Joining OurShack

Contents

• Paying for OurShack
• Setting up an account

Paying for OurShack

Please set up a Standing Order with your bank. They will have a form, or they might accept a letter. Contact Andy Wardley (abw -at- ourshack dot com) for account details to put in it.

---

Setting Up an OurShack Account

These are instructions (mainly for Microsoft Windows users) on how to set up a new account at OurShack. This is a little complex because we only permit access via ssh with RSA key authentication.

1. Cross our palm with Silver. See Paying for OurShack
2. Choose an account name. We've used "yourname" in these examples.
3. Start thinking of a good passphrase. Good passphrases are 10-30 characters long and are not simple sentences or otherwise easily guessable (English prose has only 1-2 bits of entropy per word, and provides very bad passphrases).
4. Start thinking of a good password.
5. Phone Andrew Beattie on 0777 166 1653 or mail him at gaffer-at-ourshack.com and leave him your phone number so that we can agree an account name and password without sending this info over the net in cleartext.
6. Andrew will set up your account:

   $ sudo /usr/sbin/adduser -d /usr/home/yourname -c "Your Full Name" yourname

Setting up an SSH client

You have a choice here: openssh, PuTTY, TeraTerm, or some other SSH client (e.g. the one built into the Labtam X server). In all cases, you will need to

• Install the SSH client software on your computer
• Generate a secret key
• Have the key registered at Ourshack

We have step-by-step instructions for some clients below.

Using the OpenSSH client

Most Linux, FreeBSD, OpenBSD, NetBSD systems will have ssh already installed.

If you already have a public/private key pair, just send us a copy of the public bit - usually .ssh/id_dsa.pub or .ssh/identity.pub

If this is the first time you have had a use for SSH keys, you need to generate a pair:

	ssh-keygen -t dsa

This will ask you to supply a passphrase to encrypt the secret key. Remember this and do not give it to anyone. You only ever need to type it on your own machine, and it never comes to Ourshack.

Once you have generated the key pair, send us the public part as above.

Using the PuTTY client

(A bit sketchy - feel free to expand on this)

1. Fetch PuTTY from it's distribution site. It is probably easiest to use the zip or installer files if you are using Windows.
2. Install PuTTY by unpacking the zip file or running the installer.
3. Run PuTTYGen to make a key
4. Use cut-n-paste to copy the text representation of the public key into a mail message. Send it to gaffer -at- ourshack.com who will install it for you.
5. Configure PuTTY to connect to cat.ourshack.com and try it out.

Using the TeraTerm client

1. Use an FTP client on your local machine to fetch:

   http://www.ourshack.com/files/FSSENU.DLL
   http://www.ourshack.com/files/ttermp23.zip
   http://www.ourshack.com/files/GMP.DLL
   http://www.ourshack.com/files/ttssh151.zip
   http://www.ourshack.com/files/keygen.exe
   

2. Unzip ttermp23.zip (Terraterm)
3. run setup.exe
4. Note where Teraterm is installed (typically C:\Program Files\ttermpro)
5. Unzip ttssh151.zip into the directory where you installed Teraterm (typically C:\Program Files\ttermpro)
6. Copy Keygen.exe, Fssenu.dll and Gmp.dll into the directory where you installed Teraterm.

(Unfortunately, this is a rip-off from a commercial product. Does anyone have a free keygen for Windows?)

7. Run Keygen.exe When asked, leave the comment field empty. This will take a few minutes but you'll end up with 2 files:
   • identity (Your *secret* private key. Guard it with your life)
   • identity.pub (Your public key. Advertise it in a newspaper if you like)

     Keep the default file name "IDENTITY" and default key size of 1024 bytes.

8. Mail identity.pub to the person setting up your account (typically gaffer -at- ourshack.com)
9. The person setting up the account will ensure that the file is one line long (not wrapped over several lines) and copy it copy it as follows:

   [gaffer@cat] $ sudo cp identity.pub ~yourname/.ssh/authorized_keys
   [gaffer@cat] $ sudo cp identity.pub ~yourname/.ssh/identity.pub
   [gaffer@cat] $ sudo chown yourname ~yourname/.ssh/*
   [gaffer@cat] $ chmod 600 ~yourname/.ssh/authorized_keys
   [gaffer@cat] $ chmod 644 ~yourname/.ssh/identity.pub
   

   N.B. the UNIX filenames should be all lower-case. The files generated by KeyGen will be all upper-case.

10. run ttssh.exe (not TeraTermPro - we need the ssh extensions!) cancel from the default connect form.
11. setup -> tcp/ip. Add an entry for cat.ourshack.com (if you need to use the sshd on the telnet port, then set port to 23)
12. setup -> ssh. Move DES to the top of the list (I think that's what we're using). I also moved "ciphers below this line" to the bottom.
13. setup -> ssh authentication. Enter yourname. Select RSA. Browse to find your private key file "identity".
14. setup -> Save Setup. (otherwise you've got to do all it every time...) Since cat.ourshack.com is my default destination, I saved it in the default file: teraterm.ini
15. file -> New connection. And cross your fingers...
16. Change your password:

    [yourname@cat] $ passwd

    You'll need this for things other than login, such as sudo.

NOTE: anti-spam measures: replace "-at-" with "@" in all email addresses.