Difference between revisions of "Shells FAQ"

From Insomnia 24/7 Wiki
Jump to: navigation, search
(Requesting questions)
(What distro is the shell server running?)
 
(9 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
=== What distro is the shell server running? ===
 
=== What distro is the shell server running? ===
  
:The Insomnia 24/7 shell server runs Debian stable. (Debian GNU/Linux 10 at the time of writing.)
+
:The Insomnia 24/7 shell server runs Debian stable. (Debian GNU/Linux 11 at the time of writing.)
  
 
== Registration questions ==
 
== Registration questions ==
Line 62: Line 62:
  
 
=== What is the correct ssh fingerprint? ===
 
=== What is the correct ssh fingerprint? ===
:'''Older style md5 fingerprints'''
+
:'''Older style fingerprints'''
 
:59:77:97:0c:b5:eb:4a:97:7b:70:80:01:0e:0e:a6:7a (DSA)
 
:59:77:97:0c:b5:eb:4a:97:7b:70:80:01:0e:0e:a6:7a (DSA)
 
:38:de:63:c3:a1:22:6b:8f:77:01:74:7c:51:68:21:80 (ECDSA)
 
:38:de:63:c3:a1:22:6b:8f:77:01:74:7c:51:68:21:80 (ECDSA)
Line 68: Line 68:
 
:f3:d4:58:1e:9d:19:76:a4:d8:0d:f3:d7:3e:e5:77:d0 (RSA)
 
:f3:d4:58:1e:9d:19:76:a4:d8:0d:f3:d7:3e:e5:77:d0 (RSA)
  
:'''Newer style sha256 fingerprints'''
+
:'''Newer style fingerprints'''
 
:UG0/xiMxWtPTvKW5YnTEnzF26esIatOxLZlvzuX74Xc (DSA)
 
:UG0/xiMxWtPTvKW5YnTEnzF26esIatOxLZlvzuX74Xc (DSA)
 
:NmKlNte4cL3NcyS3Kd92nMpx/EAJbbJcCkv9kSmYCLM (RSA)
 
:NmKlNte4cL3NcyS3Kd92nMpx/EAJbbJcCkv9kSmYCLM (RSA)
 
:YbKaXxEI7wlZCF38XG24VritjKRD4euNWIn6UHDX7Jc (ECDSA)
 
:YbKaXxEI7wlZCF38XG24VritjKRD4euNWIn6UHDX7Jc (ECDSA)
 
:vufysvbqjKzDV8tf6+ax3ayJOEcx8otD8Mpq6JVBmAE (ED25519)
 
:vufysvbqjKzDV8tf6+ax3ayJOEcx8otD8Mpq6JVBmAE (ED25519)
 +
 +
:If you're using OpenSSH you can set the '''VerifyHostKeyDNS''' option to '''yes''' to automatically pull the fingerprints from our SSHFP DNS records.
 +
 +
=== Do you support authentication using ssh keys? ===
 +
:Yes, and we recommend you use this option.
 +
 +
=== Do you support 2-factor authentication? ===
 +
:For password based logins we support OTP codes. (The codes google authenticator and compatible apps produce.)
 +
:You can configure this for your account by running the "google-authenticator" command on your shell.
 +
:It is always a good idea to add this to you account if you can. Even if you also have ssh keys configured.
 +
:As a side note about OTP apps in general; I recommend finding one that will allow you to make backups of your configured codes. The standard google authenticator app does not allow this and this means you will lose access to your OTP codes if you lose/break/replace your phone.
  
 
=== Will my account expire? ===
 
=== Will my account expire? ===
 
:Short answer: No.
 
:Short answer: No.
:Long answer: Nooooooooooooooooooooooooooooo, at least not as long as we continue to host shells.
+
:Long answer: Nooooooooooooooooooooooooooooo, but if you do not log in for over a year your account will be archived. This means your files are moved to coldstorage, and your websites, databases and cronjobs are disabled. We will continue to accept email for your account. If you log in again after your account is archived you can un-archive it again using the "manager" command.
  
 
=== I lost my password, what should I do? ===
 
=== I lost my password, what should I do? ===
Line 111: Line 122:
 
=== Will you install an X server or other GUI server? ===
 
=== Will you install an X server or other GUI server? ===
 
:Since this is a shell server it is really not designed for graphical workloads. However if you really, really, really need some X buffer for whatever reason you can use the '''xvfb-run''' command to simulate a process with a minimal X server.
 
:Since this is a shell server it is really not designed for graphical workloads. However if you really, really, really need some X buffer for whatever reason you can use the '''xvfb-run''' command to simulate a process with a minimal X server.
 
=== Will you install docker? ===
 
:Unfortunately there is currently no way to run docker on a multi-user system that is both useful and secure.
 
