Build Bulletproof VPS and Proof of Stake POS Altcoin to earn Interest 24/7 with Custom Made Firewall - Accumulating ESPERS and earning 25% Interest
This is a step by step guide to staking Espers on a secure vps. This guide is mostly for people who are new to staking cryptocurrencies but there are references for those who want to explore more advanced topics. This guide should be enough to enable anyone to build Espers from source and stake their coins in bulletproof vps 24/7.
Espers is currently trading at a historically low price of less than $.0002 and I have begun to accumulate steadily. Espers has an active development team and began developing blockchain applications long before many current icos began promising more of the same. I believe ESP is at a low price and hopefully will even go lower giving me time to accumulate more while earning interest in the process.
Upon completing these instructions you will have
Coin Tech Details
Ticker: ESP
Algorithm: HMQ1725
Block Time: 5 Minutes
POW Reward: 500 ESP/Block – 7500 ESP/SuperBlock
POS Interest: 25% Annually
Total Supply: 50 Billion
Actual Supply: 20 Billion
Getting the VPS
Getting a VPS may take some time to find. I have been using the same company for years with complete satisfaction but feel free to look around for the best deals. Make sure the company you deal with is reputable as these will be the only people besides you who can access your backend.
I prefer a basic server with no additional options or support. Another important feature is the ability to reinstall the OS for free as it is easy to make mistakes when setting up a VPS. Rather than backtrack and undo problems it is often easier just to start over with a clean build.
I have been using this provider for over a year and could not say enough great things about it. I have staked Espers and made a bullet proof VPS with this provider for months and have used their services over one year.
I always use linux and a recent UBUNTU build. In this case ubuntu xenial with 6144 MB RAM.
Once the vps is setup and there is an ip and password ssh into the vps from a terminal on your home computer.
For VPS ipaddress I'll use 111.111.111.111
After purchasing a vps the ip address should be given as well as a root password.
Log into terminal as root and enter the following commands:
Building the Environment
[email protected]$ apt-get update && apt-get upgrade -y
echo 'deb-src ftp://ftp.us.debian.org/debian/ sid main contrib non-free' >> /etc/apt/sources.list
apt-get update
if you get a key error after updating you can add the keys
GPG error: Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
resolved by
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 7638D0442B90D010
Select yes or ok for everything then make sure everything is up to date.
Then update and upgrade
apt-get update
apt-get upgrade -y
Sometimes the vps may have vim as the text editor. I prefer nano and will use nano here in the tutorial. Uninstall vim if it exists on the vps and install nano.
apt-get remove vim -y
apt-get install nano
Sometimes locale errors occur when building cryptos from source. This may help avoid future locale errors.
sudo apt-get install --reinstall language-pack-en
sudo locale-gen en_US en_US.UTF-8
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
Change Repositories if Necessary
check the sources.list
nano //etc/apt/sources.list
build a new sources.list
With an internet browser go to https://repogen.simplylinux.ch/ check all the boxes for the main ubuntu repositories.
copy and paste the newly generated sources.list into //etc/apt/sources.list
Also make sure the debian repo is in the sources.list file
deb-src ftp://ftp.us.debian.org/debian/ sid main contrib non-free
to save the updated sources.list with nano control+x y enterapt-get update
apt-get upgrade -y
Change SSH Port
Here I use 5449 for the ssh port. You should be currently logged in to the default ssh port (port 22) it is recommended to use a high port number so as not to conflict with established services that use other ports. Any number above 5000 should be fine as long as it is not the same ports used by the crypto server to connect. Any ports from 1 to 1000 are restricted to root processes.
Make sure you keep your port number safe like a password. I would recommend keeping a record offline of
VPS IP and PORT
root password
wallet address
any key pairs you use with the wallet (optional since we will not be closing the wallet)
Change ssh port from 22 to another port (5449 in this example)
Sometimes there are two files controlling the port and locale options we will change here. I didn't include this in the earlier steps because we are changing a port. Soon all ports will be changed.
If you do not find anything in one of these files then it is not being used. Safely exit nano with CONTROL+X
If you see both then port 22 should only be active on one of these files. Port 22 should be changed and all locale options should be commented out. If there are two files ( ssh_config and sshd_config) then both will contain LANG variables that should be commented out.
In both or one of these files (depending on the install)
nano //etc/ssh/ssh_config
nano //etc/ssh/sshd_config
comment out AcceptEnv LANG LC_*
like the example below
#Allow client to pass locale environment variables
#AcceptEnv LANG LC_*
Also change port 22 to your port (5449 in this example)
Close and save the file(s) with:
CONTROL + X
y
ENTER
then type in the terminal
/etc/init.d/ssh restart
exit
Now try to login again to the vps. If you receive any errors just follow the instructions from the terminal.
ssh 111.111.111.111 -p 5449
Build the Firewall
Block all ports except for ssh and Espers
Here you must be careful not to lock yourself out of the server. We are doing this now while the server is fresh and can be easily rewritten with a new OS. This is what I like about my vps. There is no charge to erase everything and reinstall a new operating system. It is done from the management section of the vps providers website.
