<?xml version="1.0"?>
<rss xmlns:dc="http://purl.org/dc/elements/1.1/" version="2.0">
  <channel>
    <title>CRIN Trac: Ticket #79: Create accounts for Matthew</title>
    <link>https://trac.crin.org/trac/ticket/79</link>
    <description>&lt;p&gt;
Create &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Trac"&gt;Trac&lt;/a&gt; and other accounts for Matthew.
&lt;/p&gt;
</description>
    <language>en-us</language>
    <image>
      <title>CRIN Trac</title>
      <url>https://trac.crin.org/trac/chrome/site/logo.gif</url>
      <link>https://trac.crin.org/trac/ticket/79</link>
    </image>
    <generator>Trac 1.0.2</generator>
    <item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Thu, 21 Jul 2016 10:30:01 GMT</pubDate>
      <title>hours changed; cc, totalhours set</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:1</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:1</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;cc&lt;/strong&gt;
              &lt;em&gt;matthew&lt;/em&gt; added
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.25&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                set to &lt;em&gt;0.25&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Following &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Trac#CreateanTracaccount"&gt;wiki:Trac#CreateanTracaccount&lt;/a&gt;
&lt;/p&gt;
&lt;pre class="wiki"&gt;sudo -i
su - trac -s /bin/bash
export NEWUSER="matthew"
htdigest .htpasswd trac $NEWUSER
trac-admin /var/www/trac permission add $NEWUSER admin
trac-admin /var/www/trac permission add $NEWUSER TRAC_ADMIN
&lt;/pre&gt;&lt;p&gt;
And then login to set the email address via &lt;a href="https://trac.crin.org/trac/prefs"&gt;https://trac.crin.org/trac/prefs&lt;/a&gt;.
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Thu, 21 Jul 2016 10:30:26 GMT</pubDate>
      <title>summary changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:2</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:2</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;summary&lt;/strong&gt;
                changed from &lt;em&gt;Create accounts for Mathew&lt;/em&gt; to &lt;em&gt;Create accounts for Matthew&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Thu, 21 Jul 2016 10:30:48 GMT</pubDate>
      <title>description changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:3</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:3</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;description&lt;/strong&gt;
              modified (&lt;a href="/trac/ticket/79?action=diff&amp;amp;version=3"&gt;diff&lt;/a&gt;)
            &lt;/li&gt;
          &lt;/ul&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 12 Sep 2016 10:57:19 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:4</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:4</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.5&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;0.25&lt;/em&gt; to &lt;em&gt;0.75&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Phone call with Mathew, we discussed:
&lt;/p&gt;
&lt;ul&gt;&lt;li&gt;SSH access to servers
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Drupal"&gt;Drupal&lt;/a&gt;, live, dev and staging admin access
&lt;/li&gt;&lt;li&gt;Solr
&lt;/li&gt;&lt;li&gt;IRC: #crin on irc.freenode.net
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/MediaWiki"&gt;MediaWiki&lt;/a&gt;
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/ownCloud"&gt;ownCloud&lt;/a&gt; - delete? Mathew to check
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Piwik"&gt;Piwik&lt;/a&gt;
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/phpMyAdmin"&gt;phpMyAdmin&lt;/a&gt; HTTP Auth
&lt;/li&gt;&lt;li&gt;1984.is
&lt;/li&gt;&lt;li&gt;​bitbucket.org
&lt;/li&gt;&lt;li&gt;set up &lt;a class="ext-link" href="https://keyringer.pw/"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://keyringer.pw/&lt;/a&gt; repo on bitbucket.org
&lt;/li&gt;&lt;/ul&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 12 Sep 2016 11:17:06 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:5</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:5</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.25&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;0.75&lt;/em&gt; to &lt;em&gt;1.0&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
I have sent Mathew my GPG public key and once I have Mathew's ssh public keys I can create accounts on the servers and we can start using IRC. I'll also now start to get keyringer.pw setup with a git repo on &lt;a class="ext-link" href="https://bitbucket.org/crin/"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://bitbucket.org/crin/&lt;/a&gt;
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 12 Sep 2016 13:51:52 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:6</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:6</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;2.25&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;1.0&lt;/em&gt; to &lt;em&gt;3.25&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Mathew and I also discussed archiving &lt;a class="ext-link" href="http://crinarchive.org/"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;http://crinarchive.org/&lt;/a&gt; the old ASP site, as static HTML, I suggested I could run &lt;a class="ext-link" href="http://www.httrack.com/"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;http://www.httrack.com/&lt;/a&gt; via the command line (it is in Debian) on a server to generate a static archive which we could host at archive.crin.org, this wouldn't take long and I expect could do it this month within the monthly hours I have.