  
 
=== Will you install "sl"? ===
 
=== Will you install "sl"? ===
Line 126: Line 134:
 
:insomnia247.nl runs a automated backups of all home directories at 11pm (local time), every day.
 
:insomnia247.nl runs a automated backups of all home directories at 11pm (local time), every day.
 
:For more information about backups go [[Shells_backup|here]].
 
:For more information about backups go [[Shells_backup|here]].
 +
 +
=== Do you support Mosh? ===
 +
:Yes. And we strongly recommend its usage for a better experience if you are on a connection with high latency or one that is predisposed to dropping packets or breaking TCP connections.
  
 
=== I need help with my website ===
 
=== I need help with my website ===
Line 160: Line 171:
 
== My question isn't listed. What now? ==
 
== My question isn't listed. What now? ==
  
:You can always drop by [http://www.insomnia247.nl/?page=chat our IRC] (irc.insomnia247.nl in #shells)
+
:You can always drop by [https://www.insomnia247.nl/page/chat our IRC] (irc.insomnia247.nl in #shells)
 
:Alternatively, you can email us at coolfire@insomnia247.nl.
 
:Alternatively, you can email us at coolfire@insomnia247.nl.

Latest revision as of 08:21, 4 March 2022

Contents

General questions

What distro is the shell server running?

The Insomnia 24/7 shell server runs Debian stable. (Debian GNU/Linux 11 at the time of writing.)

Registration questions

How do I request a shell?

You go here and fill out the form.
You MUST have an invite code to request a shell on this server.

How do I get an invite code?

There are two ways you can get an invite: The first, and easiest way is to know someone who already has a shell with Insomnia 24/7, they can generate an invite for you.
Alternatively, you may inquire on our IRC and talk to the staff. (Or use any of the other contact methods listed on https://insomnia247.nl/page/chat if you prefer.) If you have a good reason for why you want a shell, they can generate an invite for you.
Normally you'd get an invite from another user who endorses you, so we have some kind of a guarantee you're a nice user.
Of course not everyone knows someone here, which is why you can also get one from the staff, but you need a really good reason then, since we don't have another users endorsement in that case.

What is a good reason for an invite?

There's no set list of reasons that are accepted. Anything sufficiently cool, interesting or useful will do.
By contrast, we do have some common reasons that aren't acceptable.

What are bad reasons for an invite?

Anything that doesn't make good use of the resources given to the shell.
Common rejected reasons include:
  • Running IRC bots -bouncers -servers and sessions.
  • Network connectivity testing. (Ping, nmap, traceroute etc.)
  • Network traffic tunneling, firewall and network restriction bypassing.
  • Running any commercial project/website.
  • Running a finished project that could easily be hosted elsewhere.
  • Learning about Linux or improving your Linux skills.
  • Anything illegal.

Does that mean these things aren't allowed?

No. Most are fine once you have a shell but we don't give out invites for it. The points mentioned above should not be the only usage.
Things that are not allowed at all are described in the rules.

Why isn't learning a valid usage?

Because in our experience these shells are abandoned in a matter of days if not hours.
We have special arrangements for people teaching Linux classes who don't have an appropriate environment. Contact us if you want to make use of this arrangement.

Why do you have an invite system?

We have this system set up to ensure we get as little abuse as possible, and as a result can provide the best possible quality of service.

I have a shell, now how do I create an invite?

You can create an invite from the command line by running the manager command. In the manager you can navigate to "User account" -> "Invite a new user" and enter the email address of the user you wish to invite.
Read the rules regarding invites here: Rules.

How long does it take for my request to be approved (or rejected)?

It varies, depending on whether or not one of our staff is currently logged in, between a few seconds and a few hours.
As a rule of thumb we always try to process your request within 24 hours.

My shell request was approved, now what do I do?

You can log in by directing your ssh client to insomnia247.nl
We also have a Web shell available for when you're stuck behind a restrictive firewall for example. Note that you may need to log in over regular ssh at least once since the web shell does not quite play nice with the password change you have to do when you log in for the first time.

What is an SSH client?

You should be asking yourself if you really need a shell if you need to ask this, but I digress.
On windows you can use PuTTY. Linux and Mac users should usually have openssh installed.

What is the correct ssh fingerprint?

Older style fingerprints
59:77:97:0c:b5:eb:4a:97:7b:70:80:01:0e:0e:a6:7a (DSA)
38:de:63:c3:a1:22:6b:8f:77:01:74:7c:51:68:21:80 (ECDSA)
d5:31:56:f1:98:c8:69:93:4a:dd:8e:7c:72:0c:ea:42 (ED25519)
f3:d4:58:1e:9d:19:76:a4:d8:0d:f3:d7:3e:e5:77:d0 (RSA)
Newer style fingerprints
UG0/xiMxWtPTvKW5YnTEnzF26esIatOxLZlvzuX74Xc (DSA)
NmKlNte4cL3NcyS3Kd92nMpx/EAJbbJcCkv9kSmYCLM (RSA)
YbKaXxEI7wlZCF38XG24VritjKRD4euNWIn6UHDX7Jc (ECDSA)
vufysvbqjKzDV8tf6+ax3ayJOEcx8otD8Mpq6JVBmAE (ED25519)
If you're using OpenSSH you can set the VerifyHostKeyDNS option to yes to automatically pull the fingerprints from our SSHFP DNS records.

