IRC log of #novawebdev for Friday, 2023-07-14

« Thursday, 2023-07-13 Index Saturday, 2023-07-15 »
*** thomas has quit (None)10:49
*** tboimah has quit (Remote host closed the connection)11:43
*** scooper has quit (Quit: Leaving)12:03
*** fkoikoi has quit (Ping timeout: 480 seconds)12:21
mulbahHello12:44
ubuntouristmulbah, hello13:02
mulbahHello Mr. Cole13:02
mulbahHow are you doing13:03
ubuntouristmulbah, are we expecting tboimah and scooper?13:03
ubuntouristmulbah, I'm quite well. Happy making lots of music in recent days. How are you doing?13:03
mulbahI am not feeling too well13:04
mulbahthey will soon turn online13:04
ubuntouristOh... I will try to go slow then. I hope you feel better soon.13:05
mulbahThanks13:05
mulbahbut I got it working13:05
mulbahthe ssh key13:05
mulbahssh XDzDRgNPU2GnKewuqVXVCFnxK@lon1.tmate.io13:05
ubuntouristYes, I checked this morning approximately one hour ago, and saw that everyone appeared to have the13:06
ubuntouristright files.13:06
mulbahokay13:07
ubuntouristmulbah, I think, if possible, I'd like to do the "ssh" to the students.mcssliberia.org server. 13:07
mulbahwhy13:08
mulbahIt's cool13:08
ubuntouristWell, that's the system that you will all be administering. But if it's simpler, we can continue with yours.13:09
ubuntouristBut, I am hoping that tmate can be installed quickly. Is it only13:09
ubuntouristsudo apt install tmate13:10
ubuntouristor did you also13:10
mulbahthat is my system tmate link i send you13:10
ubuntouristsudo apt install tmate-ssh-server13:10
mulbahshould I run the command on my terminal13:11
ubuntouristYes, I know. But in order to install tmate on the MCSS server, is it only tmate installed? Or is it tmate-ssh-server installed as well?13:11
ubuntourist(We can't use tmate on MCSS until it is installed, and I see there are two packages with "tmate" in the name. "tmate" and "tmate-ssh-server".13:12
ubuntouristI am asking if you installed both on your computer or only one?13:13
ubuntouristHold.13:13
mulbahonly one13:13
ubuntouristok. So just tmate. Got it.13:14
mulbahyeah13:14
ubuntouristI was hoping to wait for our two other colleages to show up so that I don't need to repeat everything three times.13:20
ubuntouristBut maybe we should just start and they can read the logs, and get info from you later.13:20
mulbahshould13:21
mulbah*sure*13:21
ubuntouristHold on one second more. I need to take care of something on my computer. It will only be a short delay.13:21
mulbahACTION is waiting13:22
ubuntouristOK. Back now.13:23
mulbahAlright13:24
ubuntouristWhen you start a shared session on your computer, what do you type? Just "tmate"? And it provides the ssh command?13:24
ubuntouristOK.13:26
mulbahalright13:27
ubuntouristLet's start with a way  to make logging into MCSS server even easier.13:27
ubuntouristYou can create abbreviations for all the computers that you ssh to.13:28
ubuntouristType:13:28
ubuntouristnano .ssh/conifig13:28
mulbahshould I ssh into the server before doing it13:29
ubuntouristNo. We're setting up something on YOUR compuer that will make it easier to SSH to the server.13:30
ubuntouristSo tboimah and scooper will need to do it on their computers also.13:30
mulbahI can now ssh into the server without password 13:30
mulbahand I show the other it13:30
mulbahlet me show you13:31
ubuntouristI know. But the file I want to create will be for you.13:31
mulbahwhat do you mean 13:31
ubuntouristRight now, you have to type "ssh mulbah@students.mcssliberia.org".  What if we can set it up so that "ssh mcss" is all you need to type?13:33
mulbahoh 13:34
mulbahthat is cool 13:34
ubuntourist(or "ssh liberia" or "ssh server" or whatever you want. All of them can go to "mulbah@students.mcssliberia.org"13:34
mulbahMr. Cole I was thinking of some thing 13:34
ubuntouristBut the file lives on YOUR computer -- because if scooper tries "ssh mcss" we don't want it to try "mulbah@..." we want his to use "scooper@..."13:35
ubuntouristOK, go ahead. What are you thinking?13:35
mulbahlike naming a Variable MCSS and giving it a value mulbah@students.mcssliberia.org13:37
