-
Steven_M
Hi All, I'm setting up a node on a VPS. I've got it working with a plain connection, but I want the connection between my wallet and my node to be over SSL. How do I set that up?
-
moneromooo
Add --daemon-ssl enabled to the wallet command line.
-
moneromooo
You'll then want to make a cert (IIRC there's a moenro program for that), take its fingerprint (which it should print), and then use:
-
moneromooo
- for the wallet: --daemon-ssl-certificate /path/to/the/cert
-
moneromooo
er, sorry, the other way around
-
moneromooo
- for the daemon: --rpc-ssl-certificate /path/to/cert
-
moneromooo
- for the wallet: --daemon-ssl-allowed-fingerprints FP (and replace FP with the cert's fingerprint)
-
moneromooo
If that's not enough, see --help for both, might need another arg somewhere.
-
moneromooo
Ah, probably --daemon-ssl-private-key /path/to/pricate/key for the daemon as well. That shoild also genrated by the tool.
-
moneromooo
And once it's working, you could write up the steps in a new docs/SSL.md file if you don't mind ^_^
-
Steven_M
moneromooo: "(IIRC there's a moenro program for that)" Did you mean Monero?
-
moneromooo
Indeed I did.
-
moneromooo
The above forces SSL, and ensures the wallet connects to the right daemon. You can also add the mirrored options to ensure the daemon only accepts your wallet, if you wish to.
-
moneromooo
I think both having the same cert should be no problem.
-
moneromooo
(easier)
-
moneromooo
But if the daemon is considered at greater privacy risk (on a VPS), you may want to have two separate key/cert pairs.
-
Steven_M
Thought so, thanks :)
-
moneromooo
Though if the pairs are used just for that, it's not a huge diffrence really.
-
Steven_M
moneromooo: okay, hopefully I'll manage all this. I'm a server newbie ;)
-
moneromooo
Maybe also check monero.stackexchange.com, maybe the detailed steps are already there.
-
Steven_M
Good point, if not, I'll try your instructions :-)
-
ag4536
Hello, all!
-
moneromooo
Hello.
-
ag4536
My first time on IRC in a long time, so figured I'd stop by.
-
moneromooo
wb then :)
-
ag4536
Thanks!
-
ag4536
I'd been hanging around on Telegram and discord and whatnot, but rn I'm on a Pentium with 1 gig of ram
-
moneromooo
Yes, that's been a loooong time I see...
-
ag4536
rediscovering the joys of waiting for your machine to draw anything that requires a GUI
-
moneromooo
I didn't even think Pentiums hould even have 1 GB RAM.
-
ag4536
yeah, this is some later clone they used to put in netbooks
-
ag4536
"Intel Atom"
-
moneromooo
Oh, so not actual pentium, like the gen after 80486 ?
-
ag4536
Yeah, they came out around the same time as Win7
-
ag4536
But were pitifully underpowered for it
-
ag4536
so they ended up in a bunch of really crappy Japanese netbooks, like the one I'm rehabbing now
-
ag4536
This one runs Debian 11 fine enough, as long as you only run one program at a time
-
» moneromooo pass ag4536 the MSDOS floppy
-
» ag4536 tries to open firefox
-
» ag4536 is hit by a blast of fan air
-
moneromooo
Wait till you run monerod, you'll have to hang on to the desk to avoid being pushed away.
-
ag4536
Yeah, I was considering librebooting and using this thing as a paranoid activities computer
-
ag4536
but sort of hard to do when the most intensive thing you can do with it is generate an SSH key and send an email
-
moneromooo
lynx ?
-
moneromooo
Alright, what happens when you change a core header file happened, so I'm out for a bit while it builds.
-
ag4536
all right good luck!
-
ag4536
as for lynx, so much of the modern web requires JS that I want to scream
-
ag4536
all right, gotta run! bye!
-
ag4536
see you soon!
-
zoom0ut
The current block height is 2,683,787. Fork height is 2,688,888. 5,101 blocks to go, happening in approximately 170.03 hours
-
selsta
ok, we really have to put out v0.18.1.0 soon lol
-
hyc
I seem to recall there was a fork of either lynx or w3m with JS support. still didn't work all that well because so much of the graphical DOM was missing
-
hyc
One of my would-love-to-do items is write a web browser for MGR