diff --git a/capsulflask/landing.py b/capsulflask/landing.py index 8161352..299c405 100644 --- a/capsulflask/landing.py +++ b/capsulflask/landing.py @@ -28,6 +28,10 @@ def faq(): def about_ssh(): return render_template("about-ssh.html") +@bp.route("/troubleshooting-ssh") +def troubleshooting_ssh(): + return render_template("troubleshooting-ssh.html") + @bp.route("/changelog") def changelog(): return render_template("changelog.html") diff --git a/capsulflask/templates/about-ssh.html b/capsulflask/templates/about-ssh.html index 676c532..17340a7 100644 --- a/capsulflask/templates/about-ssh.html +++ b/capsulflask/templates/about-ssh.html @@ -191,7 +191,14 @@ (the tilde ~ here represents the user's home directory, /home/username on linux, C:\Users\username on Windows, and - /Users/username on MacOS). + /Users/username on MacOS). +
+ ++ Also, note that as the .ssh folder's name starts with a period, it is a "hidden" folder. + This just means that your operating system's Graphical User Interface (GUI) will not display it by default. + All operating systems have a way to enable "Show Hidden Files" in the GUI, otherwise you can always access it via the + command line.
diff --git a/capsulflask/templates/capsul-detail.html b/capsulflask/templates/capsul-detail.html index c864b88..e2370ce 100644 --- a/capsulflask/templates/capsul-detail.html +++ b/capsulflask/templates/capsul-detail.html @@ -105,6 +105,9 @@ +
f1-x: gitlab (wow such memory very devops)
f1-xx: something gargantuan
-ssh to the ip provided to you using the cyberian user.
$ ssh cyberian@1.2.3.4
For more information, see Understanding the Secure Shell Protocol (SSH).
See Troubleshooting SSH.
+The cyberian user has passwordless sudo access by default. This should work:
diff --git a/capsulflask/templates/troubleshooting-ssh.html b/capsulflask/templates/troubleshooting-ssh.html new file mode 100644 index 0000000..6d5c3a3 --- /dev/null +++ b/capsulflask/templates/troubleshooting-ssh.html @@ -0,0 +1,110 @@ +{% extends 'base.html' %} + +{% block title %}SSH Troubleshooting{% endblock %} + +{% block content %} ++{% endblock %} + +{% block subcontent %} +Why can't I SSH to my capsul?
+ ++{% endblock %} + +{% block pagesource %}/templates/about-ssh.html{% endblock %} ++ There are a few common reasons why your SSH command might not be working: +
+ ++
+ + + + +- + The command wasn't quite formatted correctly or had a typo. +
++
+- The correct format is: ssh cyberian@<ip-address>
+ +- Here's an example: ssh cyberian@69.61.2.166
+- + The username or ip address wasn't right. +
++
+- + Unless you set up a different user for yourself, + the default username for logging into a capsul will always be cyberian +
+- + Although we try our best to prevent this, in some situations the IP address of a capsul can change. + You can always get up-to-date IP address information for your capsuls at + https://capsul.org/console +
+- + Your SSH key is not configured correctly, or the key(s) you have configured don't match + the one you uploaded to capsul.org and assigned to your capsul when you created it. +
++
+- + The ssh command line application (OpenSSH Client) looks for keys to use in + ~/.ssh. + It will try to use each key that it finds there until either one of them works, it runs out of keys to try, + or the server tells it "too many failed attempts" and closes the connection. +
+
+
+ (the tilde ~ here represents the user's home directory, + /home/username on linux, + C:\Users\username on Windows, and + /Users/username on MacOS). +
+
+ Also, note that as the .ssh folder's name starts with a period, it is a "hidden" folder. + This just means that your operating system's Graphical User Interface (GUI) will not display it by default. + All operating systems have a way to enable "Show Hidden Files" in the GUI, otherwise you can always access it via the + command line. +- + You can also specify an additional key file for ssh to try using with the -i flag. + For example: ssh -i /path/to/my/key_file cyberian@<ip-address> +
+- + You may also use the ssh-keygen command to generate a new key-pair, however this + won't help you if you are locked out of your existing capsul. +
+- + If you lost your SSH key permanently, sorry, but we cannot help you log into your capsul. Our policy is we + do not touch capsuls after they are created. +
+- + You happen to have a lot of SSH keys, and you are being trolled by the SSH client. +
++
+- + Like I mentioned, OpenSSH Client will try to use each key that it finds in ~/.ssh + until either one of them works, it runs out of keys to try, or the server tells it + "too many failed attempts" and closes the connection. +
+- + If you specify an additional key file for ssh to try using with the -i flag, + it won't try that one first. Personally I consider this to be extremely toxic behavior. It is what it is. +
+- + Here's the solution: + superuser.com: how-do-i-configure-ssh-so-it-doesnt-try-all-the-identity-files-automatically + +
+
+
+ Add the -o IdentitiesOnly=yes flag to tell it to only + attempt the keys specified on the command line with -i +
+
+ Full example: ssh -o IdentitiesOnly=yes -i test_rsa_2 cyberian@<ip-address> +