Sunday, October 25, 2015

Day 28

Review of last week:

Hours 9 (3 given due to lifted meds and LEAF)

All around a great week.  Reality is I am limiting the hours I give myself when I pre-determine LEAF over Roars... extra-circular hours put me well over 10... so I will count it as "Around 10"

Average calls per day: ?? (ADD THIS AT WORK LATER) [Goal: 70]
Hours on ROARS: ~10 [Goal: 10]
Average size per day: 3.9 [Goal: 5]

----

Sunday, Day 28


LOG:  6.33 hrs.

GOALS:
-Get SCP sudo access
-Re-install wordpress correctly now that you have access to edit your own server.
-Get the plugin install thing to work... with any plugin
-Get your Salient theme installed.

See if you can get all that done and we'll re-evaluate at that point.

---

WinSCP Sudo Access

Seems that I need to connect as the root user, however there is a problem.

http://serverfault.com/questions/613393/getting-received-too-large-sftp-packet-error-when-connecting-with-root-account
I believe that the error message you are getting explains it.
Your server's root account has wrongly setup profile scripts. Some of them print a message that violates SFTP protocol. There's different profile script for a terminal and non-terminal session (one that has and does not have TTY allocated). Messages can be printed only from the script used for terminal sessions. When you print a message from profile script used for non-terminal sessions, it breaks any client using a strict protocol (such as SFTP or SCP).
The message starts with "Plea" as the error says. It can easily be something as trivial as
echo "Please be careful when using root account!"
You will see a complete message when you log in using SSH terminal (such as PuTTY).
Typically you will need to move the commands that print the message from .bashrc script to .bash_profile.
It works with ubuntu account, because its profile scripts do not print the error message.
See also WinSCP documentation for the error message:
http://winscp.net/eng/docs/message_large_packet
--
I opened with PuTTY to see the full message:

Googling -- "Please login as the user "ec2-user" rather than the user "root".
--
Appearently, Amazon blocks root access by default.  One solution is to make it so you can login to root without needing a password.
I am going to keep this in my back pocket as a solution but I am not going to do it this way unless I fail to get sudo working.  This has obvious security implications and it means that I will be going against Amazon's default parameters, which they obviously have setup for good reasons, whether its security or just preventing me from making stupid mistakes with root.
Solution:
--
Now, the other tactic is to get SCP to be able to Sudo, which RED HAT prevents by default (by default TTY is required for Sudo, TTY = command line console like PuTTY), but they admit that this is outdated and will be removed in the future.
TTY disabled...
You can't change users (meaning, no sudo / su) after login with WinSCP, so you have to do it on login.
Aaaaannnnd permission is GRANTED!!  I'm finally passed the security guard and in the club.
-----

INSTALLING WORDPRESS

Requirements:
  • PHP 5.6 or greater
  • MySQL 5.5 or greater
  • The mod_rewrite Apache module

Not required, but recommended for better security

Hosting is more secure when PHP applications, like WordPress, are run using your account’s username instead of the server’s default shared username. The most common way nowadays for hosting companies to do this is using suPHP. Just ask your potential host if they run suPHP or something similar.
^ suPHP MAY BE REQUIRED for some of these plugins to install.  Might explain where I got held up in the beginning of the year.
Since I don't know yet, I am going to proceed without it, maybe install it later for security if nothing else.
0. (Pre-req) Creating a secure password for your Secret Key in wp-config
1. Download / Extract
2. DATABASE.  I know one has been setup by AWS already... need to figure out the name / location and MySQL username / password.
3. ...hold-on... need to figure out 2

STEP 0: Secret Key in wp-config

Step 1: Installing... easy enough

Step 2: Database

What is my info?
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'database_name_here' );

/** MySQL database username */
define( 'DB_USER', 'username_here' );

/** MySQL database password */
define( 'DB_PASSWORD', 'password_here' );

/** MySQL hostname */
define( 'DB_HOST', 'localhost' );





Database name: insomniadb



Username: jcahoon (in theory... may have been changed to jcmo per my accident below, prob not tho)



Password: standard



Hostname: I suspect "localhost" is ALREADY correct.  After all, in my stack details, it says "creates a sample wordpress blog with a local MySQL database.

UPDATE: Wordpress install guide is saying "It's usually just localhost".







Man, if only I could find the "Stack" it made and maybe just get access to all this stuff.  I mean, where'd it go, am I rite??







Yeah.  Which is why we dont put 8 months of blank space in between working on the same project.  Here's the "stack", I used "CloudFormation"

































You can also press "Update Stack" and update things... so here's what's up... there is no username lol.







Fuck, there was, it just shows up blank in edits, and now I don't know if I changed it or not.  When you look at design mode it doesn't say them there either, like it's hiding the info to protect me but at the same time it tricked me... thought it was blank.







Annd another wall... an hour of failure being able to add, change, or do anything with the above... I keep getting a fucking retarded error when updating the username / pass saying that I must use alphanumeric on DBpassword... last I checked, the letters of the alphabet ARE alphanumeric...







So decided I'm wasting time, just find the originals and try those, I see this from when I made it in Jan:



"



Making a stack using Amazon's sample WP blog template.



db is insomniadb

db passwords are standard,

user is jcahoon



"



but how do I know for sure it'll work???  I don't even know if I just changed it or not.







Based on the error, if I failed to change something it was just the DBpass.  That or nothing changed.  Feels like nothing changed... no confirmation that any changes went through.



Found

the

DB:



var/lib/mysql/insomniadb



But I doubt that's going to help me.  At least I am pretty sure I know it's name for sure :)



Back to wordpress:



https://codex.wordpress.org/Installing_WordPress#Using_the_MySQL_Client






    

  • Should you need, you can make a new database.  Seems that if anything I will just overwrite the old one which is fine.
    • 




Okay let's just try this.







Secret Key Generator:








Installation Link:



http://52.11.177.228/wp-admin/install.php





AND SHE'S BACK!

http://52.11.177.228/testwp1/



Working just great too :)



RECAP



Objectives completed:

--Security issues solved, WinSCP full access gained,

--Personally installed new wordpress blog.

--Various learning and understanding about wordpress, accessing databases, security & how to connect to SSH with sudo, AWS services & stacks, etc.  Big learning day.  Getting the theme installed is going to draw upon this knowledge.



Failed to complete:

--Install Salient



At least I know what to do next.  Do it on the wptest1 blog.



HOURS: 8:50 - 3:10 -- 6.33 -- PASS


















Posted by



at






















Labels:


















No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)