d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Sankofa/docs/proxmox/SSH_SETUP_WITH_ENV.md
defiQUG 9daf1fd378 Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements 
- Add comprehensive database migrations (001-024) for schema evolution
- Enhance API schema with expanded type definitions and resolvers
- Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth
- Implement new services: AI optimization, billing, blockchain, compliance, marketplace
- Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage)
- Update Crossplane provider with enhanced VM management capabilities
- Add comprehensive test suite for API endpoints and services
- Update frontend components with improved GraphQL subscriptions and real-time updates
- Enhance security configurations and headers (CSP, CORS, etc.)
- Update documentation and configuration files
- Add new CI/CD workflows and validation scripts
- Implement design system improvements and UI enhancements
2025-12-12 18:01:35 -08:00

4.2 KiB
Raw Permalink Blame History

SSH Setup Using .env Credentials

Last Updated: 2024-12-19

Current Situation

The .env file contains:

  • Proxmox API Tokens: PROXMOX_TOKEN_ML110_01 and PROXMOX_TOKEN_R630_01
  • Proxmox Root Password: PROXMOX_ROOT_PASS (found in .env)

Understanding the Difference

API Tokens vs SSH Password

  • API Tokens: Used for Proxmox API authentication (already in .env)

    • Format: root@pam!token-id=token-secret
    • Used for: API calls, automation scripts
    • Cannot be used for SSH

  • SSH Password: Used for SSH authentication (needed for key setup)

    • The root user's password on Proxmox nodes
    • Used for: SSH login, ssh-copy-id, initial key setup
    • Not currently in .env

Options for SSH Setup

Option 1: Use Existing Password in .env (Already Available!)

The .env file already contains:

PROXMOX_ROOT_PASS=L@KERS2010

Scripts have been updated to use PROXMOX_ROOT_PASS.

Then use the automated script:

# Install sshpass (if not installed)
sudo apt-get install sshpass

# Run automated setup
./scripts/setup-ssh-with-password.sh

Option 2: Manual SSH Key Copy (Interactive)

# This will prompt for password
ssh-copy-id -i ~/.ssh/sankofa_proxmox.pub root@192.168.11.10
ssh-copy-id -i ~/.ssh/sankofa_proxmox.pub root@192.168.11.11

Option 3: Use Existing SSH Keys

If you already have SSH access configured:

# Test existing access
ssh root@192.168.11.10 'hostname'
ssh root@192.168.11.11 'hostname'

# If working, copy the new key
ssh root@192.168.11.10 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys' < ~/.ssh/sankofa_proxmox.pub
ssh root@192.168.11.11 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys' < ~/.ssh/sankofa_proxmox.pub

Option 4: Use Proxmox Web UI

  1. Log in to Proxmox Web UI: https://ml110-01.sankofa.nexus:8006
  2. Go to: DatacenterNodesML110-01Shell
  3. Run commands to add SSH key: 
    mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "YOUR_PUBLIC_KEY_HERE" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
  4. Repeat for R630-01

Recommended Approach

Step 1: Password Already in .env

The .env file already contains PROXMOX_ROOT_PASS. Scripts are configured to use it.

Security Note: The .env file is in .gitignore, so it won't be committed. Ensure proper file permissions:

chmod 600 .env

Step 2: Install sshpass (for automation)

sudo apt-get install sshpass

Step 3: Run Automated Setup

./scripts/setup-ssh-with-password.sh

Current .env Contents

The .env file currently has:

  • PROXMOX_TOKEN_ML110_01 - API token for ML110-01
  • PROXMOX_TOKEN_R630_01 - API token for R630-01
  • PROXMOX_USERNAME_ML110_01 - Username (root@pam)
  • PROXMOX_USERNAME_R630_01 - Username (root@pam)
  • PROXMOX_ROOT_PASS - Root password (for SSH)

Quick Setup Commands

Password is Already in .env 

# Install sshpass (if not installed)
sudo apt-get install sshpass

# Run setup (uses PROXMOX_ROOT_PASS from .env)
./scripts/setup-ssh-with-password.sh

If Password is NOT Available

# Manual interactive copy (will prompt for password)
ssh-copy-id -i ~/.ssh/sankofa_proxmox.pub root@192.168.11.10
ssh-copy-id -i ~/.ssh/sankofa_proxmox.pub root@192.168.11.11

# Or use Proxmox Web UI Shell to add key manually

Security Considerations

  1. Password in .env:

    • File is in .gitignore (won't be committed)
    • ⚠️ Ensure file permissions: chmod 600 .env
    • ⚠️ Consider using SSH keys only (no password needed after initial setup)

  2. After SSH Keys are Set Up:

    • You can remove password from .env if desired
    • SSH will work with keys only
    • More secure than password authentication

Verification

After setup, verify SSH works:

# Test ML110-01
ssh -i ~/.ssh/sankofa_proxmox root@192.168.11.10 'hostname'

# Test R630-01
ssh -i ~/.ssh/sankofa_proxmox root@192.168.11.11 'hostname'

Related Documentation

Reference in New Issue View Git Blame Copy Permalink