Access¶
SSH¶
Your server is accessible trough SSH by default. There are no personal SSH login users supported to ensure uniformity between SSH and web actions.
Hint
for security reasons, we allow key based logins only
Warning
Managed Server Version 5 is End of Life and no longer meets the security requirements of OpenSSH. If you are using a newer version of SSH, the following options are necessary:
ssh -o "HostkeyAlgorithms=+ssh-rsa" -o "PubkeyAcceptedAlgorithms=+ssh-rsa" devop@srv01.example.com
Every aspect of the configuration is controlled through our configuration management software. There is no root access possible neither for the customer or ourself.
Shortcuts and sudo configuration¶
Depending on the installed services, some shortcuts are available to execute certain commands with root privileges.
You will find a list of all shortcuts by typing help
.
Generic devop
user¶
A user named devop
is created by default. You can log into the server
with this user for debugging purposes or to execute some global tasks:
read access to all system log files in
/var/log/
puppet-agent
to trigger a manual configuration management runreboot
to trigger a manual server rebootdiskusage
to search for big files and foldersiptables-list
to list firewall rules and chainsiptables-rules
to show firewall rules
Hint
use the lnav
utility to display logs in a meaningful way (lnav ~/log/
as website user, lnav
as devop
user for global logs)
SSH client configuration¶
Add client configurations to /etc/ssh/ssh_config
by setting the
ssh::config
hash:
{
"ssh::config": {
"Host": "git",
"HostName": "code.example.com",
"User": "git"
}
}
Hint
use man ssh_config
(online version) for available configuration options
SFTP¶
After adding your publickey to the server, is it possible to connect over SFTP. We recommend to use one of the following clients:
Hint
To store your key in the memory and not having to enter the password for every connection - use pageant (Windows) or ssh-add it (Linux)
FTP¶
There is no FTP daemon installed by default. Please consider to use SSH/SCP when possible. If you really need access by FTP, follow the instructions on FTP Service.