*Remember to change the ssh port (default port 22) to the one you selected or you will be locked out when ports are blocked! Port 22 the default ssh port will be blocked.
In the terminal type
cd //opt
iptables-save > iptables.rules
Now we can look at the current iptable configuration. There are probably no rules as it a clean build but there will be some header commands that should not be altered.
nano iptables.rules
copy and paste to bottom of the iptables.txt file before the line that says "COMMIT"
Make sure to change the ssh port here to your port from the previous step.
#set default policy to drop
-P INPUT DROP
-P OUTPUT DROP
-P FORWARD DROP
#accept everything on all ports on localhost
-A INPUT -i lo -j ACCEPT
#allow established connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#allow input on port 22, (established connections auto accepted)
#USE YOUR SSH PORT HERE OR YOU WILL BE LOCKED OUT
-A INPUT -p tcp --dport 5449 -m state --state NEW,ESTABLISHED -j ACCEPT
#allow traffic going to specific outbound ports for Espers port=22448 rpcport=22442
#These are ports that Espers will use to stake coins and sync with the blockchain
-A INPUT -p tcp --dport 22448 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp --dport 22442 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp --dport 22448 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp --dport 22442 -m state --state NEW,ESTABLISHED -j ACCEPT
#This is not used here but is kept as a reference in case you want to open other ports
#Just replace 80 with the port you want to use or add more
#-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
#-A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
#drop anything that doesnt match the rules above
#traffic to and from every other port will be blocked
-A INPUT -j DROP
-A OUTPUT -j DROPNow make the changes permanent
Copy the new rules to the etc folder
cp iptables.rules /etc/iptables.rules
CONTROL+X
y
ENTER
The iptables have not been installed in the system yet but will be soon and installed with persistance across system restarts. First make sure the iptables were copied correctly into the /etc folder and work with the system.
cd /etc
ls
See if the file iptables.rules is there now. You may have to press SHIFT PgUP to scroll up. If it is there as it should be since it was copied there in the last step we can now implement the rules.
iptables-restore < iptables.rules
If you are suddenly locked out it is because you forgot to change the ssh port in the iptables. The system will have to be reinstalled and you must start over. This should be a free service. Just go to the vps providers website and log in. Then go to the management section. Reinstall the OS and start over.
If everything is fine then type
iptables -S
Do you see the rules? No errors? Great. Now it is time to make the rules persistant.
For now we will change the iptables configuration so that the iptables will start everytime the system is rebooted. If the VPS goes down for any reason or you just want to reboot there will be no need to restore the iptables. Without this the iptables are erased every time the system is restarted.
Different systems have different configurations with regards to iptables so two methods will be provided.
If the server has an iptables-config or iptables6-config file then it should be edited accordingly:
First look in etc to see if there is a system configuration folder named sysconfig. This is most likely the case in a Centos operating system but Ubuntu uses an rc.local file for this.
if so then the iptables configuration files will be there and may be under a different name.
in /etc look for sysconfig
ls
if no sysconfig folder there should be a rc.local file
******for sysconfig***********
Enter the sysconfig file
cd /etc/sysconfig
ls
If there is a sysconfig folder then :
nano /etc/sysconfig/iptables-config
if there is a separate IPv4 iptables configuration then it should be changed too. If not just ignore this step.
nano //etc/sysconfig/iptables6-config
Edit
IPTABLES_SAVE_ON_STOP="yes" or IPTABLES_SAVE_ON_RESTART="yes"
Close nano and save
CONTROL+X
y
ENTER
For Ubuntu rc.local
My Ubuntu VPS has an rc.local file where persistant iptable rules can be implemented.
nano /etc/rc.local
copy this line and past it in the location as indicated below:
iptables-restore < /etc/iptables.rules
rc.local file sample
######################################rc.local#################################################
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
iptables-restore < //etc/iptables.rules
exit 0
#############################################################################################
Save and exit nano
CONTROL+X
y
ENTER
Now it is time to reboot the system and see if the iptables will still be in effect
log back in
ssh 111.111.111.111 -p 5449
when logged in check to see that the iptables are still intact
iptables -S
you should see all the rules you established and since you were able to log in then the firewall is complete.
If you cannot see the firewall rules then check to see if the rules are in /etc and make sure the instructions were followed correctly.
Installing Dependencies
Once logged into the VPS over the new port get the dependencies required to build the crytocoin server.
Some prefer to build openssl, boost, and berkley database from source. I would rather use preinstalled builds and get everything running quickly. There may be some unneccessary dependencies here but I want to make sure everything is loaded and even have what I need in the event I want to use the VPS for future development.