&lt;/p&gt;
&lt;p&gt;
I have created &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt; and getting this setup (including all my errors... Mathew, you can skip most of this and jump to the last few lines of this comment...):
&lt;/p&gt;
&lt;p&gt;
A repo was created at bitbucket.org, &lt;a class="ext-link" href="https://bitbucket.org/crin/crin-keys"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://bitbucket.org/crin/crin-keys&lt;/a&gt;
&lt;/p&gt;
&lt;p&gt;
Following &lt;a class="ext-link" href="https://keyringer.pw/#index3h2"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://keyringer.pw/#index3h2&lt;/a&gt;
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd ~
mkdir crin-keys
keyringer crin-keys init crin-keys chriscroome@bitbucket.org/crin/crin-keys.git
  fatal: repository 'chriscroome@bitbucket.org/crin/crin-keys.git' does not exist
  Error cloning remote chriscroome@bitbucket.org/crin/crin-keys.git
&lt;/pre&gt;&lt;p&gt;
So The git URL's are wrong above, &lt;a class="ext-link" href="https://confluence.atlassian.com/bitbucket/set-up-ssh-for-git-728138079.html"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;the docs&lt;/a&gt;:
&lt;/p&gt;
&lt;pre class="wiki"&gt;The authenticity of host 'bitbucket.org (104.192.143.1)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
+---[RSA 2048]----+
|         oE.     |
|        . o .    |
|       . . .     |
|        .o...    |
|      ..S.+= .   |
|       oo+= +    |
|       ooo . .   |
|        ... .    |
|       ..oo.     |
+-----------------+
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'bitbucket.org,104.192.143.1' (RSA) to the list of known hosts.
logged in as chriscroome.
You can use git or hg to connect to Bitbucket. Shell access is disabled.
&lt;/pre&gt;&lt;p&gt;
Starting again:
&lt;/p&gt;
&lt;pre class="wiki"&gt;mv crin-keys/ crin-keys.bak
mkdir crin-keys
cd crin-keys
git init
  Initialized empty Git repository in /home/chris/crin-keys/.git/
git pull
  fatal: 'git@bitbucket.org/chriscroome/crin-keys.git' does not appear to be a git repository
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
&lt;/pre&gt;&lt;p&gt;
So, try again,
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd ~
rm -rf crin-keys
mkdir crin-keys
cd crin-keys
keyringer crin-keys init /home/chris/crin-keys git@bitbucket.org/crin/crin-keys.git
  fatal: repository 'git@bitbucket.org/crin/crin-keys.git' does not exist
  Error cloning remote git@bitbucket.org/crin/crin-keys.git
cd crin-keys
git init
  Initialized empty Git repository in /home/chris/crin-keys/.git/
git remote add origin git@bitbucket.org/crin/crin-keys.git
  fatal: 'git@bitbucket.org/crin/crin-keys.git' does not appear to be a git repository
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
&lt;/pre&gt;&lt;p&gt;
So starting again:
&lt;/p&gt;
&lt;pre class="wiki"&gt;rm -rf crin-keys
git clone git@bitbucket.org:crin/crin-keys.git
  Cloning into 'crin-keys'...
  Warning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.
  warning: You appear to have cloned an empty repository.
  Checking connectivity... done.
&lt;/pre&gt;&lt;p&gt;
So, the error above was a misformed git URL, with a slash rather than a colon:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyringer crin-keys init /home/chris/crin-keys git@bitbucket.org/crin/crin-keys.git
  fatal: repository 'git@bitbucket.org/crin/crin-keys.git' does not exist
  Error cloning remote git@bitbucket.org/crin/crin-keys.git
keyringer crin-keys init /home/chris/crin-keys git@bitbucket.org:crin/crin-keys.git
  fatal: destination path '/home/chris/crin-keys' already exists and is not an empty directory.
  Error cloning remote git@bitbucket.org:crin/crin-keys.git
rm -rf ~/crin-keys
keyringer crin-keys init /home/chris/crin-keys git@bitbucket.org:crin/crin-keys.git
  Cloning into '/home/chris/crin-keys'...