mulbahand instill of typing ssh mulbah@students.mcssliberia.org i just type ssh $MCSS13:39
mulbahwill it work?13:39
ubuntouristGood thought. That WILL work. You would add the variable in your ~/.profile and you would need to log out of your terminal and log in again... But there's a better way.13:39
mulbahokay13:41
ubuntouristSo, Start with:13:42
ubuntouristnano .ssh/config13:42
ubuntouristThis is SSH's configuration file.13:43
ubuntouristLet's start by adding a comment to the top.13:43
mulbahwhat should I type for the comment13:43
ubuntourist# Last modified by Mulbah K <your-email-here> 2023.07.14 (mk)13:44
mulbahokay13:44
ubuntourist(You can put your full last name and e-mail address in.13:44
ubuntouristMy personal file starts with the line:13:45
ubuntourist# Last modified by Kevin Cole <kjcole@gallaudet.edu> 2022.11.05 (kjc)                        13:45
ubuntouristNo. It should be an e-mail address. Not your ssh login.13:46
ubuntouristIt is a comment. If someone else looks at the file, they should have a way to contact you.13:47
mulbahokay13:47
ubuntouristACTION waits for the change.13:48
ubuntouristOK! Now the fun part that actually does the work:13:48
mulbahdone13:48
ubuntouristMaybe you ssh to more than one computer. Or you will in the future. Sometimes to the MCSS server, and as you start doing13:49
ubuntouristwork for other people, you will ssh into their servers. 13:50
ubuntouristSo, this file has sections. I like to call them "stanzas" which is a musical and poetry term, but it is used for sections in computer files too.13:50
ubuntouristWe are going to make a "stanza" for the MCSS server.13:51
ubuntouristPut in a blank line and then another comment:13:51
ubuntourist# 2023.07.14 - MCSS server13:51
ubuntourist#13:51
ubuntouristWe're making a comment that says WHAT this stanza is for, and WHEN we created it.13:52
mulbahokay13:52
ubuntouristNext line:13:52
ubuntouristHost students.mcssliberia.org13:53
ubuntouristNow the next two lines are indented two spaces. Right where you are now (no empty line):13:54
ubuntourist  User mulbah13:54
ubuntourist  ForwardX11Trusted yes13:55
ubuntourist(NO EMPTY LINE. INDENT TWO SPACES.)13:55
ubuntouristNot two tabs. two spaces.13:55
mulbahis that it13:55
mulbahoh okay13:56
ubuntouristThat's it. And now the second line above that starts with Forward...13:56
ubuntouristTrusted is spelled wrong. Fix it.13:57
ubuntouristGreat!13:58
ubuntouristWe've got a few more lines to add, but let me explain that part first.13:58
mulbahokay13:59
ubuntouristIf you save it now, you will be able to say  "ssh student.mcssliberia.org" and it will look in the file and say "Oh. I see: you want me13:59
ubuntouristto log into the User mulbah."13:59
ubuntouristYou have set the default user for the computer students.mcssliberia.org to "mulbah".14:00
ubuntouristThe second line is a little harder to explain, and actually not necessary... yet -- especially with your bad network connections.14:01
mulbahI have a good network connection now14:01
mulbahI am at my house 14:02
ubuntouristThe second line says "If there is an application program on MCSS that uses graphics -- like maybe something that will play a game on the server14:02
mulbahI did not go to the lab today because I'm not feeling well14:02
ubuntouristit needs to be able to send the graphics to my computer. I am explixitly telling the my computer 'Trust graphics coming from the server. Allow the server to draw on my screen."14:03
ubuntouristIn technical terms, you are telling the server to "forward all X11 windowing system information" but it means the server has14:04
ubuntouristpermission to draw and paint on your screen.14:04
ubuntourist...14:04
ubuntouristNow onto improvint it. A few more lines, without empty lines:14:05
ubuntouristNo indentation:14:05
ubuntouristHost mcss14:05
ubuntouristActually, the first line is not indented but the next three are indented two spaces. Type:14:06
ubuntouristHost mcss14:06
ubuntourist  Hostname students.mcssliberia.org14:07
ubuntourist  User mulbah14:07
ubuntourist  ForwardX11Trusted yes14:07
