Difference between revisions of "First Time Setup"
(18 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
+ | {{Tip | Before continuing, connect to your mesh node using the '''MassMesh.org''' wireless network or by connecting directly to the mesh node, like in [[Mesh Node Troubleshooting]].}} | ||
+ | |||
+ | {{Tip | Access your mesh node by navigating to http://192.168.42.1 in your web browser.}} | ||
+ | |||
== Setting Your Password == | == Setting Your Password == | ||
+ | |||
+ | [[File:No_password.png|thumb|When you first boot your mesh node, there is no admin password set.]] | ||
+ | |||
+ | When you first boot your mesh node, there is no password set. This is quite dangerous, so OpenWrt will disable many useful features until you set one. Therefore, it is important that you set one up right away. | ||
+ | |||
+ | {{Warning|This is not the same thing as a wi-fi password. Your admin password should be a secret.}} | ||
+ | |||
+ | To set a password, complete the following steps: | ||
+ | * Navigate to "System > Administration" in the left-hand menu of OpenWrt | ||
+ | ** [[File:Set_password_screen.png|frameless|Enter your desired password twice, and click "Save."]] | ||
+ | * Enter your desired password twice, and hit Enter or click "Save." | ||
+ | |||
== Enabling Remote Support == | == Enabling Remote Support == | ||
− | + | Following these steps, you will allow a maintainer to log into and use your mesh node remotely -- as long as it's connected to the global Yggdrasil network. See [[#The Yggdrasil Page]] if you think you may not be connected to the rest of the Yggdrasil network. | |
+ | |||
+ | In order to enable remote support, you will need to: | ||
+ | # Authorize the maintenance team to access your mesh node | ||
+ | # Allow SSH over Yggdrasil | ||
=== Authorize the Maintenance Team to Access Your Mesh Node === | === Authorize the Maintenance Team to Access Your Mesh Node === | ||
+ | |||
+ | {{Note|You must first [[#Setting Your Password|Set Up a Password]] before adding authorized remote users.}} | ||
+ | |||
# Navigate to System > Administration | # Navigate to System > Administration | ||
# Select the "SSH-Keys" tab | # Select the "SSH-Keys" tab | ||
Line 10: | Line 33: | ||
# Enter the following keys, clicking "Add Key" in between each | # Enter the following keys, clicking "Add Key" in between each | ||
<pre> | <pre> | ||
− | ssh-rsa | + | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqb+eTvCL3tilg3xKpLdClC0BuJiDXCiIsgYhoO5/6Rf6u/FGQYUGPwyhCqoXNeGhUhAIHUvD+HIcMfvFgdTRJ/K7uSe35FmrobT3QGpKMLwq2+HJNhIbK18n4SeL74JGfntnecw2Wbfd9qy9UAyM7422BVttGDcgRZzaj+Lzf5hc4gLT8J3zv8ybLOAxFOcwQV+TPg76jMIHr7BnAIxCQZEOsFydNINnJLn5WjezzeDvX2sTJbLe7lsHE8oE7YDyZxFw39F9t8AGg96xgnTJvYv9JG3dczgTicB+dj1C0FnlhZD8o9k6xcMex2mSpR2jmcf8TluFladVuQlP4/oEiz0rOZ7PAYC5BWXx1i4PwWm/Xas3TcGg1WokWSAcijUpeqhkEekQk4RXWfrdKDoGLQF3rAbmdD9gz4MuxuNoyXKmdhvwsBeqzNnADqHllcw95+gNVYUJz1VNM2oPfNvHtOY624YY9rWy/uL6plocM07Vtvf8/CKuQ+fPIcRhwJDk= lurker@join-or-die |
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA3nzI6T6Lpd5xFoRewcx91Dv9sUzNNmdYfwOleemBFz0y3RaQElehUWasyjuIURZw7RL5EjvrqeQq9pe/lO99dO0F9yMuMsMH2t88YrVJQ/z/5Aa4I2zYQotKb/9CCfynsy41y5xywxtOwXiDk2kpo+c9VZCyCeW8Hnc9HaIpkKSLnkqDVhESzlrkYyNKZvUAL1hiFIzmmw/veFgRb7/ol76Ze3xsWugbHUECEIAKoz/8uaevOAAoJrMFhffFIQ8IfClqDZv2lnBBhvh1O9TO0Mg4klcieyQ1RZhMjeP4WnAa9PXP7xZlQHLgO9qO1jDd2sOdkX6EedCfX5jO4Y51HPJpV35uYumw3veftMlpIJFmA2eIQxU19SCYpojWRGXZ5v9WtFIHX2nGy+Gi1bk7TR+HBsCDXOPhhQk4ceIM4OonqEb1NJ57elxh6mFbDAQCZtYhRLqYvcyGpuBdVdLNOJbOZ7vBJY3Kfjxa87rvFIJheT6DXhpdRayeOovLm0vuJ53bZoWxWOqjpuigQqHtSB3OmintrKB916BhNFsHwPeZpK0ahZGFygV63REM/X8m0nOlHqyAY69uzLHyYXM83zAI1L5Y4wuzsVqO+1tnK6PMcfg5/DArjBrn7YqA5tzJY9EgdVVPjpgjD2yYYTOP6b3UUw4uFj3asnOX24dfVzk= ward@countzero | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA3nzI6T6Lpd5xFoRewcx91Dv9sUzNNmdYfwOleemBFz0y3RaQElehUWasyjuIURZw7RL5EjvrqeQq9pe/lO99dO0F9yMuMsMH2t88YrVJQ/z/5Aa4I2zYQotKb/9CCfynsy41y5xywxtOwXiDk2kpo+c9VZCyCeW8Hnc9HaIpkKSLnkqDVhESzlrkYyNKZvUAL1hiFIzmmw/veFgRb7/ol76Ze3xsWugbHUECEIAKoz/8uaevOAAoJrMFhffFIQ8IfClqDZv2lnBBhvh1O9TO0Mg4klcieyQ1RZhMjeP4WnAa9PXP7xZlQHLgO9qO1jDd2sOdkX6EedCfX5jO4Y51HPJpV35uYumw3veftMlpIJFmA2eIQxU19SCYpojWRGXZ5v9WtFIHX2nGy+Gi1bk7TR+HBsCDXOPhhQk4ceIM4OonqEb1NJ57elxh6mFbDAQCZtYhRLqYvcyGpuBdVdLNOJbOZ7vBJY3Kfjxa87rvFIJheT6DXhpdRayeOovLm0vuJ53bZoWxWOqjpuigQqHtSB3OmintrKB916BhNFsHwPeZpK0ahZGFygV63REM/X8m0nOlHqyAY69uzLHyYXM83zAI1L5Y4wuzsVqO+1tnK6PMcfg5/DArjBrn7YqA5tzJY9EgdVVPjpgjD2yYYTOP6b3UUw4uFj3asnOX24dfVzk= ward@countzero | ||
Line 31: | Line 54: | ||
== The Yggdrasil Page == | == The Yggdrasil Page == | ||
− | [[File: | + | [[File:Peers.png|thumb|A working mesh node should have several peers.]] |
+ | |||
+ | One of the most helpful screens for troubleshooting is the Yggdrasil page. This page is entirely focused on your mesh node's status ''within the global Yggdrasil mesh network.'' You can access the Yggdrasil page by selecting "Network > Yggdrasil" on the right-hand menu in OpenWrt. | ||
+ | |||
+ | === Important Yggdrasil Information === | ||
− | + | You can view important information about your mesh node in the Yggdrasil screen. Among other things, you can view your node's static [https://en.wikipedia.org/wiki/IPv6 IPv6] address and [https://en.wikipedia.org/wiki/Public-key_cryptography public key.] | |
− | + | Your static IPv6 address is unique to the Yggdrasil, and never changes. It comes in handy very frequently, and is used for remote support (among other things.) Your public key is sometimes used to gain access to private resources on the Yggdrasil network. It's good to know where it is just in case you ever need it. | |
− | + | [[File:IPv6.png|frameless|Your static IPv6 address is unique to the Yggdrasil, and never changes.]] | |
+ | [[File:Pubkey.png|frameless|Your public key is sometimes used to gain access to private resources on the Yggdrasil network.]] | ||
=== Checking for Peers === | === Checking for Peers === | ||
+ | |||
+ | As long as your mesh node has public Yggdrasil peers, it is connected to the global Yggdrasil mesh network. This means that things like remote support will work properly. If you're interested in learning more about Yggdrasil vs. the Internet vs. the LAN, see our [[Network Architecture]] page. | ||
A working mesh node should have several peers. You can see these in the following screen: | A working mesh node should have several peers. You can see these in the following screen: | ||
− | .. | + | * [[File:Peers.png|frameless|A working mesh node should have several peers.]] |
If you don't have any peers, your Yggdrasil screen will look something like this: | If you don't have any peers, your Yggdrasil screen will look something like this: | ||
* [[File:No_Peers.png|frameless|If you don't have any peers, your Yggdrasil screen will look something like this.]] | * [[File:No_Peers.png|frameless|If you don't have any peers, your Yggdrasil screen will look something like this.]] | ||
* Note the "Proto" column.... it says "self," because the only peer your mesh node has is ... itself! | * Note the "Proto" column.... it says "self," because the only peer your mesh node has is ... itself! | ||
+ | |||
+ | === Test that you can access Yggdrasil sites === | ||
+ | |||
