Add A Netop

Table of contents
  1. Labs
  2. Add A Netop

Adding a new Netop

Here we will va7dbi as the username for a new Netop

  1. Import RSA key into monitoring:/srv/www/keys/va7dbi.key
  2. Add va7dbi to users_admin in infrastructure-configs
  3. Run "ansbile-playbook psdr.yml" to push account to all Linux servers
  4. Add va7dbi to new user config instructions in KISS ~ commit ddf60847eb54423ef35b0feaa804960ea4f0860f Author: Bart Kus <me@bartk.us> Date: Wed Mar 22 01:15:05 2023 -0700

Add Darcy Buskermolen (va7dbi) to admin list

Also sorted all the entries for easier maintenance in future.

src/Standards/Network Engineering/Client Node Configuration.md | 47 +++++++++++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 22 deletions(-)
~ 5. Distribute the account to all (HamWAN + user) RouterOS boxes ~ [eo@ansible infrastructure-configs]$ scp monitoring.hamwan.net:/srv/www/keys/va7dbi.key . [eo@ansible infrastructure-configs]$ ssh_opts="-o UserKnownHostsFile=/dev/null -o PubkeyAcceptedAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-dss -o HostKeyAlgorithms=+ssh-rsa -o BatchMode=yes -o ConnectTimeout=5" [eo@ansible infrastructure-configs]$ for host in ansible --list-hosts 'os_routeros' 2> /dev/null | tail -n +2;
do echo "---> $host"; scp -P 222 $ssh_opts va7dbi.key host : ;done[eo@ansibleinfrastructure − configs] for host in ansible --list-hosts 'os_routeros' 2> /dev/null | tail -n +2;
do echo "---> $host"; ssh -p 222 $ssh_opts ${host} "/user add group=full name=va7dbi password=<REDACTED>; /console clear-history; /user ssh-keys import user=va7dbi public-key-file=va7dbi.key"; done ~ 6. Add va7dbi to Bitwarden. a. Issue an invite in Bitwarden b. Wait for the invitee to create and account c. Promote the account to admin (see below for details)

There were oh-so-many errors in that step #5, for a multitude of reasons. There appear to be several routing issues right now, so some of the hosts just couldn't be reached. At some future point it'd be nice to have a private health check for my key's ability to reach the entire network.

Bitwarden

Any org admin in Bitwarden can invite users to the org. At minimum I know Doug, Rob, and Cory should have permission, I?m not certain if the perms the rest of the group has would work.

But you need to log into the web interface (https://vault.nullroutenetworks.com/), go to the org settings and into the user list, and with appropriate permissions an invite button will be available. These options are not available in the app.

User will get an invite, they will create their account, and then once the account is created you?ll have to click confirm on them in the user list to actually give them access to the org resources.

Rob, Doug, Cory, and myself have org owner permissions, so that would be the group for bumping people?s permissions in the future.