  Warning: Permanently added the RSA host key for IP address '104.192.143.2' to the list of known hosts.
  warning: You appear to have cloned an empty repository.
  Checking connectivity... done.
&lt;/pre&gt;&lt;p&gt;
That appears to have worked...
&lt;/p&gt;
&lt;pre class="wiki"&gt;tail -n 1 ~/.keyringer/config
crin-keys="/home/chris/crin-keys"
&lt;/pre&gt;&lt;p&gt;
So adding a key:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyringer crin-keys preferences add KEYID=977F6666953B1AA707E3FB5D21062CC48BB2DE91
  No recipient config was found
&lt;/pre&gt;&lt;p&gt;
I can't find a good answer to this, the &lt;tt&gt;keyringer&lt;/tt&gt; script I was using was is from a 2003 git checkout of the keyringer code, now it is in debian and has lots more commands so perhaps the above would have worked if I had used a more recent version, I'm not sure, but I can manually create the files, so:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd ~/crin-keys
mkdir keys
mkdir -p config/recipients
echo "chris@webarchitects.co.uk 977F6666953B1AA707E3FB5D21062CC48BB2DE91" &amp;gt; config/recipients/default
echo "chris@webarchitects.co.uk 3A8D6BFCE8A0E5630550CDEA3E1A1D2BAA11BDC9" &amp;gt;&amp;gt; config/recipients/default
git add config/recipients/default
git commit -a
git push
  No refs in common and none specified; doing nothing.
  Perhaps you should specify a branch such as 'master'.
  fatal: The remote end hung up unexpectedly
  error: failed to push some refs to 'git@bitbucket.org:crin/crin-keys.git'
&lt;/pre&gt;&lt;p&gt;
And &lt;a class="ext-link" href="https://bitbucket.org/site/master/issues/9284/cant-push-project-to-bitbucket"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;other have had this issue&lt;/a&gt;, so this did the trick:
&lt;/p&gt;
&lt;pre class="wiki"&gt;git push -u origin --all
&lt;/pre&gt;&lt;p&gt;
So creating a test file:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyringer crin-keys encrypt test
  No option config was found
&lt;/pre&gt;&lt;p&gt;
So, touching that file and trying again:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd ~/crin-keys
touch config/options
keyringer crin-keys encrypt test
  Configuration version file not found, trying to pull from remotes...
  Creating configuration version file...
  Configuration version differs from keyringer version, trying to pull from remotes
  [master 26d4a19] Config-update-0.1
   1 file changed, 1 insertion(+)
   create mode 100644 config/version
  Upgrade to version 0.1 completed, pushing to remotes...
  fatal: '/home/chris/crin-keys/.git/refs/remotes/origin' does not appear to be a git repository
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
  Pushing configuration version file to remotes...
  fatal: '/home/chris/crin-keys/.git/refs/remotes/origin' does not appear to be a git repository
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
  Type your message and finish your input with EOF (Ctrl-D).
  XYZ
  ^D
&lt;/pre&gt;&lt;p&gt;
The ~/crin-keys/keys/test.asc file was created, so adding it and commiting:
&lt;/p&gt;
&lt;pre class="wiki"&gt;git add keys/test.asc
git commit -a
git push
&lt;/pre&gt;&lt;p&gt;
And that appears to have worked, sorry this took so long, it was the other techie at Webarchitects that set up our Keyringer repo three years ago and although I use it daily I haven't set up a repo for it before...
&lt;/p&gt;
&lt;p&gt;
Mathew, once I have your public key GPG I should be able to add it and also add you to the bitbucket crin project and then you should be able to check it out and edit, I have added some documentation to &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt;.
&lt;/p&gt;
&lt;p&gt;
I also came across this, &lt;a class="ext-link" href="https://tails.boum.org/doc/encryption_and_privacy/keyringer/index.en.html"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://tails.boum.org/doc/encryption_and_privacy/keyringer/index.en.html&lt;/a&gt;
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Wed, 14 Sep 2016 12:37:08 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:7</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:7</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;1.5&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;3.25&lt;/em&gt; to &lt;em&gt;4.75&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Mathew -- thanks for the public GPG and SSH keys.
