How to set up ec2 t1.micro Ubuntu for Masternode part 2/3

Still nothing. Can I close all instances of port 53, 953, and 123 (DNS and NTP)?

Code:
:~# tail -f ~/.darkcoin/debug.log
2014-05-16 20:01:08 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:08 connect() failed after select(): Connection refused
2014-05-16 20:01:09 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:09 connect() failed after select(): Connection refused
2014-05-16 20:01:09 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:09 connect() failed after select(): Connection refused
2014-05-16 20:01:10 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:10 connect() failed after select(): Connection refused
2014-05-16 20:01:10 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:10 connect() failed after select(): Connection refused
2014-05-16 20:01:11 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:11 connect() failed after select(): Connection refused
2014-05-16 20:01:11 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:11 connect() failed after select(): Connection refused
2014-05-16 20:01:12 trying connection 192.99.32.166:9999 lastseen=86.7hrs
2014-05-16 20:01:12 connect() failed after select(): Connection refused
^C

root@vps23633:~# sudo netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:9999            0.0.0.0:*               LISTEN      816/darkcoind 
tcp        0      0 <MY IP>:53       0.0.0.0:*               LISTEN      426/named     
tcp        0      0 127.0.0.2:53            0.0.0.0:*               LISTEN      426/named     
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      426/named     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      376/sshd      
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      426/named     
tcp6       0      0 :::9998                 :::*                    LISTEN      816/darkcoind 
tcp6       0      0 :::9999                 :::*                    LISTEN      816/darkcoind 
tcp6       0      0 :::53                   :::*                    LISTEN      426/named     
tcp6       0      0 :::22                   :::*                    LISTEN      376/sshd      
tcp6       0      0 ::1:953                 :::*                    LISTEN      426/named     
udp        0      0 <MY IP>:53       0.0.0.0:*                           426/named     
udp        0      0 127.0.0.2:53            0.0.0.0:*                           426/named     
udp        0      0 127.0.0.1:53            0.0.0.0:*                           426/named     
udp        0      0 <MY IP>:123      0.0.0.0:*                           467/ntpd      
udp        0      0 127.0.0.2:123           0.0.0.0:*                           467/ntpd      
udp        0      0 127.0.0.1:123           0.0.0.0:*                           467/ntpd      
udp        0      0 0.0.0.0:123             0.0.0.0:*                           467/ntpd      
udp6       0      0 :::53                   :::*                                426/named     
udp6       0      0 ::1:123                 :::*                                467/ntpd      
udp6       0      0 <MY IPV6 IP>:::123 :::*                                467/ntpd      
udp6       0      0 :::123                  :::*                                467/ntpd

I'd assume so, sorry I'm no guru I just saw that error before and thought waiting would help.
 
Does this look about right for non-Amazon EC2 iptable settings?

Code:
-P INPUT DROP
-P OUTPUT DROP
-P FORWARD DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp --dport 9999 -j ACCEPT
-A OUTPUT -p tcp --dport 9999 -j ACCEPT
-A INPUT -j DROP
-A OUTPUT -j DROP

I'm going to tailor it to only allow ssh from a couple IP addresses, but am I on the right track at least?
 
Well I am up using this guide! Thanks alot.

I would like to go the cold storage route but couldn't figure it out with my windows wallet. Assuming my wallet.dat isn't compromised on the masternode, can I still use my local windows wallet (where the backup wallet.dat came from) for in/out transactions as long as there are always >1000 DRK in it?
 
awsome setup guide... Thank you. will send coin.

question: How do the masternodes get paid.. does it go to the address of the 1k drk?
 
Step #1
1. login to ec2 ami
Code:
ssh -i downloaded_pemfile [EMAIL]Ubuntu@ami_public_ip
[/EMAIL]

I cannot not get past the first step.
I can login the system. However, the following command does not work for me:
ssh -i "C:\SSH_KEY_FOR_EC2_SP.pem" ubuntu@my_path.amazonaws.com

I receive an error saying that no file or directory is found.

What pem file should I use then?
 
Last edited by a moderator:
Step #1
Did you set up a private key and downloaded it somewhere? This is your file!
All I know is that I provided some pem file and had to browse to it when I configured the an instance on the AWS EC2 VM.
That's the same pem file that I am trying to specify again.

I ended up skipping step #1 and got to step #6 where I apparently do not have permission.
I'm not sure if step #1 was necessary.
 
Last edited by a moderator:
Step #6
I also receive an error:

E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?

When I try to login as root, I get kicked out the system.

Any suggestions?
 
Last edited by a moderator:
All I know is that I provided some pem file and had to browse to it when I configured the an instance on the AWS EC2 VM.
That's the same pem file that I am trying to specify again.