ubuntourist(Type the four lines above.)14:07
mulbahokay14:08
mulbahACTION done14:10
ubuntouristI would remove the blank line above Host mcss.14:10
mulbahACTION done14:11
ubuntourist(It's not necessary, but in the future, as you add more computers it will be easier to see that this stanza is all together.14:11
ubuntouristCtrl-X 14:11
ubuntouristY14:11
mulbahI did14:11
ubuntouristENTER14:11
ubuntouristls  -l .ssh14:12
ubuntouristls -l14:12
ubuntourist(most config is better. <grin>14:12
mulbahokay14:13
mulbahso should I ssh-copy-id into the server14:13
ubuntouristOne more thing to check: We want to make sure the permissions on the file are correct.14:13
ubuntouristls -l14:13
ubuntouristDash L like above.14:14
ubuntouristOK. Do you see at the start of each line the "-rw...." Those are the file permissions.14:14
mulbahoaky14:15
ubuntouristBecause ssh is the "SECURE SHELL" -- security is important. We do not want to give too many permissions to files.14:15
ubuntouristYou are the only one who uses your computer. But Linux does not know that. It always assumes that there might be other users14:16
ubuntouristwho can login to your computer, with a different user name. And it lets you share files with them. But...14:16
ubuntouristsome files you do NOT want to share.14:16
ubuntouristthe permissons break down into four parts. The first is a single, special letter that shows if a file is "unsual". If it is a "-" it is14:17
ubuntourista normal file. If it is a "d" it is a directory. (See the last file in the ls that you typed.)14:18
ubuntouristif it is an "l" then it is a symbolic link, which we talked about last time. There are a few other special letters, but we won't worry about those yet.14:18
ubuntouristThe next nine characters are three groups of three letters "rwx" or "---" or some combination of the two.14:20
ubuntouristAre you understanding so far?14:20
mulbahyeah14:21
ubuntouristFor "config" right now it reads "-rw-rw-r--" which breaks apart as "-", "rw-", "rw-" and "r--".14:21
ubuntouristThis means it's a "normal file" (not a directory, not a symbolic link) "-". The next three sections explain who can do what with the file.14:22
ubuntouristThe first three "rw-" means that the OWNER -- that's you -- is granted the permissions to Read the file (r) like with less or most, Write to the file (like with nano or vim)14:23
ubuntouristbut you cannot eXecute ("x") the file. In other words, it should not be considered as an application program.14:24
ubuntouristSo "rw-"14:24
ubuntouristThe second set "rw-" again says that other users that are in the same GROUP as you can do the same: They can read from and write to the file.14:25
ubuntouristSystem administrators can create groups, and assign several users to the same group.14:25
ubuntouristIn a large co-op, maybe three people will be working on a web site for a school and five other people will be developing a web site for a hospital.14:26
ubuntouristYou want to put 3 people in 1 group and let them share school-related files, and 5 in another group and let them share hospital-related files.14:27
ubuntouristBut you don't want people in the hospital group to overwrite and edit the school web site files. So you want separate groups14:28
ubuntouristand separate permissions.14:28
ubuntouristThe third set of permissions is OTHER -- everyone who is NOT you, and NOT in your group. Right now, they can only Read "r--" the config14:29
ubuntouristUnderstand?14:29
mulbahyeah14:31
mulbahi'm understanding14:31
ubuntouristWhenever you create a new file with nano, or vim, or lots of other programs. It sets the default permission to "-rw-rw-r--" But... for config, it did the wrong thing.14:32
ubuntouristYou do NOT want anyone else to read or modify the file.14:32
ubuntouristSo we are going to change the permission on that file.14:33
ubuntouristThe permissions are sometimes called "permission modes". The command to change them is "chmod" for "change modes"14:34
ubuntouristYou should probably read up on chmod. But for now, we're just going to change the mode quickly so we can continue. Type the next two lines:14:35
