Test server/connecting

From DPWiki
Jump to navigation Jump to search
Exquisite-khelpcenter.png Note

The content of this page is developer-centric, and not relevant to user testing on the test server.

You can either shell into the host (e.g., using ssh) and edit files there (e.g., using vi or emacs), or edit another copy of a file on your local machine, and then upload that into your sandbox (e.g., using scp).

Keys

Instead of using a password to log into the test server, now you have to use RSA keys. 'RSA' cryptography relies on the difficulty of factoring a large integer pq (the public key) into prime factors p (the private key) and q, provided p and q are large and randomly-chosen. (This is a small over-simplification; the link points to a wikipedia article containing more complete details.)

In order to log on to the test server securely, you generate an RSA key pair on your computer, and have a squirrel install the public key on the test server. The private key is kept on your computer; only someone in possession of the private key can log on using the key pair.

The method for creating keys varies by operating system.

Windows

In Windows the PuTTYgen program can create the keys that you need.

  1. Download PuTTYgen if you don't have it. If you use WinSCP, you probably already have it (possibly in the Start Menu, under WinSCP3 > Keys Tools > PuTTYgen). It's a small .exe file that doesn't need to be unzipped, installed, or anything; you can open it up as soon as it's finished downloading.
  2. Use PuTTYgen to create your keys. Open up PuTTYgen. Keep the default type at the bottom (SSH-2 RSA) and click the Generate button. It asks you to move your mouse around in the top box in order to create some randomness. Keep doing that until the progress bar goes all the way across. Then it will work on generating the key for a bit; wait for it to finish.
  3. Save the public key. The public key appears in the text box near the top. You can save it by clicking on the "Save public key" button. Save it as a plain text file (with .txt extention).
  4. Save the private key. Type in something for the passphrase, and type it in again in the "Confirm passphrase" box. Then click the "Save private key" button, which will automatically save the private key as a special type of file (.ppk). Be sure to note your passphrase, as there's no way to recover it if you forget.
  5. Send the public key to a squirrel. You can open the text file and copy & paste the contents (into an email, PM, or Jabber window), or attach the text file to an email.
  6. Wait for the squirrel to tell you that your key is installed, then try to log in.

Alternatively, you can install Windows subsystem for Linux and install a suitable distro app (e.g. Ubuntu) to run the bash shell. The instructions to follow are as for Gnu/Linux below.

GNU/Linux

  1. Install openssh if you don't have it. There are '.deb' (Debian, Ubuntu) and '.rpm' (Red Hat, SuSE) packages, or you can compile the programs from source. Be sure to get the most recent stable version.
  2. Use ssh-keygen to create an RSA key pair. At a command prompt, type 'ssh-keygen -t rsa'. This creates a public key ~/.ssh/id_rsa.pub, and a private key ~/.ssh/id_rsa. You will be prompted to enter and confirm a pass phrase for the private key. Press 'return' both times for an empty pass phrase (recommended, see notes below). If the keys are created elsewhere, move them into a directory named '.ssh' (dot ssh) in your home directory. The directory name is important.
  3. Send the public key to a squirrel. Paste the contents of ~/.ssh/id_rsa.pub into an email, PM, or Jabber window, or attach the file to an email. Wait for the squirrel to tell you that your key is installed.
  4. Try to log in. Issue the command 'ssh <username>@www.pgdp.org'. (N.B. 'pgdp.org', not 'pgdp.net'.) If you get a command prompt on pgdp.org or are prompted for the private key's pass phrase, everything works. If you are prompted for a password, something is broken.
  5. Security notes. If the private key has an empty pass phrase, anyone possessing the private key can log on to the test server as you. (This is convenient and safe; just don't let anyone use your account unless you trust them!) If the pass phrase is non-empty, it must be typed in every time you log on to the test server. (The added safety is not that great, and the inconvenience is substantial.) There is no way to recover a lost or forgotten pass phrase. If you lose the pass phrase of a private key, you must generate a new RSA key pair and have the new public key installed on the test server.
  6. Troubleshooting. If you are unable to log in, here are steps to try.
    • Be sure the private key is not readable by anyone but you: 'chmod 600 ~/.ssh/id_rsa'.
    • Be sure you have your correct user name, and that you are connecting to www.pgdp.org, not www.pgdp.net.

Mac OS X

Mac OS X includes all tools necessary to generate private keys. Follow the #GNU/Linux instructions above starting in step 2.


Logging in

Windows

A couple options for logging into the test server in Windows are PuTTY and WinSCP. If you are familiar with Unix, PuTTY allows you to log in at the command line. If you're not familiar with Unix, WinSCP will probably be easier to use.

WinSCP

This Windows program allows you to drag & drop files between your local computer and your sandbox on the test server. It also has a simple text editor that allows you to edit the files in the sandbox without downloading/saving/uploading in separate steps. You can download it here.

Before logging into the test server make sure that you've saved your public and private keys, as described above. When you open WinSCP, select "Session" at the left. Fill in the information:

  • Host name: www.pgdp.org
  • User name: the userid that you selected when requesting the sandbox
  • Private key file: click on the "..." button to the right, navigate to where you saved the .ppk file, and open it.

Click the Save button at the bottom to save this info, so that you won't have to put it in every time.

Click the Login button. It will ask you for your passphrase. Type that in and you should be able to connect.

PuTTY

See the PuTTY website. This is a Windows program that allows you to log into a Unix machine (such as the DP test server) using the command line.

[please fill in details!]

Windows subsystem for Linux

If you have opted to use the Windows subsystem for Linux, then you can use the GNU/Linux instructions below. This option should only be used by people familiar with the bash shell command line.

GNU/Linux

Once you are able to log on by typing 'ssh <username>@www.pgdp.org' at a command prompt (using your actual user name, of course!), you can set up a configuration file to simplify the login command. The 'canonical' configuration file is '~/.ssh/config', the tilde signifying your home directory. Open this file in a text editor, and add the stanza

 host dptest
       HostName                        www.pgdp.org
       User                            <username>
       StrictHostKeyChecking           ask
       IdentityFile                    ~/.ssh/id_rsa

(Please do 'man 5 ssh_config' for details on the content and format of the ssh config file.)

Replace <username> with your actual user name. If the file is set up as shown, the command 'ssh dptest' will log you on to the test server.

scp. In addition to remote login, Openssh also provides the 'scp' (secure copy) command, which allows you to transfer files securely between machines. The syntax is similar to the *nix 'cp' command -- 'scp <source> <dest>' -- but the source and/or destination file(s) may reside on a remote machine. Files on a machine are specified with the syntax 'host:<filename>'. If the hostname is omitted, the local machine is assumed.

For example, 'scp -p chaos.txt <username>@www.pgdp.org:order.txt' securely copies the local file 'chaos.txt' to the file 'order.txt' on the test server, preserving the timestamps and permission flags (the '-p' option). Files are copied from the remote machine to the local machine analogously. The destination filename '.' (dot) preserves the name: 'scp -p snert.zip <username>@www.pgdp.org:.' copies 'snert.zip' to the test server. Finally, if you set up a config file as described earlier, the sample copy commands could be issued as 'scp -p chaos.txt dptest:order.txt' and 'scp -p snert.zip dptest:.', respectively.