Difference between revisions of "First Time Setup"

Jump to navigation Jump to search
m (→‎Enabling Remote Support: Add note about setting password first.)
Line 16: Line 16:
 
== Enabling Remote Support ==
 
== Enabling Remote Support ==
  
In order to enable remote support, you will need to authorize the maintenance team to access your mesh node using their SSH public keys, and you will also need to allow SSH over Yggdrasil. Following these steps, you will allow a maintainer to log into and use your mesh node remotely -- as long as it's connected to the global Yggdrasil network. See [[#The Yggdrasil Page]] if you think you may not be connected to the rest of the Yggdrasil network.
+
Following these steps, you will allow a maintainer to log into and use your mesh node remotely -- as long as it's connected to the global Yggdrasil network. See [[#The Yggdrasil Page]] if you think you may not be connected to the rest of the Yggdrasil network.
 +
 
 +
In order to enable remote support, you will need to:
 +
# Authorize the maintenance team to access your mesh node
 +
# Allow SSH over Yggdrasil
 +
 
 +
=== Authorize the Maintenance Team to Access Your Mesh Node ===
  
 
{{Note|You must first [[#Setting Your Password|Set Up a Password]] before adding authorized remote users.}}
 
{{Note|You must first [[#Setting Your Password|Set Up a Password]] before adding authorized remote users.}}
  
=== Authorize the Maintenance Team to Access Your Mesh Node ===
 
 
# Navigate to System > Administration
 
# Navigate to System > Administration
 
# Select the "SSH-Keys" tab
 
# Select the "SSH-Keys" tab

Revision as of 12:42, 16 August 2020

Tip: Before continuing, connect to your mesh node using the MassMesh.org wireless network or by connecting directly to the mesh node, like in Mesh Node Troubleshooting.

Setting Your Password

When you first boot your mesh node, there is no admin password set.

When you first boot your mesh node, there is no password set. This is quite dangerous, so OpenWrt will disable many useful features until you set one. Therefore, it is important that you set one up right away.

Warning: This is not the same thing as a wi-fi password. Your admin password should be a secret.

To set a password, complete the following steps:

  • Navigate to "System > Administration" in the left-hand menu of OpenWrt
    • Enter your desired password twice, and click "Save."
  • Enter your desired password twice, and hit Enter or click "Save."

Enabling Remote Support

Following these steps, you will allow a maintainer to log into and use your mesh node remotely -- as long as it's connected to the global Yggdrasil network. See #The Yggdrasil Page if you think you may not be connected to the rest of the Yggdrasil network.

In order to enable remote support, you will need to:

  1. Authorize the maintenance team to access your mesh node
  2. Allow SSH over Yggdrasil

Authorize the Maintenance Team to Access Your Mesh Node

Note: You must first Set Up a Password before adding authorized remote users.
  1. Navigate to System > Administration
  2. Select the "SSH-Keys" tab
    1. The ssh-keys tab.
  3. Enter the following keys, clicking "Add Key" in between each
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCndT67lJYJl1Re974keiGRzzD0m4qY9KM4m/XttWWinSggoFD+VKQDZchxnsyGbtDFH/NOSfI37MS+djccDj5fue1s/KnzL/j44JFyzt0M1pVgwopetMKTCaduCVeCQP2JN20Ss4fBI4FjvBM1tgAx3d1FUJEz7axwxJUBAgUDtvA1PUSKdhPxZTlWrKgHr4OXzdEoYJcLiktQc79QR2lJHKIBZgVq0C76Y/q+Q3mbl7ppLMmNgFRprXRkzDtRHndin5S7+f2zOlNryIGdnX3HCItr0XBkG/uNkrWnx0NFArP6Xq/BsJMhdNvl+KfCZiLYN2m3qxhEjZeTQIfBXh5wDfUzW0tPoDSCQ2WIBRjkSPjgnohskbakF6bnzLPJlsQofHfdDYUJJkywTYfo7FspPR4h2//FrBUDaRUXFUQBaguBTKX5P6U6quXSAfupkPIjZ7TkbxL0Q4OkWa/MX/QdBi/wZMYTcm4osJBmFxEZEumFHTb2gZ3SyTKD9sCKQHE= lurker@lurker-T450

