the current RC for NS8 does not have a CLI interface to SSH into the server, simila rto what we had in NS7,
Would this be a feature that would be added or considered to be added later to the NS8?
it ussually came in handy, and considering that NS8 now does have its own built in seprate cluster admin users, it would be really great to have such a feature.
The terminal in javascript was a feature proposed by cockpit. Cockpit is still workable AFAIK. You can use it
@davidep here asked NS8 beta2 - Unable to login to Cockpit - #7 by davidep
WHat would be the reason for accessing cockpit, and so i guess the plan is to make it that, cockpit is not required to be used on the server
Also,
if password login has been disabled on the server, and only ssh keys is allowed,
would activating cockpit mean that i would have to enable password login on the server?
I’ve never seen a significant benefit to such a feature. TrueNAS has it, and I never use it. Proxmox has it, and I never use it there either (for the host itself; I use the virtual console for the VMs all the time). What’s the benefit compared to just ssh user@host? Every halfway modern operating system (yes, including Windows since Windows 10) has an ssh client–opening a terminal window and running it has to be faster than opening a browser, browsing to the NS8/Cockpit/whatever web UI, logging in there, and then browsing to the web shell.
well its just a quality of life improvement.
say, i tell you, DanB kindly login to my server and install the module X, that was developed by user B
With the interface, i only need to go to NS8 admin interface, add a cluster admin user,
and then you go to browser, login to the server, open terminal window, and do your thing.
Without it, this is what would happen.
Assuming root login is disabled,
assuming pwd login is disabled.
Ill have to share my ssh key with you,
or
add a new user on ssh, upload and assign ssh key for you, most of which are abit cumbersome.
then share my root password, because you need to be rrot to install apps.
isnt it all cumbersome…
Meshcentral used to get it done so well.
I just share a server, and setup security, and anyone can have some access
(MEshcentral Module for NS8, Where are you…)
Heavens no; it would be silly to do either of these. I would give you a SSH public key, keeping the private key, well, private. You’d either temporarily add that to the root user (echo $key >> /root/.ssh/authorized_keys), or (better, but a little more work) to a different user with sudo access. It’s a different process than doing it through the GUI to be sure, but I don’t see that it’s any more cumbersone.
Alternatively, What about an Interface for Uploading and assigning Public Key SSH… that would also be interesting.
Better yet still: NS8-MeshCentral and TacticalRMM Module - Feature - NethServer Community
Hmm…
FYI, every linux/bsd out there has SSH built in, right… and what’s nice now is so does Windows 11. Might even be in 10, but I don’t have one handy to test.
just scp your key over as such:
scp ~/.ssh/keys/client123/id_rsa.pub user@server:~/id_rsa.pub
ssh to the server with the password and then…
mv id_rsa.pub >> ~/.ssh/authorized_keys
I’m personally happy they don’t have yet another javascript library in the GUI for something so basic.
now, if a proper batch script that takes the ssh key from a folder, login to server, copies it into the server, would be nifty
Yes, it is.
But that seems kind of a convoluted way to copy over a public key. If your client is anything but Windows, the simplest way to do it is with ssh-copy-id user@host. If your client machine is running Windows, it doesn’t look like that command is available for some reason, but in that case, ssh to the host, nano .ssh/authorized_keys, and then paste in the public key. The scp seems like an unnecessary step in any case.
That’s called ssh-copy-id, and it’s part of the standard OpenSSH package.
But really, all that would be needed in the normal case would be:
export KEY=$(cat ~/.ssh/id_rsa.pub)
ssh user@host echo $KEY >> ~/.ssh/authorized_keys
…assuming that’s the name of your public key file; more recently it might be id_ed25519.pub instead.
Need it under Windows? Looks like this should do the job:
would just be easier to have an interface to add, asign and remove ssh keys on ns8.
hopefully sometime in the future, but untill then…
Since NS8 doesn’t deal with system-level users at all, I’d say probably not. But it looks like this can be done through Cockpit as well.
As has been discussed several times, NS8 doesn’t include any tools to manage the server itself. Installing updates? Not there. Configuring the network? Not there. System-level user management? Not there either. Heck, even shutting down the system isn’t there. And while I don’t love that fact, and I’m not sure (easy for me to say) it would be a huge amount of development work to figure out which of the two supported distros (because there really only are two: Debian and EL) is being used, and adapt accordingly, that’s the way it’s designed.
So, come up with other ways of managing the system. Use the CLI–it isn’t too hard for the basic tasks that are likely to be necessary. Or install some other tool, like Cockpit or Webmin.
its an interesting take.
So basically, no OS level management on NS8, and No installing non standard software on the platform… this is interesting.
Is this news to you? How?
I don’t think anyone’s said that. I know I didn’t; I explicitly suggested doing so.
It has been said, by Davide, I think. I’ll see if I can find the post.
My 2 cents
Andy
oh, this one fo sure was mentioned on one of the conversations on the direction of NS8.
thats why there was a lot of talks on Modules, and i requested the call on actually running apps on nethserver 8.
I even posted how to run normal generic docker image here, and its very different from normal case.
so, unless its a NS8 module, do not install other applications on the server, least you brick things(ok this part is my own)
here is the post:
from this post: Is NethServer the right name for the new version? - #24 by davidep
In short @danb35 a significant amount of hand holding from the developers is required to get some non conventional apps to actually owkr on Ns.
the normal CRUD apps, those would be ok, and the Ninjas in this community given enough time would figure it out.
for complex apps like an SSH terminal to work, or VPN, or server automation scripts… unless we get some samples built by the dev team, i dont see how we could manage
…but Stephane has suggested–in this very thread, no less–installing Cockpit with NS8. That’s additional software that isn’t part of the base distro, nor is it part of NS8. And it’s never been the case with NS7 that you can’t install any software other than NS modules–though in both cases, you’re on your own to ensure they don’t interfere with the rest of what the system’s doing.
But with respect to SSH specifically, this whole thread strikes me as odd. SSH is fundamentally a command-line tool. There are mature tools for configuring and managing it at the command line. I don’t understand the desire for a GUI way to configure/use a command-line tool. Not that it’s bad as such, but I just don’t see why it’s particularly desirable.
I don’t use Windows save as a case to provide some application for a user, or to give them a Windows environment on the other side of Guacamole.
Cool that you have a your own way to solve this, good thing There Is More Than One Way To Do It (TIMTOWDI). I’m a Perl coder by nature, and TIMTOWDI is a normal thing.
I’ll continue doing it the way I do because I spend some 50% of my time in the commandline rather than the GUI as it’s much better more predictable!
have a good one.
Everyone asking for maintenance system on the operating system… keep in mind they mean for you to have the FREEDOM to install it where you want via:
curl https://raw.githubusercontent.com/NethServer/ns8-core/ns8-stable/core/install.sh | bash
so this lends itself to being installed on some systems
System requirements — NS8 documentation
with a pretty large amount of installation differences.
Rocky and Debian have pretty distinct differences in the userland layout, one is more like BSD, the other is System V -alike.
regardless… you will be in charge of the vehicle’s maintenance and build. NS8 is providing you the passengers and ensuring they are good citizens.