You are viewing a single comment's thread from:

RE: l0k1's Compleat Witness Management System

in #witness-category8 years ago

It's not perfectly foolproofed yet... and there is a complicated part in my setup involving requiring the operator to put the details of one's pair of primary and secondary witnesses ssh address and port, but I think once I have this function to do replay tested and working, I'm gonna leave it alone for a bit.

I started out with about 6 shortcut commands and now there's about 20! The documentation needs to be fleshed out a lot more too. I think as it is now, with good docs that clearly explain what you have to do, that it's gonna be as good as foolproof. All possible improvements from what I've got now are little fiddly things that aren't that important.

Sort:  

Well, we know that if they were able to change it, then it should be no problem. Isn't it 22 by default?

yep, and there is soooo many bots on the net bruteforcing ssh logins to root out there... so many distros by default still have root allowed, my hosting service, for example, the password is strong but out of the box a fresh install on a node is on port 22 with root allowed.

I change it, of course, and this is recommended procedure. It makes me nervous to disable root, and then go further and disable password login altogether, in case I break the firewall or SSH configuration and have to start from scratch. But then, I forget that my host has a rescue thing that would let me go in and allow password login again if I lost the certificate.

But yeah, it's gonna be in my guide. I wrote a guide to doing a chemical extraction many years ago (14!). I am going to write a guide to setting up a witness next (maybe next week, depends on priorities and necessity). The only irritating bit is needing to explain the preliminary setup for several distros but once python, pip and docker are installed the rest is the same.

OH, I'd forgot that you had a chemist background profile. After teaching that, anything that needs methodical instructions it a piece of cake :D

Unfortunately though, there's more complexity in the witness node setup process than an extraction. Or maybe I am just saying that because I did so many already I can recite it like a poem.

Coin Marketplace

STEEM 0.21
TRX 0.26
JST 0.039
BTC 96177.02
ETH 3370.51
USDT 1.00
SBD 3.07