summaryrefslogtreecommitdiff
path: root/website/bugs/setup-test-server-for-public.mdwn
blob: aa6da61287877c1f80b83c6a707f1075577b1089 (plain) 
[[meta title="Setup test public server/gpg key"]]


It would be really useful for people trying out the monkeysphere to be able to
test it with a participating server as soon as they've finished setting things
up. Minimally - just testing the acceptance of the server's identity would be
great.




I guess we don't really want to use george for this purpose?  Does
someone have a spare virtual machine that we could use for this
purpose?  The test machine wouldn't actually have to do any user
authentication, I guess.


-- Big Jimmy.




Maybe we should use George? As you point out - it doesn't actually
have to do any user authentication. It seems like a waste to have a
virtual machine that does nothing but deny people's ssh connections.
And - george is already setup and ready to go.
-- Sir Jam Jam




I like the idea of using George for this.  There's nothing wrong with
denying people's ssh connections.  Also, we could make public user
account with limited shells that we could add User IDs that we want to
encourage to try out the monkeysphere from that perspective.  For
example, if one of the George admins who is listed as an
identity-certifier has already certified Foo T. Bar's key, we could
write a simple note like:


Dear Foo T. Bar--

The user account "foo@george.riseup.net" has been created for
you.  You can ssh into it by adding an authentication subkey
to your OpenPGP key and publishing it to the public keyservers
(or to george.riseup.net).  The easiest way to do this is with
the monkeysphere.

You can verify george's ssh host key with the monkeysphere
before you connect to the host.  Here's how...



--dkg




So do we agree that george is doing what we want, and we can therefore
close this bug?


-- BJ (jgr)




I'm fine with closing this bug, unless we want to set up the limited
shell access/welcome letter like i described above.  If we want to do
that, it'd be worth keeping it open until those scripts are written.


I envision a script you'd invoke like:


root@george# addmsuser foo 'Foo T. Bar <foo@example.org>'



Which would create the foo account, populate
~foo/.config/monkeysphere/authorized_user_ids, make a note in a log
someplace, and send a welcome letter.


--dkg
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-05 01:51:31 +0000