ubuntouristchmod 600 config14:35
ubuntouristls -l14:35
ubuntouristSee how the permissions on config have changed?14:36
mulbahyeah14:37
ubuntouristYou have disabled GROUP and OTHER users so that they cannot see or touch that file.14:37
ubuntouristNOW try "ssh mcss"14:38
mulbahit have change from -rw-rw-r-- 114:38
mulbahto -rw------- 114:38
mulbahokay14:38
ubuntourist(The "1" is something else. Not important for a very long time.)14:39
ubuntouristYou can exit again.14:39
ubuntouristBecause I forget a lot, I have set up TWO configurations on my computer for mcssliberia: I can type:14:40
ubuntouristssh students.mcssliberia.org14:41
ubuntouristssh mcss14:41
ubuntouristssh liberia14:41
ubuntouristAll three of those, on my computer, mean "kjcole@students.mcssliberia.org"14:41
ubuntouristOn my computer, that "stanza" looks like:14:44
ubuntourist# MCSS Liberia14:44
ubuntourist#14:44
ubuntouristHost students.mcssliberia.org14:44
ubuntourist  User kjcole14:44
ubuntourist  ForwardX11Trusted yes14:44
ubuntouristHost liberia14:44
ubuntourist  Hostname students.mcssliberia.org14:44
ubuntourist  User kjcole14:44
ubuntourist  ForwardX11Trusted yes14:44
ubuntouristHost mcss14:44
ubuntourist  Hostname students.mcssliberia.org14:44
ubuntourist  User kjcole14:45
ubuntourist  ForwardX11Trusted yes14:45
mulbah07_so you can create more than two configurations files14:45
ubuntouristRIGHT. 14:46
mulbah07_okay14:46
ubuntouristNow. If you have a DIFFERENT computer to ssh to -- NOT students.mcssliberia.org --14:46
ubuntouristadd an empty line, and a new comment and follow the same pattern. For example, I log into Jeff's students comptuer with:14:47
ubuntourist# Governor's Career and Technical Academy14:48
ubuntourist#14:48
ubuntouristHost students.gctaa.net14:48
ubuntourist  User kjcole14:48
ubuntouristHost gctaa14:48
ubuntourist  Hostname students.gctaa.net14:48
ubuntourist  User kjcole14:48
ubuntouristKeep a blank, empty line betweeen stanzas.14:48
ubuntouristAnd, when you edit the file, change the date on the comment line that says 14:48
ubuntourist# Last modified by ...14:48
*** mulbah has quit (Ping timeout: 480 seconds)14:49
ubuntouristDid you get all of that? I see your connection is dropping sometimes now.14:49
mulbahyeah I get all14:50
ubuntouristOK... Well, share it with tboimah and scooper14:51
mulbahalright14:51
mulbahbut I don14:51
ubuntouristWe've only got nine minutes left, but we talked about a lot. Maybe, since you are not feeling well, we can just stop early.14:52
mulbahbut I don't think that I have an account on the students.gctaa.net server14:52
ubuntouristAnd your solution with the environment variable "ssh $MCSS" was an excellent idea. Bravo!14:52
mulbahThanks14:53
ubuntouristmulbah, I only showed that as an example. I wanted to show that I can have many different computers in the .ssh/config file.14:53
mulbahokay14:53
ubuntouristEach one starts with a comment telling me what computer the stanza is for.14:53
ubuntouristThen a short part with the full name of the computer. Then sections with my abbreviated name for the computer.14:54
ubuntouristMaybe one abbreviated name, like for jeff's school "gctaa" or maybe multiple names for yours "mcss" and "liberia".14:55
ubuntouristKnowing that you can add more computers to the file as you start doing work on lots of computers is very helpful.14:56
ubuntouristIt gets painful to remember all the usernames and host computer names.14:56
ubuntouristI have 179 stanzas -- 179 computers that I can use SSH with. (Some of those are very old, and probably don't exist now. I really should go through the config file and clean it up...)14:58
ubuntouristAnd, it's 10:59. Time to quit.14:59
mulbahokay see you monday15:00
ubuntouristSee you then! Feel better.15:00
mulbahthanks for the day15:00
ubuntouristBye!15:00
mulbahOkay I will15:00
*** ubuntourist has quit (Quit: Leaving)15:00
*** mulbah has quit (Quit: Leaving)15:39
*** user23 has left #novawebdev (None)19:55
« Thursday, 2023-07-13 Index Saturday, 2023-07-15 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!