+ | You should be on the Yggdrasil network now. Verify that you are by going to ''http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/'' to view the Yggdrasil Network home page. Alternatively you can connect to YaCy, the Yggdrasil Search engine, at ''http://[300:7232:2b0e:d6e9:216:3eff:fe38:cefc]:8090/''/ | ||
== The Internet Gateway Page == | == The Internet Gateway Page == | ||
+ | |||
+ | Once you are connected to the ''Yggdrasil mesh network'' (see previous section), it is time to configure the node for internet access. To do so, the node needs to be connected to an internet gateway. We use a program called [https://github.com/massmesh/autoygg Autoygg] for this purpose. You can access the Internet Gateway page by selecting "Network > Internet Gateway" in the left-hand menu in OpenWrt. | ||
+ | |||
+ | === The Autoygg client status page === | ||
+ | |||
+ | The '''Status''' page shows the current connection state with the configured Autoygg Gateway. On first boot, the page will show that you are '''disconnected''': | ||
+ | |||
+ | [[File:AutoyggStatusFirstTimeSetup.png|frameless|The Autoygg status screen for a new installation.]] | ||
+ | |||
+ | === The Autoygg client settings page === | ||
+ | |||
+ | On the '''Settings''' page, an Internet Gateway server can be configured. It is also possible (but not required) to populate your name, e-mail address and/or phone number, to identify yourself to the gateway owner. | ||
+ | |||
+ | ==== Connecting to a Mass Mesh public Internet Gateway ==== | ||
+ | <section begin=autoygg_firstsetup /> | ||
+ | Mass Mesh runs a public Internet Gateway at the address '''200:83a1:3b1a:e7af:4b46:6169:8435:9280'''. If you would like to use it to connect to the internet, put that address in the '''autoygg gateway''' field and click '''SAVE & APPLY''': | ||
+ | |||
+ | [[File:AutoyggSettingsMassMeshGateway.png|frameless|The Autoygg settings screen with the Mass Mesh gateway configured.]] | ||
+ | |||
+ | At this point, the '''Status''' page will show you are not connected: | ||
+ | |||
+ | [[File:AutoyggStatusPageClientNotConnected.png|frameless|The Autoygg status screen with the Mass Mesh gateway configured, but not connected.]] | ||
+ | |||
+ | Before you can connect to the internet via the Mass Mesh gateway, one of our volunteers will need to add your node to the accesslist on the gateway server. You can request this in the '''[https://app.element.io/#/room/#mm-ap-hosts:matrix.org Mass Mesh AP Hosts chat room].''' Please provide your Yggdrasil IPv6 address when you do so, which is available on the '''Yggdrasil node status''' page: | ||
+ | |||
+ | [[File:IPv6.png|frameless|Your static IPv6 address is unique to your Yggdrasil node, and never changes.]] | ||
+ | |||
+ | Once your node is added to our accesslist, you can hit the '''Connect''' button and if that goes well, the status page will look similar to this: | ||
+ | |||
+ | [[File:AutoyggStatusPageClientConnected.png|frameless|The Autoygg status screen with the Mass Mesh gateway configured and connected.]] | ||
+ | <section end=autoygg_firstsetup /> | ||
+ | |||
+ | ==== Connecting to your own Internet Gateway ==== | ||
+ | |||
+ | It is also possible to run your own Internet Gateway server. This can be done on a cheap cloud VPS, for instance. It requires installing and running the [https://github.com/MassMesh/autoygg/blob/main/README.md Autoygg server]. If you want assistance with this, please ask in the '''[https://app.element.io/#/room/#massmeshtech:matrix.org MassMesh Tech chat room].''' |
Latest revision as of 15:41, 29 March 2023
Contents
Setting Your Password
When you first boot your mesh node, there is no password set. This is quite dangerous, so OpenWrt will disable many useful features until you set one. Therefore, it is important that you set one up right away.
