Getting Started With Rails Machine

Once you have received notification that your Rails Machine is ready you should follow these instructions to secure it.

Local User Accounts

There are three users that you need to concern yourself with: you, deploy, and root. When you are notified that your Rails Machine is ready, you will also be told what your username is. Your personal account is intended to be just an unprivileged local user. deploy is the user that will own your web apps and the user your mongrel cluster will run as. The user root is, of course, the privileged user on your Rails Machine.

First log in to your server using ssh and change your password:

ssh you@your_account.railsmachina.com
passwd

Your root password is stored in your users home directory in a text file called root.txt. We don’t want to keep that laying around and we are going to have you change that as we proceed. Take a look at that root password now:

cat root.txt

Using the password you just printed to your screen you can now log in as root:

su - root

Lets now change that password. Make sure you don’t forget this password. You may not use it that often, thats one of the great things about Rails Machine, but you really don’t want to forget it:

passwd

We have already created the ‘deploy’ user for you. All you need to do is set its password. Don’t forget this password either. You will use the ‘deploy’ user all the time. All of the Capistrano tasks are performed by the ‘deploy’ user on your Rails Machine.

passwd 'deploy'

Now that we have changed all of our user passwords we need to start using the shadow password file. This is simple and a common security measure:

pwconv

Database Users

The previous steps took care of the system passwords for our three existing users. We need to change the ‘root’ and ‘deploy’ user’s mysql passwords. First we connect to mysql as root using the root password from root.txt


  mysql -u root -p
  mysql> SET PASSWORD = PASSWORD('new_pass');
  mysql> GRANT ALL PRIVILEGES ON *.* TO 'deploy'@'localhost' IDENTIFIED BY 'some_pass' WITH GRANT OPTION;
  mysql> quit;

You are now done securing your Rails Machine. Log out of your root shell, delete the root.txt file and end your ssh session:


  exit
  rm root.txt
  exit

Now your server is ready for deploying applications!

Making logins a breeze

Next, you should read about Using SSH Keys rather than typing your password every time you log in.

Meta