&lt;/p&gt;
&lt;p&gt;
Adding the GPG key to &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt;, first save the key and then import it:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --import mathew.crin.org.asc
  gpg: key 31D33551: public key "Matthew Edmondson &amp;lt;matthew@crin.org&amp;gt;" imported
  gpg: Total number processed: 1
  gpg:               imported: 1  (RSA: 1)
gpg --fingerprint 31D33551
  pub   4096R/31D33551 2016-09-13 [expires: 2021-09-12]
        Key fingerprint = D8A3 6DCC CC78 D2D7 5A12  F5BB EE35 E007 31D3 3551
  uid                  Matthew Edmondson &amp;lt;matthew@crin.org&amp;gt;
  sub   4096R/5B3ED3B8 2016-09-13 [expires: 2021-09-12]
&lt;/pre&gt;&lt;p&gt;
So omitting the spaces and prefixing with the email address and adding to the key ringer repo:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd ~/crin-keys
git pull
echo "matthew@crin.org D8A36DCCCC78D2D75A12F5BBEE35E00731D33551" &amp;gt;&amp;gt; config/recipients/default
git commit -a
git push
&lt;/pre&gt;&lt;p&gt;
I have sent a bitbucket.org invite to Mathew for the &lt;tt&gt;crin-keys&lt;/tt&gt; repo but don't appear to have the permissions to add people to &lt;a class="ext-link" href="https://bitbucket.org/crin/"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://bitbucket.org/crin/&lt;/a&gt; but I have sent a message to whoever does via the bitbucket.org interface.
&lt;/p&gt;
&lt;p&gt;
Mathew, if you can follow the documentation at &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt; and confirm that you can decrypt the test file then I'll start to add seperate files for each service.
&lt;/p&gt;
&lt;p&gt;
Adding ssh accounts to the servers for Mathew, following the steps used previously for Code Positive on &lt;a class="closed ticket" href="https://trac.crin.org/trac/ticket/26#comment:3" title="task: Create ssh and Trac account(s) for Code Positive (closed: fixed)"&gt;ticket:26#comment:3&lt;/a&gt;, on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin4"&gt;Crin4&lt;/a&gt;:
&lt;/p&gt;
&lt;pre class="wiki"&gt;sudo -i
export NEWUSER="mathew"
adduser --disabled-password $NEWUSER
adduser $NEWUSER sudo
mkdir /home/$NEWUSER/.ssh
touch /home/$NEWUSER/.ssh/authorized_keys
chmod 600 /home/$NEWUSER/.ssh/authorized_keys
chmod 700 /home/$NEWUSER/.ssh
chown -R $NEWUSER:$NEWUSER  /home/$NEWUSER/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjXzuuX1Qae9DQ03v/2Quiag3sO3Ge3DULJAGYgEvlxcXYPAUsEE5Hk/UGP1oBL/BOBLZ2L+4JBbb7pted3StdNfQDB03GHYinnDSIll+nx6hv2VqY7UGOBdoPAX3Otfv9IW9zEH8qaRVOl6VQYAn6fczLbzL/8zXK4pNiR+4jVJJHR01IM5CHeYk2iQdD2jtuUrBvpEYXxlmBlauHGrmwLkGdESH5KrBV58+Up6z79QkoQnEtrs5LKWidGW3Qgh79NSOENm56xeJLc22FMr8Jf2IX6AnXDw7vnFCA9xOg9a2vuI9ARuvE46V/PZOPVKTm87MJvDGo941yKPXqOhdH amnesia@amnesia" &amp;gt; /home/$NEWUSER/.ssh/authorized_keys
&lt;/pre&gt;&lt;p&gt;
And repeating for &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin1"&gt;Crin1&lt;/a&gt;, &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin2"&gt;Crin2&lt;/a&gt; and &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin3"&gt;Crin3&lt;/a&gt;.
