Changes

From Amahi Wiki
Jump to: navigation, search
2,015 bytes added ,  02:16, 17 November 2010
no edit summary
* Register to Amazon AWS
* launch instance of AMI "ami-0d638d64", during launch you can setup "security group" during which you have to open ports 80 and 2000 for all Internet IP (0.0.0.0/0) * ssh into it with the command shown on the amazon console, you'll need to save YOUR_KEYPAIR somewhere to do that* at this point you may want to create a root password with <code>passwd</code> for future convenience, if not skip this.
* create a user with:
<code>useradd -p PASSWORD USERNAME</code>
<code>ssh-keygen</code>
* upload your ssh key to the running instance with:
<code>scp -i YOURKEYPAIRYOUR_KEYPAIR.pem ~/.ssh/id_rsa.pub root@INSTANCEPUBLICIPINSTANCE_PUBLIC_IP:/home/USERNAME/id_rsa.pub</code>
*from your server again move your keypair to the authorized ssh key with:
<code>mv ~/id_rsa ~/.ssh/authorized_keys2 </code>
* check that /dev/null is readable, if not do a:
<code>chmod go+rw /dev/null</code>
* use <code>route</code> and <code>ifconfig</code> to find out your network setting(if you want a static IP you have to purchase an "elastic IP", please consider that IP persist after reboot but not after stop or termination)
* create your hda profile accordingly
as root follow the instruction for Fedora 12 system on the wiki for a ([[Self-install]]), on reboot disable DHCP and SAMBA server as they conflict with amazon network settings.At this point you have an amahi install which is reachable at the instance public ip and by following the above step you can now ssh into it from the computer where you generate the ssh key with <code>ssh USERNAME@INSTANCE_PUBLIC_IP</code>, if you need root access you can <code>su</code>. =TUNNELING=It is possible to create a tunnel from an existing Amahi server (or any server) behind an ISP NAT to a running instance in order to make it reachable from all the Internet with ssh, by doing this one does not need an Amahi system to be installed on Amazon and it actually conflicts as one needs the instance NOT to host a server on the same ports that it forwards to the NATted endpoint. * On the running instance linux system edit file <code>/etc/ssh/sshd_config</code> and uncomment the <code>AllowTcpForwarding yes</code> and <code>GatewayPorts yes</code> * On the NATted endpoint check that you have a server listening on LOCAL_PORT, you'll need to have the ssh key that's in the instance <code>~/.ssh/authorized_keys2</code> on this endpoint <code>~/.ssh/id_rsa.pub</code> for this to work this way, if this is not the case you can modify the command adding <code>USERNAME@INSTANCE_PUBLIC_IP</code> <code>ssh -R INSTANCE_PUBLIC_IP:LOCAL_PORT:localhost:REMOTE_PORT INSTANCE_PUBLIC_IP</code> Example:INSTANCE_PUBLIC_IP: 50.36.23.23LOCAL_PORT: 80REMOTE_PORT: 80 <code>ssh -R 50.36.23.23:80:localhost:80 50.36.23.23</code> and if you point to http://50.36.23.23/ you're actually being replied by the server listening on the NATted IP.
5

edits