Other HUB nodes: Difference between revisions

From XPUB & Lens-Based wiki
Line 31: Line 31:
* Student project IPs last number should have 3 digits
* Student project IPs last number should have 3 digits


In your Pi: Disable ssh with password (allow ssh with sshkey only)
In your Pi: Add your laptop's ssh public key
ensure:
* getting and copying your laptop's ssh public key  
* you laptops ssh public key is in your Pi ~/.ssh/authorized_keys: <code>cat  ~/.ssh/authorized_keys</code>
** <code>cat ~/.ssh/id_ed25519.pub </code>
* edit /etc/ssh/sshd_config: <code>sudo nano /etc/ssh/sshd_config</code  
* add it to Pi's ~/.ssh/authorized_keys:
** <code>sudo nano ~/.ssh/authorized_keys</code>
 
 
In your Pi: Disable ssh with password (allow ssh with sshkey only):
* edit sshd_config file:
**  <code>sudo nano /etc/ssh/sshd_config</code>
* uncomment the line: <code>#PasswordAuthentication no</code>
* uncomment the line: <code>#PasswordAuthentication no</code>
* to: <code>PasswordAuthentication no</code>
** so it becomes: <code>PasswordAuthentication no</code>
* reload ssh: <code>sudo systemctl reload ssh</code>
* reload ssh:  
** <code>sudo systemctl reload ssh</code>
 


=== For XPUB Staff (with sudo in XVM)===
=== For XPUB Staff (with sudo in XVM)===


Create a [[Tinc]] invitation links to each node [[HUB#Adding_a_new_thing]]
Create a [[Tinc]] invitation links to each node [[HUB#Adding_a_new_thing]]


Ask gnd to associate the Pi user's username + ssh pubkey with the Pi IP
Ask gnd to associate the Pi user's username + ssh pubkey with the Pi IP

Revision as of 13:32, 14 May 2020


Adding new Node to HUB

For graduation projects or some Special issues, the XPUB HUB Node: Sandbox might not be adequate, add new nodes can be added the XPUB HUB Tinc network This page describes how to do it

Steps to add a new Node to HUB

For Pi user (with sudo/root)

Use this template to fill in all the fields and you go through the process

    user: psc
    Node name: ?XYZ?
    IP: 10.0.0.???
    url: https://hub.xpub.nl/?XYZ?
    ssh public key:
    ?????????@??


In your Pi: (or other Unix machine connected to the internet) create a user adduser with same username as used in the Sandbox Pi

  • Keeping it the same as in the sandbox - will make things easier for us and gnd (no need to give him again your public ssh key)

In your Pi: Add your laptop's user's public ssh key to your Pi user account in ~/.ssh/authorized_keys

In your Pi: Install Tinc on the Pi. The instructions can be found in the Tinc page

Add your chosen Node name and IP to HUB#IP_allocation

  • Student project IPs last number should have 3 digits

In your Pi: Add your laptop's ssh public key

  • getting and copying your laptop's ssh public key
    • cat ~/.ssh/id_ed25519.pub
  • add it to Pi's ~/.ssh/authorized_keys:
    • sudo nano ~/.ssh/authorized_keys


In your Pi: Disable ssh with password (allow ssh with sshkey only):

  • edit sshd_config file:
    • sudo nano /etc/ssh/sshd_config
  • uncomment the line: #PasswordAuthentication no
    • so it becomes: PasswordAuthentication no
  • reload ssh:
    • sudo systemctl reload ssh


For XPUB Staff (with sudo in XVM)

Create a Tinc invitation links to each node HUB#Adding_a_new_thing

Ask gnd to associate the Pi user's username + ssh pubkey with the Pi IP