&lt;/p&gt;
&lt;p&gt;
Mathew, you should be able to ssh to all four servers now and you have password-less sudo:
&lt;/p&gt;
&lt;pre class="wiki"&gt;ssh mathew@crin1.crin.org
ssh mathew@crin2.crin.org
ssh mathew@crin3.crin.org
ssh mathew@crin4.crin.org
&lt;/pre&gt;&lt;p&gt;
Please check the ssh fingerprints when you connect for the first time:
&lt;/p&gt;
&lt;ul&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin1#SSHFingerprints"&gt;Crin1#SSHFingerprints&lt;/a&gt;
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin2#SSHFingerprints"&gt;Crin2#SSHFingerprints&lt;/a&gt;
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin3#SSHFingerprints"&gt;Crin3#SSHFingerprints&lt;/a&gt;
&lt;/li&gt;&lt;li&gt;&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin4#SSHFingerprints"&gt;Crin4#SSHFingerprints&lt;/a&gt;
&lt;/li&gt;&lt;/ul&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 19 Sep 2016 13:58:12 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:8</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:8</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.3&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;4.75&lt;/em&gt; to &lt;em&gt;5.05&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Mathew needs my public GPG keys sorry that wasn't made clear on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt; and also it isn't clear how to get the key ID from the fingerprints which are saved in the git repo, the keys in question:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --fingerprint 8BB2DE91
pub   1024D/8BB2DE91 2001-01-08
      Key fingerprint = 977F 6666 953B 1AA7 07E3  FB5D 2106 2CC4 8BB2 DE91
uid                  Chris Croome &amp;lt;chris@webarchitects.co.uk&amp;gt;
sub   4096g/B35F15E0 2015-07-08 [expires: 2018-07-07]
&lt;/pre&gt;&lt;p&gt;
And:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --fingerprint AA11BDC9
pub   4096R/AA11BDC9 2013-10-18
      Key fingerprint = 3A8D 6BFC E8A0 E563 0550  CDEA 3E1A 1D2B AA11 BDC9
uid                  Chris Croome &amp;lt;chris@webarchitects.co.uk&amp;gt;
sub   4096R/FE3EEC4E 2013-10-18
&lt;/pre&gt;&lt;p&gt;
Both of these keys are available on public key servers:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --search 8BB2DE91
gpg --search AA11BDC9
&lt;/pre&gt;&lt;p&gt;
The settings I have in &lt;tt&gt;~/.gnupg/gpg.conf&lt;/tt&gt; for keyservers is:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=/home/chris/.gnupg/sks-keyservers.netCA.pem
&lt;/pre&gt;&lt;p&gt;
You can get a copy of this public key from the link here:
&lt;/p&gt;
&lt;ul&gt;&lt;li&gt;&lt;a class="ext-link" href="https://sks-keyservers.net/verify_tls.php"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://sks-keyservers.net/verify_tls.php&lt;/a&gt;
&lt;/li&gt;&lt;/ul&gt;&lt;p&gt;
Hope that helps!
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 19 Sep 2016 16:45:08 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:9</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:9</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.25&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;5.05&lt;/em&gt; to &lt;em&gt;5.3&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Added &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer#Keyringerconfigfiles"&gt;Keyringer#Keyringerconfigfiles&lt;/a&gt; to the documentation.
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Tue, 20 Sep 2016 08:36:22 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:10</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:10</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.1&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;5.3&lt;/em&gt; to &lt;em&gt;5.4&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Mathew can't find the first GPG public key above, so checking that I can get it from the keyserver:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --search 8BB2DE91
gpg: searching for "8BB2DE91" from hkps server hkps.pool.sks-keyservers.net
gpgkeys: HTTP search error 56: Received HTTP code 503 from proxy after CONNECT
gpg: key "8BB2DE91" not found on keyserver
gpg: keyserver internal error
gpg: keyserver search failed: keyserver error
&lt;/pre&gt;&lt;p&gt;
That failed as &lt;tt&gt;gpg&lt;/tt&gt; clearly respects the &lt;tt&gt;HTTPS_PROXY&lt;/tt&gt; envvar so, starting the proxy and trying again:
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --search 8BB2DE91
gpg: searching for "8BB2DE91" from hkps server hkps.pool.sks-keyservers.net
(1)     Chris Croome &amp;lt;chris@mkdoc.com&amp;gt;
        Chris Croome &amp;lt;chris@croome.net&amp;gt;
        Chris Croome &amp;lt;chris@marxists.org.uk&amp;gt;
        Chris Croome &amp;lt;chris@webarchitects.co.uk&amp;gt;
          1024 bit DSA key 8BB2DE91, created: 2001-01-08
Keys 1-1 of 1 for "8BB2DE91".  Enter number(s), N)ext, or Q)uit &amp;gt; q
&lt;/pre&gt;&lt;p&gt;
Seems to work for me... the settings from &lt;tt&gt;~/.gnupg/gpg.conf&lt;/tt&gt;:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=/home/chris/.gnupg/sks-keyservers.netCA.pem
&lt;/pre&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Tue, 20 Sep 2016 10:09:34 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:11</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:11</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.5&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;5.4&lt;/em&gt; to &lt;em&gt;5.9&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
I have added all the logins I have to the keyringer repo, I think this ticket is probably OK to close now?
