Quite often we offer technical support to people that requires SSH access to your server, i.e. root access.
This is needed as there are many things that we can't check or diagnose without directly accessing the server.
To do so however, we need to be granted access by you.
There are two ways to do this:
- Give us root username/password details
- Install our public SSH key so that we can securely access
We prefer the latter as it is more secure and separates our access from your login credentials, which should ideally be kept private.
Side note - what are SSH keys?
If SSH certificates are new to you, think of them as an alternative to usernames and passwords. Rather than giving these out (which are easily copied or compromised), you install a public key on your server (think of this like a lock in a door).
This allows anyone with the complimentary private key (the matching key) to log in to the server and be authenticated.
This method is much more secure as only the person with the correct private key can access through the public key you added, and its on them to keep their private key safe and secure.
Installing an SSH certificate is quite easy and may be done through an SSH terminal.
Note that in many VPS providers you can also add certificates through their control panel, however this is typically for adding certificates (such as your own) to be added to future deployments.
These do not add certiifcates to existing servers and we would not recommend adding a third-party's certificate by default, rather only do this if you can choose which ones to add during deployment -- If you would like to use keys in this way, check your VPS provider's documentation on how to do so correctly.
With Vultr for example, you can choose SSH keys to add during deployment, thus can add the FunnelFlux support key then if desired.
However, here we will explain the manual method.
If you already have SSH terminal access to your server as root, go ahead and log in with whatever client you use.
If you do not and are using a VPS provider like Vultr, Linode, DigitalOcean, etc., you can probably open a web-based console from your control panel:
Click your server to load its details then click view console
Click your server > remote access tab > open LISH console
Open your server > click console in top right
Tthe below commands are intended for CentOS only, it may not work on other OS in which case you may want to refer to the P.S. section below
Commands to add our public key
Once you are in a console, execute the following command.
We have compiled everything into a "bash" script that you download and execute to make this as efficient as possible.
The command you use should be the same no matter the Linux distribution, as below:
curl -O https://files.funnelflux.com/keyinstaller.sh && chmod 0700 keyinstaller.sh && bash keyinstaller.sh
That's all in a single line, no line breaks. Make sure you type it exactly as written.
The commands can also be executed one by one if necessary:
curl -O https://files.funnelflux.com/keyinstaller.sh
chmod 0700 keyinstaller.sh
This script will add funnelflux_support.pub, our public key, to an SSH directory.
Note that our key installer script removes itself once done, so there should be no files to clean up afterward.
Once you have added the key successfully you can let us know and we will be able to connect to your server securely for technical support.
We of course also need to know the IP, though we can usually resolve this from your tracker domain anyway!
P.S. for the record and full transparency, here is the contents of keyinstaller.sh:
chmod 600 /root/.ssh
curl https://files.funnelflux.com/keys/funnelflux_support.pub >> /root/.ssh/authorized_keys
chmod 400 /root/.ssh/authorized_keys
rm -rf keyinstaller.sh
You can use and modify these commands accordingly for other Linux OS.
Commands to remove our public key
Removing our key is simple and we advise doing this if you are concerned about a third party having access to your server.
If we ever need access to assist in the future, you can just re-add it as above.
Here are the commands to remove the key:
curl -O https://files.funnelflux.com/keyremover.sh && chmod 0700 keyremover.sh && bash keyremover.sh
and line by line:
curl -O https://files.funnelflux.com/keyremover.sh
chmod 0700 keyremover.sh