How to Create a Full Generating Timekoin Node in a $5 VPS

[warmach]

Are there any implications or specific steps to required to setup ssl (self signed or certified) with the timekoin software? On apache2.

I'm a bit worried about sending clear text over the web to the vps timekoin server especially with private keys and passwords

Would be great to add that info to this tutorial if you have done that already

Another thing to do to secure the VPS would be to just automatically transfer out the timekoins. If there are no timekoins on the server to steal, what is the big deal?

I've written "harvester" scripts in the past that collect timekoins from other public keys and move them to a single key. All you really need is the private key of the source and public of the destination. This script could run on any timekoin machine, i.e. your own desktop. It would just broadcast the transactions from your desktop instead of originating from VPS.

[KnightMB]

Are there any implications or specific steps to required to setup ssl (self signed or certified) with the timekoin software? On apache2.

I'm a bit worried about sending clear text over the web to the vps timekoin server especially with private keys and passwords

Would be great to add that info to this tutorial if you have done that already

I had these concerns too but had not pieced that together yet.

I found this... https://www.digitalocean.com/community/ ... untu-12-04

I can add this to the tutorial of others find it is a good way to add SSL.

Another thing I would like to see is encrypting the server keys in the database. They are stored un-encrypted. How do we secure these while leaving them usable to generate?

I would like to be able to encrypt them like the client can, but the server won't be able to generate currency unless someone wants to enter the password every generation cycle.

I did have an idea, it's not completely hacker proof, but darn near close. Have the private key encrypted like the client does, when you start timekoin, you will have to enter a password first to unlock the key. The key is then loaded into memory and used to create the generation transactions this way.

The only downside would be if the server restarted on it's own, you would have to do the password again, otherwise it would not be able to create the transactions with the private key. If someone where to hack the server, at least they couldn't steal the keys from the actual hard drive. Trying to find the key in RAM somewhere would probably be a lot more difficult for a hacker, but if you have full control of a server in theory a memory map scan would be able to find it somewhere.

[whiteb]

Just set up a vps as a test thing.

I think I have followed all instructions......., and I emphasize I think).

I can log in to the interface, and start Timekoin, the process shows as running as well as Watchdog, but all the other processors and stuff show 'offline', then Timekoin and watchdog stall

[KnightMB]

Just set up a vps as a test thing.

I think I have followed all instructions......., and I emphasize I think).

I can log in to the interface, and start Timekoin, the process shows as running as well as Watchdog, but all the other processors and stuff show 'offline', then Timekoin and watchdog stall

Under the system tab, is CLI Mode disabled? That's what happens in Ubuntu because of the only one process allowed issue.

[whiteb]

Just set up a vps as a test thing.

I think I have followed all instructions......., and I emphasize I think).

I can log in to the interface, and start Timekoin, the process shows as running as well as Watchdog, but all the other processors and stuff show 'offline', then Timekoin and watchdog stall

Under the system tab, is CLI Mode disabled? That's what happens in Ubuntu because of the only one process allowed issue.

CLI-Mode is 'Disable', yes.

[KnightMB]

Under the system tab, is CLI Mode disabled? That's what happens in Ubuntu because of the only one process allowed issue.

CLI-Mode is 'Disable', yes.

You can already login, so the database must be setup correctly or else the default username/password would not work.

What type of access do you have to the VPS, console only?

[whiteb]

Under the system tab, is CLI Mode disabled? That's what happens in Ubuntu because of the only one process allowed issue.

CLI-Mode is 'Disable', yes.

You can already login, so the database must be setup correctly or else the default username/password would not work.

What type of access do you have to the VPS, console only?

Well, I am using Putty right now, or the Web access in to Timekoin.

[KnightMB]

I am doing the walk-through myself, so give me a little time and I'll see if mine works also

I might run into the same issue, so I can see first-hand what is stopping it from working.

[whiteb]

I am doing the walk-through myself, so give me a little time and I'll see if mine works also

I might run into the same issue, so I can see first-hand what is stopping it from working.

Okay, thanks.

I have to go to bed to start work early....., Will see what results you get.

[KnightMB]

I am doing the walk-through myself, so give me a little time and I'll see if mine works also

I might run into the same issue, so I can see first-hand what is stopping it from working.

Okay, thanks.

I have to go to bed to start work early....., Will see what results you get.

It all worked really well, the only snag I ran into was from the Digital Ocean documentation actually, in step 2. In their LAMP document, they have the code to install mysql and other relevant programs with

Code: Select all

sudo apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql

But the libapache2-mod-auth-mysql actually causes an error, so to install mysql properly you have to shorten it to

Code: Select all

sudo apt-get install mysql-server php5-mysql

Other than the little snag, everything else worked fine. I just copy/pasted every command and they all worked. There is probably some room for tweaks like adding a swap file to cache programs not used to save RAM and turning off the keepalive settings for apache, but everything works in the how-to so I give it a big thumbs up.