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Wed, 30 Nov 2016 15:07:26 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:12</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:12</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.9&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;5.9&lt;/em&gt; to &lt;em&gt;6.8&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Removing Matthew's accounts and changing the passwords for everything as he is no longer working for CRIN, starting with the &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Keyringer"&gt;Keyringer&lt;/a&gt; key store:
&lt;/p&gt;
&lt;pre class="wiki"&gt;vi config/recipients/default
git commit -a
git push
&lt;/pre&gt;&lt;p&gt;
Then edit a key:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyringer crin-keys edit test.asc
git commit -a
git push
  Connection timed out during banner exchange
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
&lt;/pre&gt;&lt;p&gt;
So that's odd...
&lt;/p&gt;
&lt;p&gt;
Checking Bitbucket and the repo does exist, &lt;a class="ext-link" href="https://bitbucket.org/crin/crin-keys"&gt;&lt;span class="icon"&gt;​&lt;/span&gt;https://bitbucket.org/crin/crin-keys&lt;/a&gt;
&lt;/p&gt;
&lt;p&gt;
So backup and clone:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd
mv crin-keys crin-keys.bak
git clone git@bitbucket.org:crin/crin-keys.git
&lt;/pre&gt;&lt;p&gt;
And try again:
&lt;/p&gt;
&lt;pre class="wiki"&gt;keyringer crin-keys edit test.asc
cd crin-keys
git commit -a
git push
  Connection timed out during banner exchange
  fatal: Could not read from remote repository.
  Please make sure you have the correct access rights
  and the repository exists.
&lt;/pre&gt;&lt;p&gt;
Hmm....
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd keys/
git commit -a
git push
&lt;/pre&gt;&lt;p&gt;
That worked, testing who the file is encrypted for (don't decrypt it just keep hitting enter):
&lt;/p&gt;
&lt;pre class="wiki"&gt;gpg --list-packets test.asc
...
  gpg: encrypted with 4096-bit RSA key, ID FE3EEC4E, created 2013-10-18
        "Chris Croome &amp;lt;chris@webarchitects.co.uk&amp;gt;"
  gpg: encrypted with 4096-bit ELG-E key, ID B35F15E0, created 2015-07-08
        "Chris Croome &amp;lt;chris@webarchitects.co.uk&amp;gt;"
&lt;/pre&gt;&lt;p&gt;
So that worked, so editing all the files... and committing them and now Matthew can't open the latest versions of the files so now I can start changing the passwords for everything, but that task is going to have to wait till tomorrow...
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Thu, 01 Dec 2016 14:57:52 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:13</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:13</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;0.45&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;6.8&lt;/em&gt; to &lt;em&gt;7.25&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Removing accounts on the four servers:
&lt;/p&gt;
&lt;pre class="wiki"&gt;sudo -i
userdel -r mathew
&lt;/pre&gt;&lt;p&gt;
On &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin4"&gt;Crin4&lt;/a&gt;:
&lt;/p&gt;
&lt;pre class="wiki"&gt;userdel -r mathew
  userdel: user mathew is currently used by process 3727
ps -lA | grep 3727
  1 S  1006  3727     1  0  80   0 -  6532 -      ?        00:12:25 tmux
  0 S  1006  3728  3727  0  80   0 -  5999 -      pts/1    00:00:00 bash
  0 S  1006  4032  3727  0  80   0 -  5994 -      pts/2    00:00:00 bash
  0 S  1006  4035  3727  0  80   0 -  5994 -      pts/3    00:00:00 bash
killall tmux
userdel -r mathew
&lt;/pre&gt;&lt;p&gt;
Matthew didn't have an account on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin3"&gt;Crin3&lt;/a&gt;, the backup server.
&lt;/p&gt;
&lt;p&gt;
While I was at it, accounts for &lt;tt&gt;jonas&lt;/tt&gt;, who left CRIN a while ago was also removed from &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin1"&gt;Crin1&lt;/a&gt;, he didn't have accouts on other servers.
