpenSSH (such as Matrix):
ssh-keygen -i -f ~/.ssh/SSH2_PUBLIC_KEY_FILE.pub > ~/.ssh/OPENSSH_PUBLIC_KEY_FILE.pub

Your professor will do this automatically as part of the key processing; however, you will need to manually perform this step for any keys that you append to your ~/.ssh/authorized_keys file(s).

Disconnect/Reconnect Ability

The screen utility provides disconnect/reconnect capability, which is very useful for unstable network connections, long interactive operations, and changing your work location.