🗒️Node Operator Notes
Important notes to help remind us about the concepts of the three different passphrase/passwords we need to maintain and use on a daily basis to manage our node.
Before We Begin
The following pages are essential reading before proceeding to any technical implementation. They are designed to help you organize your notes, confirm your virtual server specifications, and understand cloud provider requirements. Reviewing this information will ensure a smooth setup process and reduce the likelihood of configuration errors.
These sections are especially helpful for first-time Node Operators. However, experienced or technically proficient users may choose to skim or skip them as needed.
Topics covered in this section:
Setting Up Your Notes — Guidance on preparing and organizing the information you'll need throughout the node setup process.
Understanding Your VPS Specifications — Ensure that your virtual server meets the required hardware and system configuration.
Cloud Provider Specific Guides — Reference materials tailored to specific providers like AWS, DigitalOcean, and Heztner.
Take the time to review this material thoroughly before beginning any technical work.
Purpose
This document suggests a method for keeping notes and tips accessible when preparing to or operating your node.
We hope that referring back to your notes for reminders on managing your node and recalling necessary passphrases or passwords will be time-saving, useful, and efficient.
Understanding Passphrase & Passwords
There are 3 main passwords that we must have an understand and control of the concepts to make the administration of our nodes simple and less aggravating.
Administer Your Node
Password used to confirm authorization.
When issuing administrative commands on your node, you will be required to enter your password associated with the nodeadmin user whenever a privileged action is executed or your session times out.
The nodectl utility operates with elevated privileges and therefore requires sudo access to perform many of its core functions.
P12 Key Store
PKCS#12, or PFX
The P12 keystore (also referred to as PKCS#12 or PFX) contains your cryptographic key pair, both the private and public keys. it is used for signing transactions on the node. These keys also serve as authentication credentials for managing your node’s hot wallet.
The passphrase protecting this keystore is critical: it is required to authorize actions related to rewards, collateral management, and token transfers. Store this passphrase securely, as losing it may result in permanent loss of access to these functions.
If you have previously imported your node’s private key into the Stargazer wallet, it is possible to recover access to your funds even if the P12 keystore is lost or the keystore passphrase is forgotten. This is because the private key alone is sufficient to restore control over the associated wallet and its assets.
Password and Note Storage
The following mediums are a good start to where you should record and maintain your notes.
Secured Software Manager
There are password managers that allow for keeping passwords, passphrases, notes, and documents. From LastPass, 1Password, Bitwarden, Dashlane, KeePass, to others.
USB Stick
Placing your information on a USB stick that is stored in a secure location such as a safe.
Physical Piece of Paper
Writing down your notes and storing in a secure location such as a safe.
Make sure to create backups that will be stored in a safe location.
Warnings
🚑 PLEASE DO NOT 🚒
Do not use the same passphrases or other sensitive values/information as shown in this example.
These examples are public facing and may be used by a nefarious actor as a first attempt to access your node in a penetration attack.
The example values in these notes are fictitious, please replace usernames, passwords, passphrases, etc. with your own.
Notes for Macintosh
Constellation Validator Node Notes:
To access our node:
open a terminal and enter:
ssh -i /home/myuser/.ssh/myprivatekey [email protected]
This command will attempt to SSH into our VPS/node
We will be challenged for access to supply the passphrase.
passphrase: efg6abc13efg6
If the command hangs or an error message stating
"refused" check to make sure that our firewall
on the VPS is properly setup to use the local
IP address of our system. During installation,
we restricted this down to a specific IP of our
local system, that may have changed.
www.whatismyip.com
To issue commands using nodectl we use sudo
We need to use our nodeadmin password here:
passphrase: efg6abc13efg6
If we need to access our p12 file (hot wallet)
passphrase: abc13efg6abc13
Reminders:
----------
ssh private key: myprivatekey
ssh public key: mypublickey.pub
ssh passphrase: efg6abc13efg6
location of keys:
- on this USB stick
- local mac directory: /home/myuser/.ssh/
p12 keystore name (hot wallet): myp12name.p12
p12 keystore passphrase: abc13efg6abc13
VPS IP: 113.113.113.113
VPS SSH port: 22
VPS username: mynodeadmin
VPS sudo password:
Access My Node
--------------
1. Open Terminal Session
2. ssh -i /Users/yourname/.ssh/myprivatekey [email protected]
* After typing in: sudo nodectl
you can double-tap the tab key for a list
of commands.
Key Commands
------------
sudo nodectl status
sudo nodectl restart -p all
sudo nodectl upgrade
sudo nodectl check_versions
sudo nodectl check_consensus
sudo nodectl dag -p dag-l0Notes for Windows
Just in Case
If you are using a Command Prompt verses PuTTy, you may want to copy the Macintosh notes 👆and replace Terminal with Command Prompt as necessary.
Constellation Validator Node Notes:
To access our node:
open PuTTy
select our saved session from the
PuTTy main menu, load, and then open
(or double click)
This command will attempt to SSH into our VPS/node
We will be challenged for access to supply the passphrase.
passphrase: efg6abc13efg6
If the command hangs or an error message stating
"refused" check to make sure that our firewall
on the VPS is properly setup to use the local
IP address of our system. During installation,
we restricted this down to a specific IP of our
local system, that may have changed.
www.whatismyip.com
To issue commands using nodectl we use sudo
We need to use our nodeadmin password here:
passphrase: hij678hij678&*()
If we need to access our p12 file (hot wallet)
passphrase: abc123abc123!@#
Reminders:
----------
ssh private key: myprivatekey
ssh public key: mypublickey.pub
ssh passphrase: efg345efg$%%^
location of keys:
- on this USB stick
- <enter saved location here>
p12 keystore name (hot wallet): myConstellationP12File.p12
p12 keystore passphrase: abc123abc123!@#
VPS IP: 113.113.113.113
VPS SSH port: 22
VPS username: nodeadmin
VPS sudo password: hij678hij678&*()
Access My Node
--------------
1. Open Terminal Session
2. ssh -i C:\Users\myuser\.ssh\myprivatekey [email protected]
* After typing in: sudo nodectl
you can double-tap the tab key for a list
of commands.
Key Commands
------------
sudo nodectl status
sudo nodectl restart -p all
sudo nodectl upgrade
sudo nodectl check_versions
sudo nodectl check_consensus
sudo nodectl dag -p dag-l0 (intnet-l0) (dor-dl1)Last updated
Was this helpful?