Our Advanced Integration setup process requires our backend platform to be provided with access to your server via SSH. Our process also requires that it is given sudo access to your server.
During setup, you'll be asked to either provide the password of a system user with sufficient root priviledges or to add an SSH key to the server.
To put your mind at ease, our setup process uses the sudo access to log on to your server and create our own
serverauth user on your server. It is also then granted sudo access of it's own.
That is it. All Server Management actions performed via our platform will then be run through the
serverauth user which means there's no worry of losing access to your server should you add / update or delete another user on your server.
If you chose to provide a password, we'll use this to log in as the user you specify and will then use 'sudo' permissions to set up the ServerAuth user.
If the user you provided does not have sudo permissions we will not be able to configure your server for use on ServerAuth. You can check if your user has permission by running
sudo su when logged in. If after entering your password again (if prompted) you can log in as the root user then this will work.
A more secure way for us to access the server is by using an SSH Key. We'll provide you with the public key to add, and this goes in the users
Please note that the user you permit us to login as here must have passwordless sudo permissions. You can verify this by running
sudo su as the user. If you are prompted for a password then this will not work, and you'll need to update the user's sudoers file accordingly.
To do this, run
sudo nano /etc/sudoers.d/<username> and in that file place this, updating the username:
<username> ALL=(ALL) NOPASSWD: ALL
Once completed, save and exit using CTRL+X. Open a new terminal window and log back in again, you should now be able to run
sudo su without being prompted for a password.
If your server is behind a firewall and you've restricted the IPs that can access SSH you'll need to whitelist our systems outbound IP addresses. We only require access to your SSH port, and no other traffic comes from these IPs.
Occasionally a server setup won't go as planned. This is generally down to us not being able to access the server to perform the setup process. Please check that the server user account you provided us with has the correct permissions to run commands as root, and is not IP restricted in any way that would prevent our system from accessing your server.
In addition, your server must be on our supported operating systems list for Advanced Integration and contain no modifications to the system's base user setup process.