To set a password, complete the following steps:
- Navigate to "System > Administration" in the left-hand menu of OpenWrt
- Enter your desired password twice, and hit Enter or click "Save."
Enabling Remote Support
Following these steps, you will allow a maintainer to log into and use your mesh node remotely -- as long as it's connected to the global Yggdrasil network. See #The Yggdrasil Page if you think you may not be connected to the rest of the Yggdrasil network.
In order to enable remote support, you will need to:
- Authorize the maintenance team to access your mesh node
- Allow SSH over Yggdrasil
Authorize the Maintenance Team to Access Your Mesh Node
- Navigate to System > Administration
- Select the "SSH-Keys" tab
- Enter the following keys, clicking "Add Key" in between each
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqb+eTvCL3tilg3xKpLdClC0BuJiDXCiIsgYhoO5/6Rf6u/FGQYUGPwyhCqoXNeGhUhAIHUvD+HIcMfvFgdTRJ/K7uSe35FmrobT3QGpKMLwq2+HJNhIbK18n4SeL74JGfntnecw2Wbfd9qy9UAyM7422BVttGDcgRZzaj+Lzf5hc4gLT8J3zv8ybLOAxFOcwQV+TPg76jMIHr7BnAIxCQZEOsFydNINnJLn5WjezzeDvX2sTJbLe7lsHE8oE7YDyZxFw39F9t8AGg96xgnTJvYv9JG3dczgTicB+dj1C0FnlhZD8o9k6xcMex2mSpR2jmcf8TluFladVuQlP4/oEiz0rOZ7PAYC5BWXx1i4PwWm/Xas3TcGg1WokWSAcijUpeqhkEekQk4RXWfrdKDoGLQF3rAbmdD9gz4MuxuNoyXKmdhvwsBeqzNnADqHllcw95+gNVYUJz1VNM2oPfNvHtOY624YY9rWy/uL6plocM07Vtvf8/CKuQ+fPIcRhwJDk= lurker@join-or-die ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA3nzI6T6Lpd5xFoRewcx91Dv9sUzNNmdYfwOleemBFz0y3RaQElehUWasyjuIURZw7RL5EjvrqeQq9pe/lO99dO0F9yMuMsMH2t88YrVJQ/z/5Aa4I2zYQotKb/9CCfynsy41y5xywxtOwXiDk2kpo+c9VZCyCeW8Hnc9HaIpkKSLnkqDVhESzlrkYyNKZvUAL1hiFIzmmw/veFgRb7/ol76Ze3xsWugbHUECEIAKoz/8uaevOAAoJrMFhffFIQ8IfClqDZv2lnBBhvh1O9TO0Mg4klcieyQ1RZhMjeP4WnAa9PXP7xZlQHLgO9qO1jDd2sOdkX6EedCfX5jO4Y51HPJpV35uYumw3veftMlpIJFmA2eIQxU19SCYpojWRGXZ5v9WtFIHX2nGy+Gi1bk7TR+HBsCDXOPhhQk4ceIM4OonqEb1NJ57elxh6mFbDAQCZtYhRLqYvcyGpuBdVdLNOJbOZ7vBJY3Kfjxa87rvFIJheT6DXhpdRayeOovLm0vuJ53bZoWxWOqjpuigQqHtSB3OmintrKB916BhNFsHwPeZpK0ahZGFygV63REM/X8m0nOlHqyAY69uzLHyYXM83zAI1L5Y4wuzsVqO+1tnK6PMcfg5/DArjBrn7YqA5tzJY9EgdVVPjpgjD2yYYTOP6b3UUw4uFj3asnOX24dfVzk= ward@countzero ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVi8ExDYdV7EfkjQiMZA3o0QtjVNtd0wVzp9n1xFqY1dse/zHBqrEZQKBtbrk7D/NAI4qzoogC6SbHWa8fHPyc3LJuKbxHrSC8xylByGL7nAzI7AfmsHCQ8Z+OrgI625PzVpMCY/30D/rBgR2JTlzxlA35cuOPjN5r1HHE53+mVRu62jn/wTa16ubFXaYmibpZ3C830+qsAB8RPEHJH7zknFNPponAqH7kt1I8WQL6fa2TCuxIBijzDLbtX1xH4klTeMRJTK+tmLRUUjUefD/f7lNlgce7o9zkHktO5u1hmpC95/NC2cylzU9RWglHqJ21fSg66y441lm0Y9ZUc2p7DQFQP0f6kovuPWgVPWuMCQHVPgCWqqlKfTK3Dyscn9MfsCUnN2fZY+T0fx3lutLcIOwvQc/N2EDJIb0/R+7XMrzfUDVrkGeBoG11tBkKjltdC19JrAmGAkfIcN0LMOeZT7yTlZ/f/6d5C19DegXX74owM4V4pkqs/hbpmDkvQYkSXPfVpZ9ZTVUVSBrwKVaVX9A1hTXjIzfsuoZheMIdlakt0qSIuukyaIxzi1aAH67nR0kp+XCLldBDXGKQXah+mIGQPDBwWFR34re40jzxKmvLT+Dq+5yASgoLDbul8IYDJa2r7yYZQu+EgsW24p62q+y041wW4YIGBJs/cQqpCw== stephen304@gmail.com
Allow SSH over Yggdrasil
- Navigate to Network > Firewall
- Select the "Traffic Rules tab
- Scroll down to "Allow-SSH-Yggdrasil"
- Enable the Accept input checkbox
- Click "Save and Apply"
The Diagnostic Page
The Yggdrasil Page
One of the most helpful screens for troubleshooting is the Yggdrasil page. This page is entirely focused on your mesh node's status within the global Yggdrasil mesh network. You can access the Yggdrasil page by selecting "Network > Yggdrasil" on the right-hand menu in OpenWrt.
