Changes

SPO600 Servers

2,426 bytes added, 16:41, 21 February 2020

→‎Sudo Access

[[Category:SPO600]]

{{Admon/important|Backup Your Data|These computers are NEVER backed up. Please save all important files on other storage. '''These machines may fail, be removed , be upgraded, or be reinstalled at any time.'''}}

In [[SPO600]], remote access to servers is provided for learning and project work. It is recommended that you also set up [[SPO600 Host Setup|a personal Linux system]].

== Preparatory Steps ==

In order to gain access to these computers, you must send an [[SSH]] key to your [[User:Chris Tyler|professor]].Please follow these instructions exactly:

# Follow the steps outlined under [[SSH#Using_Public_Keys_with_SSH|Using Public Keys with SSH]] to create your key.

# Copy the public key (<code>id_rsa.pub</code> or <code>id_dsa.pub</code>) to a file named <code>''yourUserId''.pub</code> -- for example, if your ~~Seneca~~ chosen user ID is "jldoe", save the key in the file <code>~~jldoe~~jdoe.pub</code> using a command such as: <code>cp ~/.ssh/id_rsa.pub ''~~jldoe~~jdoe''.pub</code># Attach that file to an e-mail message and send it to [mailto:chris.tyler@senecacollege.ca chris.tyler@senecacollege.ca] ~~including~~ with the ~~course code~~ subject line "SPO600Key" ~~somewhere in the subject line~~.

An account will be created within a few work days of sending the key.

== Available Servers ==

~~=== AArch64 ===~~<!{{Admon/important|Server Changes|The server configurations have changed several times changed --previous mentions of these systems by name may have referred to different hardware. Note that servers may be added or removed as the semester proceeds.}} ==== AArch64: aarchie ====~~The first server is an [[ARMv8]]~~ A main AArch64 system is available, known as '''aarchie~~''' or '''archie'~~''. This is machine has a lot of weak cores. You can access this system ~~that is currently located inside~~ at the ~~[[EHL]]~~hostname aarchie.cdot. ~~To connect to this~~ systems; if you're using a command-line ssh system, you ~~have to go through the EHL gateway on port 2200~~can access aarchie with a command such as this: ssh ''username''@aarchie.cdot.systems

~~If you're using a command-line ssh system, and you are on the Seneca network, you can issue a command such as this~~=== AArch64:bbetty ===

~~ssh -p 2200~~ Another type AArch64 system is available as ''~~username~~bbetty''~~@ehl~~.~~internal~~This machine has a moderate number of low-medium cores.~~cdot~~This is a system that is currently located inside the [[EHL]]. To connect to this system, you have to go through the EHL gateway on port 2200.~~systems~~

~~To connect from outside Seneca~~If you're using a command-line ssh system, you can issue a command such as this:

ssh -p 2200 ''username''@ehl.cdot.systems

~~-->~~

~~==== betty ====~~

The current [[ARMv8]] AArch64 server system is known as '''betty''' (or '''bbetty'''). This system is located inside the [[EHL]]. To connect to this system, you need to connect through the EHL gateway on port 2201.

~~If you're using a command-line ssh system, and you are on the Seneca network, you can issue a command such as this:~~

~~ssh -p 2201 ''username''@ehl.internal.cdot.systems~~=== AArch64: ccharlie ===

Another AArch64 system similar to bbetty is named ''ccharlie''. This is a system that is currently located inside the [[EHL]]. To connect ~~from outside Seneca:~~to this system, you have to go through the EHL gateway on port 2205.

If you're using a command-line ssh ~~-p 2201 ''username''@ehl.cdot.systems~~system, you can issue a command such as this:

~~=== x86_64 ===~~ ssh -p 2205 ''username''@ehl.cdot.systems

~~==== xerxes ====~~

~~Our x86_64 server is known as '''xerxes'''.This system is located outside the [[EHL]] but is accessed through the EHL gateway from outside Seneca, using port 2202.~~=== AArch64: israel ===

~~If you~~A different AArch64 system is ''israel'~~re using~~ '. This machine has a ~~command~~good number of mid-~~line ssh~~ level cores. This system, is located outside of the EHL and ~~you are on the Seneca network, you~~ can ~~issue a command such as this~~be reached directly:

ssh ~~-p 2202~~ ''username''@~~ehl.internal~~israel.cdot.systems

~~Or you can connect directly:~~

~~ssh~~ === x86_64: xerxes~~.internal.cdot.systems~~===

~~To connect from outside Seneca:~~ ~~ssh -p 2201~~ The x86_64 server system is known as ''~~username~~xerxes''~~@ehl~~.~~cdot.systems~~If you're using a command-line ssh system, you can access xerxes with a command such as this:

ssh ''username''@xerxes.cdot.systems

== Simplified SSH Access ==

If you're using OpenSSH (the ssh client used on most Linux systems and other platforms), you can simplify ~~complex~~ ssh command lines by placing host connection details in the file <code>~/.ssh/config</code>:

<!-- Host "aarchie" hostname "ehl.cdot.systems" user "YourUserID" port 2200 Host "~~betty~~bbetty"

hostname "ehl.cdot.systems"

user "YourUserID"

port ~~2201~~2202

Host "~~betty-internal~~ccharlie" hostname "ehl~~.internal~~.cdot.systems" user "~~YourUserId~~YourUserID" port ~~2201~~2205

Host "xerxes"

hostname "xerxes.cdot.systems"

user "YourUserId" -->

Host "aarchie"

hostname "aarchie.cdot.systems"

user "YourUserID"

Host "bbetty"

hostname "ehl.cdot.systems"

user "~~YourUserId~~YourUserID" port ~~2202~~2200 Host "ccharlie" hostname "ehl.cdot.systems" user "YourUserID" port 2205 Host "israel" hostname "israel.cdot.systems" user "YourUserID"

Host "xerxes~~-internal~~" hostname "~~ehl.internal~~xerxes.cdot.systems" user "~~YourUserId~~YourUserID" ~~port 2202~~

Once you have added these lines (inserting your user ID where appropriate) and set the permission on that file (<code>chmod 0600 ~/.ssh/config</code>) you can use these commands to access ~~betty and xerxes from outside of Seneca~~the servers:

ssh ~~betty~~aarchie ssh bbetty ssh ccharlie ssh israel

ssh xerxes

~~Or these commands~~ You can similarly configure simplified access in most other SSH client programs. == SSH Access from Other Client Systems == If you wish to access ~~betty and xerxes~~ the servers from additional computers, you can append the SSH public keys from ~~inside Seneca:~~those computers to the <code>~/.ssh/authorized_keys</code> file.

~~ssh betty-internal~~

~~ssh xerxes-internal~~

== Sudo Access ==

{{Admon/caution|Danger! Use Superuser privilege at your Own Risk.|Note that the use of the superuser account via <code>sudo</code> removes almost all restrictions on what you can do. It is easily possible for you to completely destroy the operating system! Take your time, double-check your commands, and if in doubt, ask. Be aware that your actions may affect other users and vice-versa.}}

{{Admon/caution|Do Not Build or Install Software Except Via RPM (dnf/yum) or DEB (apt)|Do not build or install software as the root user (using <code>sudo</code>), except in RPM or DEB form using the <code>dnf</code>/<code>yum</code> or <code>~~yum~~apt</code> commands(as appropriate to the system). Building or installing software as root may overwrite system files and be very difficult to track down.<br /><br />It is OK to install software into your own directories (e.g., <code>~/bin</code> or <code>~/local</code>), which can be done without root privilege.}}

In order to use <code>sudo</code>, you will need to know your password. An initial random password is provided in the file <code>~/password.txt</code> (~~which is~~ note that your password will be different on each server). Feel free to change this with the <code>passwd</code> command -- not by editing the file, which is provided only for your information.!

== Multiuser Access ==

Remember that these machines are multi-user systems. Use the <code>w</code> or <code>who</code> commands to see who else is using them; you can also try using the <code>write</code> command to communicate with another user if required.

== OS Versions ==

Note that the servers may have different operating system releases.

== Backup Your Accounts ==

These accounts are ''never'' backed up, and the machines may fail, lose data, or be reinstalled without warning at any time. Please back up your work frequently by copying it to another system or storage device.

== Common SSH Problems ==

With the OpenSSH client:

# Your ssh private key must be in your <code>~/.ssh</code> directory (which must have 0700 permission) and the private key file must have 0600 permissions -- no more and no less.

# If your SSH public key is not named <code>~/.ssh/id_rsa</code>, your SSH client may not automatically find it. You can specify the identity (private key) file using the <code>-i</code> argument to the SSH command.}}

With other SSH clients:

# Your key must be in OpenSSH format when you send it to your professor; this format is used by the default SSH client on Mac OS/X and Linux as well as PuTTY. If it is in SSH2 format, used by some other client programs, you can convert it with this command on a Linux system with OpenSSH (such as Matrix):

ssh-keygen -i -f ~/.ssh/''SSH2_PUBLIC_KEY_FILE''.pub > ~/.ssh/''OPENSSH_PUBLIC_KEY_FILE''.pub

Your professor will do this automatically as part of the key processing; however, you will need to manually perform this step for any keys that you append to your <code>~/.ssh/authorized_keys</code> file(s).

== Disconnect/Reconnect Ability ==

The [[Screen Tutorial|screen]] utility provides disconnect/reconnect capability, which is very useful for unstable network connections, long interactive operations, and changing your work location.

Chris Tyler

Bureaucrats, Administrators

1,885

edits

Changes

SPO600 Servers

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

get involved with CDOT

courses

course projects

links

Tools