I ended up skipping step #1 and got to step #6 where I apparently do not have pernission.
I'm not sure if step #1 was necessary.
Terminate your instance and set up a new one. Create and download a new key and use this. Try again.
 
Step #1
Terminate your instance and set up a new one. Create and download a new key and use this. Try again.

I started over and attempted step #1:
ssh -i "C:\SSH_KEY_FOR_EC2_SP.pem" [email protected]

I receive the following result:
Warning: Identity file C:\SSH_KEY_FOR_EC2_SP.pem not accessible: No such file or directory.
The authenticity of host 'some_prefix.us-west-2.compute.amazonaws.com (xxx.xx.xx.xxx)' can't be established.
ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.


Questions:
Am I suppose to provide the full path to my local directory file?
 
Last edited by a moderator:
Hey....

after copying the encrypted wallet.dat to masternode server, and restarting the server...
how do i unlock the wallet, if wallet includes characters like ! # % & ... which give an error in bash (when using it in line: darkcoind masternode start passwordwithcharacters!"#$%&/()= )?

thanks wg
 
Step #1
Yes the full path. Arent you on linux? "C:\" is a windows path..
My private key is saved on my Windows machine.
I used windows to configure AWS and downloaded the private key (.pem) file onto my Windows box.

Question:
Is step #1 really necessary?
Running the Putty tool makes me think I am already authenticated when launching the cmd tool:
Using username "ubuntu".
Authenticating with public key "imported-openssh-key"
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)

I also attempted the following:
ssh -i SSH_KEY_FOR_EC2_SP.pem [email protected] -config "..\share\openssl.cnf"
Results:
Warning: Identity file SSH_KEY_FOR_EC2_SP.pem not accessible: No such file or directory.
Unknown cipher type 'onfig'


I'm not sure what I'm doing wrong.
I thought the command requires the private key file path that was downloaded onto my Windows machine.
 
Last edited by a moderator:
Step #6
I am not sure how to enter the commands onto the console:
* enable sysstat(edit)
Code:
edit /etc/default/sysstat
* /etc/default/sysstat : "ENABLED="true"
edit /etc/cron.d/sysstat
* /etc/cron.d/sysstat : sar 10 min to 1 min : 5-55/10 * * * * ---> */1 * * * *

Question:
Do I copy and paste this onto the console's command editor as a whole?
Or do I enter the commands one line at a time?
I tried both and I am unsuccessful.
 
Last edited by a moderator:
Wait wait!! as long as you fail to log in with SSH dont continue with the other steps!

Tell me please, what is the exact name and location of the .pem file in your linux file system!?
 
Step #1
Wait wait!! as long as you fail to log in with SSH dont continue with the other steps!

Tell me please, what is the exact name and location of the .pem file in your linux file system!?
File Name: SSH_KEY_FOR_EC2_SP.pem
Location: I do not know.
I would assume that there's a default location that AWS EC2 puts the file into when the pem file gets downloaded instance configuration time.

I am not familiar with how Ubuntu works.
As a result, I am unsure of how to retrieve the location of the pem file.

Update:
If I am already authenticated then perhaps the Putty Configuration tool that I'm running on Windows does this for me on its Connection | SSH | Auth | Authentication Parameters field.
 
Last edited by a moderator:
Step #6
I am not sure how to enter the commands onto the console:


Question:
Do I copy and paste this onto the console's command editor as a whole?
Or do I enter the commands one line at a time?
I tried both and I am unsuccessful.



Use editor.
nano, vi....


first
cat /etc/default/sysstat
cat /etc/cron.d/sysstat


You will know waht to do.
 
Step #6

edit /etc/cron.d/sysstat
* /etc/cron.d/sysstat : sar 10 min to 1 min : 5-55/10 * * * * ---> */1 * * * *

Question:
Is the text in blue font correct when modifying the file?

GNU nano 2.2.6 File: /etc/cron.d/sysstat Modified
# The first element of the path is a directory where the debian-sa1
# script is located
PATH=/usr/lib/sysstat:/usr/sbin:/usr/sbin:/usr/bin:/sbin:/bin
# Activity reports every 10 minutes everyday
5-55/10 * * * * ---> */1 * * * * root command -v debian-sa1 > /dev/null && debi$
# Additional run at 23:59 to rotate the statistics file
59 23 * * * root command -v debian-sa1 > /dev/null && debian-sa1 60 2
 
Step #6
cat > /etc/rc.local << EOF
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
/sbin/iptables-restore < /etc/iptables
exit 0
EOF

Issue:
I receive a permission denied error when running this:
-bash: /etc/rc.local: Permission denied
I tried executing this at the root directory and I have also tried using sudo in front of the command.
Any suggestions?

Update:
I apparently misread the instructions.
I just need to edit the file and add the content in there instead of executing it on the command line.
 
Last edited by a moderator:
Back
Top