Hetzner cloud administration GUI

Figure 964. Create and publish a Hetzner account Slide presentation

Figure 965. Your cloud project Slide presentation
  • After login select »cloud« at the upper right menu or go to projects.

  • Select your project e.g. »g01« and click on Security --> Members

    You should see yourself and your Moodle course project partner having »Admin« role assigned.


Figure 966. Server creation prerequisite: A Firewall Slide presentation

Creating a server requires a firewall.

  • Select Firewalls --> Create Firewall.

  • Adapt settings and hit »Create Firewall«

Inbound rules

Just leave the two inbound rules port 22 and ICMP untouched.

Name

Either accept default or set to e.g. »basicFirewall«


Figure 967. Your first server Slide presentation
Image:

Debian 12

Type

Shared vCpu x86 (Intel/AMD) / CX22 or cheapest

Name

An identifier of your choice e.g. myfirstserver.

Firewalls

Your previously created firewall.

Upon hitting »Create and buy« you'll receive an E-Mail containing your server's IP and root password. You may reset root's password in the GUI's rescue tab.


Figure 968. Server access by ssh Slide presentation
$ ssh root@95.216.187.60
The authenticity of host '95.216.187.60 (95.216.187.60)' can't be established.
ED25519 key fingerprint is SHA256:vpV7B+l9RLQ+SwTMqtkk7YbICBhyhi2OP780+WVEFMY.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '95.216.187.60' (ED25519) to the list of known hosts.
root@95.216.187.60's password: 
You are required to change your password immediately (administrator enforced).
   ...
The list of available updates is more than a week old.
To check for new updates run: sudo apt update

Changing password for root.
Current password:
New password: 
Retype new password: 

Figure 969. Server access by web gui Slide presentation
  • In your cloud project select your server

  • Hit the >_ symbol in the upper right left of the actions button.

  • Login using your emailed credentials.

    Tip

    You may copy text into the console by disabling GUI-mode and re-enabling it subsequently.


exercise No. 1

Server creation

Q:

Follow Figure 967, “Your first server ” and create a server. Then access it:

  1. By ssh i.e.;

    ssh root@95.216.187.60

    You'll see something like:

    The authenticity of host '37.27.32.138 (37.27.32.138)' can't be established.
    ED25519 key fingerprint is SHA256:vMMi2lkyhu0BPeqfncLzDRo6a1Ae8TtyVETebvh2ZwU.
    This key is not known by any other names.
    Are you sure you want to continue connecting (yes/no/[fingerprint])?

    Explain this message's meaning.

    Tip

    Read the How do SSH keys work section.

  2. By the GUI.

    Tip

    You may copy the root password as being described in Figure 969, “Server access by web gui ”. However key mapping issues (Switched y <--> z and many non-digit keys) will remain due to a non-German keyboard default configuration. This may be solved by executing the subsequent command2 and following the interactively presented options to define a German keyboard layout:

    dpkg-reconfigure keyboard-configuration
    setupcon

exercise No. 2

Server re-creation

Q:

Delete your server but keep both its IPV4 and IPV6 addresses unassigned to be reused: The GUI offers two related Keep as unassigned ... options.

Then create a new server re-using these IPs. When connecting by ssh you'll see something like:

~$ ssh root@37.27.32.138
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:Dg9+vHl/JYIEgYto5AjlwnttzI4yUcgre0c6hXXKkaQ.
Please contact your system administrator.
Add correct host key in /home/goik/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/goik/.ssh/known_hosts:288
Host key for 37.27.32.138 has changed and you have requested strict checking.
  1. Explain this message's meaning.

  2. Why does it happen in the first place?

  3. How do you resolve the issue?