Important Yggdrasil Information
You can view important information about your mesh node in the Yggdrasil screen. Among other things, you can view your node's static IPv6 address and public key.
Your static IPv6 address is unique to the Yggdrasil, and never changes. It comes in handy very frequently, and is used for remote support (among other things.) Your public key is sometimes used to gain access to private resources on the Yggdrasil network. It's good to know where it is just in case you ever need it.
Checking for Peers
As long as your mesh node has public Yggdrasil peers, it is connected to the global Yggdrasil mesh network. This means that things like remote support will work properly. If you're interested in learning more about Yggdrasil vs. the Internet vs. the LAN, see our Network Architecture page.
A working mesh node should have several peers. You can see these in the following screen:
If you don't have any peers, your Yggdrasil screen will look something like this:
Test that you can access Yggdrasil sites
You should be on the Yggdrasil network now. Verify that you are by going to http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/ to view the Yggdrasil Network home page. Alternatively you can connect to YaCy, the Yggdrasil Search engine, at http://[300:7232:2b0e:d6e9:216:3eff:fe38:cefc]:8090//
The Internet Gateway Page
Once you are connected to the Yggdrasil mesh network (see previous section), it is time to configure the node for internet access. To do so, the node needs to be connected to an internet gateway. We use a program called Autoygg for this purpose. You can access the Internet Gateway page by selecting "Network > Internet Gateway" in the left-hand menu in OpenWrt.
The Autoygg client status page
The Status page shows the current connection state with the configured Autoygg Gateway. On first boot, the page will show that you are disconnected:
The Autoygg client settings page
On the Settings page, an Internet Gateway server can be configured. It is also possible (but not required) to populate your name, e-mail address and/or phone number, to identify yourself to the gateway owner.
Connecting to a Mass Mesh public Internet Gateway
Mass Mesh runs a public Internet Gateway at the address 200:83a1:3b1a:e7af:4b46:6169:8435:9280. If you would like to use it to connect to the internet, put that address in the autoygg gateway field and click SAVE & APPLY:
At this point, the Status page will show you are not connected:
Before you can connect to the internet via the Mass Mesh gateway, one of our volunteers will need to add your node to the accesslist on the gateway server. You can request this in the Mass Mesh AP Hosts chat room. Please provide your Yggdrasil IPv6 address when you do so, which is available on the Yggdrasil node status page:
Once your node is added to our accesslist, you can hit the Connect button and if that goes well, the status page will look similar to this:
Connecting to your own Internet Gateway
It is also possible to run your own Internet Gateway server. This can be done on a cheap cloud VPS, for instance. It requires installing and running the Autoygg server. If you want assistance with this, please ask in the MassMesh Tech chat room.