&lt;/p&gt;
&lt;pre class="wiki"&gt;userdel -r jonas
&lt;/pre&gt;&lt;p&gt;
Removing &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Trac"&gt;Trac&lt;/a&gt; accounts was done by removing the &lt;tt&gt;jonas&lt;/tt&gt; and &lt;tt&gt;matthew&lt;/tt&gt; lines from &lt;tt&gt;/var/www/trac/.htpasswd&lt;/tt&gt; -- this will prevent logins, which is all that is needed, no need to delete any content and there is no webbased password reset ability.
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Fri, 02 Dec 2016 14:42:59 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:14</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:14</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;1.25&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;7.25&lt;/em&gt; to &lt;em&gt;8.5&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
&lt;tt&gt;root&lt;/tt&gt; and &lt;tt&gt;chris&lt;/tt&gt; passwords changes on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin1"&gt;Crin1&lt;/a&gt; and &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/phpMyAdmin"&gt;phpMyAdmin&lt;/a&gt; HTTP Authentication password changed:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd /etc/phpmyadmin/
rm .htpasswd
htdigest -c .htpasswd phpmyadmin crin
chown root:www-data .htpasswd
chmod 640 .htpasswd
&lt;/pre&gt;&lt;p&gt;
The Piwik passwd was changed and this cause the Auth Token to change so this needs changing in Drupal, so generate a one time login on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin2"&gt;Crin2&lt;/a&gt;:
&lt;/p&gt;
&lt;pre class="wiki"&gt;su - bitbucket -s /bin/bash
cd /var/www/prod/
drush uli
&lt;/pre&gt;&lt;p&gt;
And go to Configuration -&amp;gt; System -&amp;gt; Piwik and it turns out that unlike the WordPress plugin the Drupal one doesn't need the Auth Token.
&lt;/p&gt;
&lt;p&gt;
&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/ownCloud"&gt;ownCloud&lt;/a&gt; passwords changes.
&lt;/p&gt;
&lt;p&gt;
&lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Trac"&gt;Trac&lt;/a&gt; password for chris changed:
&lt;/p&gt;
&lt;pre class="wiki"&gt;cd /var/www/trac
htdigest .htpasswd trac chris
&lt;/pre&gt;&lt;p&gt;
And on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin2"&gt;Crin2&lt;/a&gt; the &lt;tt&gt;root&lt;/tt&gt; and &lt;tt&gt;chris&lt;/tt&gt; passwords were changed, on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin4"&gt;Crin4&lt;/a&gt; the &lt;tt&gt;andrew&lt;/tt&gt; and &lt;tt&gt;root&lt;/tt&gt; passwords were changed and on &lt;a class="wiki" href="https://trac.crin.org/trac/wiki/Crin3"&gt;Crin3&lt;/a&gt; the &lt;tt&gt;chris&lt;/tt&gt; and &lt;tt&gt;root&lt;/tt&gt; passwords were changed.
&lt;/p&gt;
&lt;p&gt;
The still outstanding password changes:
&lt;/p&gt;
&lt;ul&gt;&lt;li&gt;Google
&lt;/li&gt;&lt;li&gt;1984.is
&lt;/li&gt;&lt;li&gt;Advania
&lt;/li&gt;&lt;li&gt;S3QL
&lt;/li&gt;&lt;/ul&gt;
      </description>
      <category>Ticket</category>
    </item><item>
      
        <dc:creator>chris</dc:creator>

      <pubDate>Mon, 09 Jan 2017 16:11:52 GMT</pubDate>
      <title>hours, totalhours changed</title>
      <link>https://trac.crin.org/trac/ticket/79#comment:15</link>
      <guid isPermaLink="false">https://trac.crin.org/trac/ticket/79#comment:15</guid>
      <description>
          &lt;ul&gt;
            &lt;li&gt;&lt;strong&gt;hours&lt;/strong&gt;
                changed from &lt;em&gt;0&lt;/em&gt; to &lt;em&gt;1&lt;/em&gt;
            &lt;/li&gt;
            &lt;li&gt;&lt;strong&gt;totalhours&lt;/strong&gt;
                changed from &lt;em&gt;8.5&lt;/em&gt; to &lt;em&gt;9.5&lt;/em&gt;
            &lt;/li&gt;
          &lt;/ul&gt;
        &lt;p&gt;
Updating passwords.
&lt;/p&gt;
      </description>
      <category>Ticket</category>
    </item>
 </channel>
</rss>