Installing dependencies will ensure that the crypto source code builds correctly. These depenencies can also also be used for development or building other cryptos.
Next enter these commands into the terminal to build the dependencies
sudo apt-get install -y git build-essential cmake libssl-dev autoconf autotools-dev doxygen libncurses5-dev libreadline-dev libtool screen libicu-dev libbz2-dev libqrencode-devapt-get update
apt-get build-dep bitcoin -y
apt-get --install-recommends install libbitcoin-dev
Make sure all dependencies are installed and extras. Some of these should already be installed but it doesnt hurt to check again.
sudo apt-get install -y libboost-all-dev libminiupnpc-dev libssl-dev libcurl4-openssl-dev software-properties-common g++
sudo apt-get install -y libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-program-options-dev libboost-test-dev libboost-thread-dev install libevent-dev libgmp-dev libdb-dev libdb++-dev fail2ban
Here are the dependencies as required by the developer https://espers.io/blog/getting-espers-wallet-and-setting-it-up/only necessary for building the gui wallet on a desktop. for the vps these are unnecessary.
apt -y install libqt5gui5 libqt5core5a libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler libqrencode-dev
Building Espers
cd /opt
git clone https://github.com/CryptoCoderz/Espers.git
cd /Espers/src
chmod +x leveldb/build_detect_platform
make -f makefile.unix
strip Espersd
./Espersd &
Let the dameon run for a few minutes to make sure everything is working then
./Espers stop
Now edit the configuration file username and password
nano //root/.ESP/Espers.conf
Only delete these 2 lines
user name
password
save and exit nano
CONTROL+X
y
ENTER
then run the daemon again to get a new username and password combination.
./Espersd
Wait for the daemon to fail and provide a new username and password that can be copied and pasted into the conf file.Copy the new user name and password then enter into the conf file.
nano //root/.ESP/Espers.conf
if everything is working go back to the source code and restart the daemon
cd //opt/Espers/src
./Espersd &
Remember that ./Espersd commands will only work in the Espers install location. Here it is in /opt/Espers/src
get the wallet address
./Espersd getaccountaddress n
and check the wallet for any issues
./Espersd checkwallet
./Espersd getinfo
root@vpsxxxxx://opt/Espers/src# ./Espersd getinfo"version" : "v0.8.6.8-Patch 0 Alpha", "protocolversion" : 60029, "walletversion" : 60029, "balance" : 0.00000000, "newmint" : 0.00000000, "stake" : 0.00000000, "blocks" : 401409, "timeoffset" : 0, "moneysupply" : 18973194169.72466278, "connections" : 16, "proxy" : "", "ip" : "01.02.03.04", "difficulty" : "proof-of-work" : 0.08776241, "proof-of-stake" : 288747997.52498209 , "testnet" : false, "keypoololdest" : 1501455588, "keypoolsize" : 101, "paytxfee" : 0.00010000, "mininput" : 0.00000000, "errors" : ""
now make sure all the vps information is saved offline
111.111.111.111 -p 5449
coinaddress
cryptos such as espers must be left open to stake. be very careful if encrypting the wallet. it is better to play around with a 0 balance account if you want to learn the commands. commands can be found by entering
./Espersd help
or go to https://github.com/CohibAA/bitcoin-cli_command-line-options
It may take a while for the blockchain to download and sync with the peers so it is better to wait a few hours before sending any coins to the new address. If you know the block height then you can see if it has completed syncing using
./Espersd getinfo
You will see the blocks steadily increasing as Espers downloads the blockchain. You can find out how many blocks there are by checking the blockchain explorer here
First send a small amount of coins to make sure that all the information is correct and the build is functioning properly.
Send it to the address Espers gives you from the command
./Espersd getaccountaddress n
This is the address you send coins to for staking in the VPS.
You may get different account addresses each time but the coins will go into the same wallet. To get your coins out just enter
./Espersd sendtoaddress (Espersaddress) (amount)No need to comment but the Espersaddress should be the one you are sending coins to (out of the vps). make sure you are in the right directory (in this example //opt/Espers/src) to run commands. The daemon should continue to run even after logging out if using ./Espers &. If the server restarts then the daemon will shutdown but at least most ports are blocked protecting the wallet in //root/.ESP/wallet.dat
Below are some references that may be useful as well
References
https://github.com/CohibAA/bitcoin-cli_command-line-options
https://en.wikipedia.org/wiki/Proof-of-stake
Read my other articles.
i caught it too late in the dependencies. Remove "install" from the command.
Change
sudo apt-get install -y libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-program-options-dev libboost-test-dev libboost-thread-dev install libevent-dev libgmp-dev libdb-dev libdb++-dev fail2ban
to
sudo apt-get install -y libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-program-options-dev libboost-test-dev libboost-thread-dev libevent-dev libgmp-dev libdb-dev libdb++-dev fail2ban
Nice post! I will follow you from now on.
great thanks!