diff --git a/capsulflask/landing.py b/capsulflask/landing.py index 8161352..299c405 100644 --- a/capsulflask/landing.py +++ b/capsulflask/landing.py @@ -28,6 +28,10 @@ def faq(): def about_ssh(): return render_template("about-ssh.html") +@bp.route("/troubleshooting-ssh") +def troubleshooting_ssh(): + return render_template("troubleshooting-ssh.html") + @bp.route("/changelog") def changelog(): return render_template("changelog.html") diff --git a/capsulflask/templates/about-ssh.html b/capsulflask/templates/about-ssh.html index 676c532..17340a7 100644 --- a/capsulflask/templates/about-ssh.html +++ b/capsulflask/templates/about-ssh.html @@ -191,7 +191,14 @@ (the tilde ~ here represents the user's home directory, /home/username on linux, C:\Users\username on Windows, and - /Users/username on MacOS). + /Users/username on MacOS). +

+ +

+ Also, note that as the .ssh folder's name starts with a period, it is a "hidden" folder. + This just means that your operating system's Graphical User Interface (GUI) will not display it by default. + All operating systems have a way to enable "Show Hidden Files" in the GUI, otherwise you can always access it via the + command line.

diff --git a/capsulflask/templates/capsul-detail.html b/capsulflask/templates/capsul-detail.html index c864b88..e2370ce 100644 --- a/capsulflask/templates/capsul-detail.html +++ b/capsulflask/templates/capsul-detail.html @@ -105,6 +105,9 @@ +

+ Can't log into your capsul? See Troubleshooting SSH +
@@ -202,8 +205,13 @@ SHA256:{{ key.sha256 }} ({{ key.key_type }}){% endfor %}
- (What's this? see Understanding the Secure Shell Protocol (SSH)) + What's this? see Understanding the Secure Shell Protocol (SSH)
+
+ Can't log into your capsul? See Troubleshooting SSH +
+ + {% endif %} {% endif %} diff --git a/capsulflask/templates/faq.html b/capsulflask/templates/faq.html index f27cab1..e266d22 100644 --- a/capsulflask/templates/faq.html +++ b/capsulflask/templates/faq.html @@ -19,13 +19,17 @@

f1-x: gitlab (wow such memory very devops)

f1-xx: something gargantuan

-
  • +
  • How do I log in?

    ssh to the ip provided to you using the cyberian user.

    $ ssh cyberian@1.2.3.4

    For more information, see Understanding the Secure Shell Protocol (SSH).

    • -
  • +
  • + Help, I still can't log into my capsul! +

    See Troubleshooting SSH.

    +
    • +
  • How do I change to the root user?

    The cyberian user has passwordless sudo access by default. This should work:

    diff --git a/capsulflask/templates/troubleshooting-ssh.html b/capsulflask/templates/troubleshooting-ssh.html
new file mode 100644
index 0000000..6d5c3a3
--- /dev/null
+++ b/capsulflask/templates/troubleshooting-ssh.html
@@ -0,0 +1,110 @@
+{% extends 'base.html' %}
+
+{% block title %}SSH Troubleshooting{% endblock %}
+
+{% block content %}
+  
    Why can't I SSH to my capsul?
    
+{% endblock %}
+
+{% block subcontent %}
+
    
+
+  
    
+    There are a few common reasons why your SSH command might not be working:
+  
    
+
+  
      
+    
    1. 
+      The command wasn't quite formatted correctly or had a typo.
+      
        
+        
      • The correct format is: ssh cyberian@<ip-address>
        • 
+
+        
      • Here's an example: ssh cyberian@69.61.2.166
        • 
+      
      
+    
      2. 
+    
    2. 
+      The username or ip address wasn't right.
+      
        
+        
      • 
+          Unless you set up a different user for yourself, 
+          the default username for logging into a capsul will always be cyberian
+        
        • 
+        
      • 
+          Although we try our best to prevent this, in some situations the IP address of a capsul can change.
+          You can always get up-to-date IP address information for your capsuls at 
+          https://capsul.org/console
+        
        • 
+      
      
+    
      3. 
+    
    3. 
+      Your SSH key is not configured correctly, or the key(s) you have configured don't match
+      the one you uploaded to capsul.org and assigned to your capsul when you created it.
+      
        
+        
      • 
+          The ssh command line application (OpenSSH Client) looks for keys to use in 
+          ~/.ssh. 
+          It will try to use each key that it finds there until either one of them works, it runs out of keys to try,
+          or the server tells it "too many failed attempts" and closes the connection.
+          
        
+          
        
+          (the tilde ~ here represents the user's home directory, 
+          /home/username on linux, 
+          C:\Users\username on Windows, and 
+          /Users/username on MacOS).
+          
        
+          
        
+          Also, note that as the .ssh folder's name starts with a period, it is a "hidden" folder. 
+  This just means that your operating system's Graphical User Interface (GUI) will not display it by default.
+  All operating systems have a way to enable "Show Hidden Files" in the GUI, otherwise you can always access it via the
+  command line.
+        
        • 
+        
      • 
+          You can also specify an additional key file for ssh to try using with the -i flag.
+          For example: ssh -i /path/to/my/key_file cyberian@<ip-address>
+        
        • 
+        
      • 
+          You may also use the ssh-keygen command to generate a new key-pair, however this
+          won't help you if you are locked out of your existing capsul.
+        
        • 
+        
      • 
+          If you lost your SSH key permanently, sorry, but we cannot help you log into your capsul. Our policy is we
+          do not touch capsuls after they are created.
+        
        • 
+      
      
+    
      4. 
+    
    4. 
+      You happen to have a lot of SSH keys, and you are being trolled by the SSH client.
+      
        
+        
      • 
+          Like I mentioned, OpenSSH Client will try to use each key that it finds in ~/.ssh
+          until either one of them works, it runs out of keys to try, or the server tells it 
+          "too many failed attempts" and closes the connection.
+        
        • 
+        
      • 
+          If you specify an additional key file for ssh to try using with the -i flag,
+          it won't try that one first. Personally I consider this to be extremely toxic behavior. It is what it is.
+        
        • 
+        
      • 
+          Here's the solution: 
+            superuser.com: how-do-i-configure-ssh-so-it-doesnt-try-all-the-identity-files-automatically
+          
+          
        
+          
        
+          Add the -o IdentitiesOnly=yes flag to tell it to only  
+          attempt the keys specified on the command line with -i
+          
        
+          
        
+          Full example: ssh -o IdentitiesOnly=yes -i test_rsa_2 cyberian@<ip-address>
+        
        • 
+      
      
+    
      5. 
+  
    
+
+
+  
+
+
    
+{% endblock %}
+
+{% block pagesource %}/templates/about-ssh.html{% endblock %}
+