Juniper Alpha basic installation

Hi @nedbat :slight_smile:

I tried a basic native installation of Juniper Alpha 1 on Friday December 20.

2 early problems.

Problem A

Since I was installing on AWS, I was using ssh with the user ubuntu to connect to the server. After the installation, I could no longer use ssh with the user ubuntu because a line was added to the contents of /etc/ssh/sshd_config:
AllowUsers automated_user #automated_users_allowed_to_ssh

I had to comment that line in order to be able to ssh to the server with the user ubuntu. I previously mentioned this problem in one of our private chats on November 17.

Problem B

As is, I cannot use the default accounts to connect to the LMS or the CMS because JWT is not configured properly in the defaults lms.env.conf and cms.env.conf files generated during the installation.

Error logs show:

As I mentioned previously in another topic, it would be very useful to the community if we had instructions on how to create the different keys and know where to put the values in right places in the JSON files under /edx/app/edxapp. I don’t think this is a far fetched suggestion because not everyone using or installing Open edX will be a crypto expert.

I will keep looking on Monday December 23 as it is my last day of work this year.

Merry Christmas. Happy Holidays. Happy New Year.

3 Likes

Updated on January 3rd, 2020.

Some potential solutions to my 2 earliest problems.

Problem A

As we are running under a native installation in AWS, Here is what I did.

In /etc/ssh/sshd_config, I replaced
AllowUsers automated_user #automated_users_allowed_to_ssh
by
AllowUsers ubuntu automated_user #automated_users_allowed_to_ssh

And then, I ran
sudo service sshd restart

I was then able to remotely login through ssh again with user ubuntu.

Problem B

I might have a follow-up questions with regards to /edx/etc/lms.yml and /edx/app/edxapp/lms.env.json, but for now I was able to add the correct values in /edx/etc/lms.yml.

I first had to run the following commands:
sudo -H -u edxapp bash
cd ~
source edxapp_env
source venvs/edxapp/bin/activate
cd edx-platform
python manage.py lms generate_jwt_signing_key

The last command generates values for JWT_PUBLIC_SIGNING_JWK_SET, JWT_PRIVATE_SIGNING_JWK and JWT_SIGNING_ALGORITHM that needs to be filled in into /edx/etc/lms.yml.

And after restarting the LMS and the CMS, I was able to login again with my regular user in the LMS and the CMS.

I don’t know, if this is the “official” solution but it did work for me.

1 Like

Problem A (can’t ssh to the box) is now fixed on the open-release/juniper.alpha1 branch.

1 Like

A post was merged into an existing topic: JWT and Juniper?