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA3nzI6T6Lpd5xFoRewcx91Dv9sUzNNmdYfwOleemBFz0y3RaQElehUWasyjuIURZw7RL5EjvrqeQq9pe/lO99dO0F9yMuMsMH2t88YrVJQ/z/5Aa4I2zYQotKb/9CCfynsy41y5xywxtOwXiDk2kpo+c9VZCyCeW8Hnc9HaIpkKSLnkqDVhESzlrkYyNKZvUAL1hiFIzmmw/veFgRb7/ol76Ze3xsWugbHUECEIAKoz/8uaevOAAoJrMFhffFIQ8IfClqDZv2lnBBhvh1O9TO0Mg4klcieyQ1RZhMjeP4WnAa9PXP7xZlQHLgO9qO1jDd2sOdkX6EedCfX5jO4Y51HPJpV35uYumw3veftMlpIJFmA2eIQxU19SCYpojWRGXZ5v9WtFIHX2nGy+Gi1bk7TR+HBsCDXOPhhQk4ceIM4OonqEb1NJ57elxh6mFbDAQCZtYhRLqYvcyGpuBdVdLNOJbOZ7vBJY3Kfjxa87rvFIJheT6DXhpdRayeOovLm0vuJ53bZoWxWOqjpuigQqHtSB3OmintrKB916BhNFsHwPeZpK0ahZGFygV63REM/X8m0nOlHqyAY69uzLHyYXM83zAI1L5Y4wuzsVqO+1tnK6PMcfg5/DArjBrn7YqA5tzJY9EgdVVPjpgjD2yYYTOP6b3UUw4uFj3asnOX24dfVzk= ward@countzero

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVi8ExDYdV7EfkjQiMZA3o0QtjVNtd0wVzp9n1xFqY1dse/zHBqrEZQKBtbrk7D/NAI4qzoogC6SbHWa8fHPyc3LJuKbxHrSC8xylByGL7nAzI7AfmsHCQ8Z+OrgI625PzVpMCY/30D/rBgR2JTlzxlA35cuOPjN5r1HHE53+mVRu62jn/wTa16ubFXaYmibpZ3C830+qsAB8RPEHJH7zknFNPponAqH7kt1I8WQL6fa2TCuxIBijzDLbtX1xH4klTeMRJTK+tmLRUUjUefD/f7lNlgce7o9zkHktO5u1hmpC95/NC2cylzU9RWglHqJ21fSg66y441lm0Y9ZUc2p7DQFQP0f6kovuPWgVPWuMCQHVPgCWqqlKfTK3Dyscn9MfsCUnN2fZY+T0fx3lutLcIOwvQc/N2EDJIb0/R+7XMrzfUDVrkGeBoG11tBkKjltdC19JrAmGAkfIcN0LMOeZT7yTlZ/f/6d5C19DegXX74owM4V4pkqs/hbpmDkvQYkSXPfVpZ9ZTVUVSBrwKVaVX9A1hTXjIzfsuoZheMIdlakt0qSIuukyaIxzi1aAH67nR0kp+XCLldBDXGKQXah+mIGQPDBwWFR34re40jzxKmvLT+Dq+5yASgoLDbul8IYDJa2r7yYZQu+EgsW24p62q+y041wW4YIGBJs/cQqpCw== stephen304@gmail.com

Allow SSH over Yggdrasil

  1. Navigate to Network > Firewall
  2. Select the "Traffic Rules tab
    1. The network firewall traffic rules tab.
  3. Scroll down to "Allow-SSH-Yggdrasil"
  4. Enable the Accept input checkbox
    1. Enable the ssh-over-yggdrasil firewall rule.
  5. Click "Save and Apply"
    1. Click save and apply

The Diagnostic Page

The Yggdrasil Page

A working mesh node should have several peers.
If you don't have any peers, your Yggdrasil screen will look something like this.

One of the most helpful screens for troubleshooting is the Yggdrasil page. This page is entirely focused on your mesh node's status within the global Yggdrasil mesh network. As long as your mesh node has public Yggdrasil peers, it is connected to the global Yggdrasil mesh network. This means that things like remote support will work properly. If you're interested in learning more about Yggdrasil vs. the Internet vs. the LAN, see our Network Architecture page.

You can access the Yggdrasil page by selecting "Network > Yggdrasil" on the right-hand menu in OpenWrt.

Checking for Peers

A working mesh node should have several peers. You can see these in the following screen:

  • A working mesh node should have several peers.

If you don't have any peers, your Yggdrasil screen will look something like this:

  • If you don't have any peers, your Yggdrasil screen will look something like this.
  • Note the "Proto" column.... it says "self," because the only peer your mesh node has is ... itself!

The Internet Gateway Page