Pontiff Fractal Tiam

Can anyone @delta help me with setting up a relay server? I'm following the docs.

  • root ssh access is (reluctantly) allowed
  • pyinfra still asks for password of a random ssh key on my local machine
  • it fails because authentication fails

I don't get it, because password authentication is enabled.

#deltachat #fedihelp

Setting up a chatmail relay - chatmail relay documentation

Feb 28 at 11:12amWeb
Show threadme of the when [TudbuT]Feb 28
@pft @delta im not sure pyinfra supports password auth and in general i see very little point in doing password auth over key auth
Show threadPontiff Fractal TiamFeb 28

@tudbut don't tell me that, tell @delta to change the docs. I'm just following the steps 🤖

But yes, the remarks don't help.

Show threadDelta ChatFeb 28

@pft @tudbut note that the target machine is supposed to be a debian12 pretty blank machine that is managed by cmdeploy.

what exactly is wrong about the docs? right at the top is has a note about ssh (see attachment).

Show threadPontiff Fractal TiamFeb 28
@delta I'm an idiot.
Show threadDelta ChatFeb 28
@pft If your SSH key is password-protected, run "ssh-agent bash", then inside the shell unlock the key with "ssh-add", then run cmdeploy
Show threadPontiff Fractal TiamFeb 28

@delta cheers. I just added a public key to the server to avoid further headaches.

Edit: to clarify: there were no public keys involved. SSH password authentication for root. The script asked me the password and then fails because further on it expected public key authentication and doesn't find any matching keys.

I would mention this explicitly in the docs as a requirement. An option to run locally in the server would also be really appreciated.

Show threadDelta ChatFeb 28
@pft It is already written at https://chatmail.at/doc/relay/getting_started.html#minimal-requirements-and-prerequisites that "build machine" needs key-based SSH access to the server.
Setting up a chatmail relay - chatmail relay documentation

Show threadAdam JurkiewiczFeb 28

@pft

You can always set up ssh key without passphrase for this one job - then delete it ;-)
https://blog.jurkiewicz.tech/ssh-from-linux-to-linux-in-10-seconds-35b46ffd31cd

@delta

SSH from Linux to Linux in 10 seconds

This article explains how to manage ssh keys to connect from one Linux machine to another. My PC is Debian 12 and I use ssh for…

Medium
Show threadтимуркаMar 1
@pft
Hi. If I understand you correctly, you need to set connecting to your root passwordless. First on your main user you do ssh-keygen -t ed25519 -C "deploy".
Then you need to start ssh-copy-id root@yourDomainName.
For some reason I also did hostnamectl set-hostname *domain name*, but I don't remember why. Then do sudo nano /etc/ssh/sshd_config and make PasswordAuthentication no.

Docs are not good at explaining, sadly, so I made this:
https://timursagdenov.neocities.org/deltachatrelayinstallguide
I made this a long ago, so it may be not actual, but some people think it's better for deploying than the official docs.

@delta
Руководство по установке Chatmail relay

Show threadPontiff Fractal TiamMar 1

@zeus thanks for the elaboration. There was a massive misunderstanding on my side. The requirements explicitly mention key-based ssh account. My misunderstanding was based on the fact the the script first asks for the ssh password (not the key password!) does some checks and then fails.

@delta