Do you support authentication using ssh keys?

Yes, and we recommend you use this option.

Do you support 2-factor authentication?

For password based logins we support OTP codes. (The codes google authenticator and compatible apps produce.)
You can configure this for your account by running the "google-authenticator" command on your shell.
It is always a good idea to add this to you account if you can. Even if you also have ssh keys configured.
As a side note about OTP apps in general; I recommend finding one that will allow you to make backups of your configured codes. The standard google authenticator app does not allow this and this means you will lose access to your OTP codes if you lose/break/replace your phone.

Will my account expire?

Short answer: No.
Long answer: Nooooooooooooooooooooooooooooo, but if you do not log in for over a year your account will be archived. This means your files are moved to coldstorage, and your websites, databases and cronjobs are disabled. We will continue to accept email for your account. If you log in again after your account is archived you can un-archive it again using the "manager" command.

I lost my password, what should I do?

Contact support trough IRC or email.
DO NOT try passwords until you get banned (5 retries). It will be picked up as a brute force attempt and we send out automated abuse mails for that. (Let us know if you accidentally get banned anyway so we can prevent an abuse mail being sent to your ISP.)

My account has been suspended, what did I do and can it be undone?

Feel free to drop by on IRC to explain the situation. Please do keep it civil.
If a misunderstanding led to your suspension the staff may re-evaluate it.
Any decision made by the staff is completely at their discretion.

Services questions

Am I allowed to run PsyBNC/znc/shroudbnc/Eggdrop/...

You are allowed to run a wide variety of software, though wanting to run a bot or a bouncer alone isn't considered a valid reason to receive a shell. If this is what you want to do, you can visit one of the big free shell hosts. If you have doubts about a specific software package please ask us about it on IRC. Any sort of game server and mail transfer agents are disallowed by default.
We ask you to download all sources at the official websites to avoid any backdoored source. If your processes are backdoored your account can be suspended without notice.

I'm running <random server X> what ports am I allowed to use?

Ports 5000-5500 are forwarded to the shell server. You can use the 'port' command to see what ports are available to you.
For more information on ports, go here.

You say <random resource X> is unlimited, but ulimit tells me it's not!

Yes, to protect the server some limits are set. Under normal circumstances however, these limits should never be hit.
In the unlikely event that you do legitimately hit a resource limit, we can always increase or even remove the limit to suit your needs.

There is a package not installed, can you install it?

Usually it will not be a problem to install packages that are available in the debian stable or backports repository.
You can use the 'manager' command to request installation.

Will you install an X server or other GUI server?

Since this is a shell server it is really not designed for graphical workloads. However if you really, really, really need some X buffer for whatever reason you can use the xvfb-run command to simulate a process with a minimal X server.

Will you install "sl"?

No. Never that.

Why can't I send/receive email?

Sending mail trough localhost should work normally. You should be able to use the secure versions of SMTP/POP/IMAP too. See services list for the ports in use for this.

I deleted a file I still need. Help!

insomnia247.nl runs a automated backups of all home directories at 11pm (local time), every day.
For more information about backups go here.

Do you support Mosh?

Yes. And we strongly recommend its usage for a better experience if you are on a connection with high latency or one that is predisposed to dropping packets or breaking TCP connections.

I need help with my website

Please visit our dedicated page for this Shells_websites

How do I request a MySQL database?

Use the 'manager' command on the shell to request databases.

How do I request a git repository?

Go to our Insomnia 24/7 Gitlab server and create an account.
You do not need a shell account to create or use a gitlab account.

Can I run a game server even though it's explicitly prohibited in the rules?

To paraphrase Oscar Wilde: "No chance, you unreasonable dicks". It's a small shell host and it's resources are finite. Game servers are not allowed. Ever.

VPS questions

How do I request a VPS?

A VPS is not something we give out just like that. You need to talk to us in our IRC and have a solid case for why you need it and exactly what you intend to do with it.

What advantages will a VPS give me?

The main advantage is having an OS of your choice and root access to the machine.
A VPS setup can also be pre-built with a variety of systems, including any of the Turnkey appliences.

Why does my VPS not have a WAN IP?

Because we don't have any extra.

My question isn't listed. What now?

You can always drop by our IRC (irc.insomnia247.nl in #shells)
Alternatively, you can email us at coolfire@insomnia247.nl.