Server Configuration

Each server to which the SRP must synchronize its working directory is configured in the SRP GUI through the Admin page. To configure the existence of a service node, add the necessary information to the Administration screen:

When configuring the SRP service node, the following fields need to be configured:

Field Description
Hostname/IP Address The hostname or IP address of the server.
Username The user to connect to the server with using SSH. This should usually be `n2in`.
SSH Identify File If a unique SSH private key file is to be used for this connection, the full path to this file is required.
If this file is not provided, the web-server user on the primary SRP is expected to be able to ssh to the host defined as the user given and log in without a password.
This would usually require the private key to be the web-server user’s default one (i.e. `~/.ssh/id_rsa`).
Comment An optional comment describing the server.

Prior to configuring a SRP Server in the GUI, the passwordless SSH login to the SRP server must be configured. This is done using a private/public SSH key pair, accessible to the UNIX user who executes the SRP management interface user interface (under Linux this will be www-data or httpd, depending on the target platform).

To configure the login for a SRP server, follow these steps:

sudo mkdir -p /var/lib/n2srp/etc
cd /var/lib/n2srp/etc
chmod 700 /var/lib/n2srp/etc
sudo ssh-keygen -t rsa

The following example interaction shows the creation. Note that when asking for a passphrase, press enter to give an empty passphrase:

# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa): /var/lib/n2srp/etc/srp_id_rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /var/lib/n2srp/etc/srp_id_rsa.
Your public key has been saved in /var/lib/n2srp/etc/
The key fingerprint is:
c7:39:82:41:ba:2d:3a:53:f8:38:48:e7:7d:64:02:2e root@n2srp-pri
chown -R www-data:www-data /var/lib/n2srp/etc
scp /var/lib/n2srp/etc/ n2in@srp-server: 
ssh n2in@srp-server
mkdir .-p ssh
chmod 700 .ssh
cat >> .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
chown -R n2in:daemon .ssh
su www-data -s `which bash`
ssh -i /var/lib/n2srp/etc/srp_id_rsa n2in@srp-server

This may display the following warning:

The authenticity of host 'primarysrp (' can't be established.
RSA key fingerprint is 43:e0:5b:fd:5a:cb:02:14:b4:28:ca:6b:2f:90:d0:ee.
Are you sure you want to continue connecting (yes/no)? 

If this is displayed, type yes<enter> to continue. There should be no request for any other interaction. In particular, there should be no password request.

Failed to add the host to the list of known hosts (/var/www/.ssh/known_hosts).

Create the directory /var/www/.ssh/ so that the known_hosts file can be created, and ensure that this directory is owned by the user www-data.

In addition, various restrictions may limit the ability for the client to log in. Always:

You can now configure the SRP server in the administration page. When configuring the SRP server ensure the username is set to the correct username to log in to the remote server, and that the SSH Identify File field is set to the path of the private key file created.

Configuration Errors

If passwordless login via ssh to a server is not configured successfully the GUI will present an error when attempting to save the SRP server record. The SRP attempts to perform a dry-run to log in to the SRP server, and if this fails, will not allow the record to be saved.

This ensures that at the point where the synchronisation is requested, the SRP server login will be successful, and the target directory for audio files exists.