🗒️Node Operator Notes

Important notes to help remind us about the concepts of the three different passphrase/passwords we need to maintain and use on a daily basis to manage our node.

Before We Begin

The following pages are essential reading before proceeding to any technical implementation. They are designed to help you organize your notes, confirm your virtual server specifications, and understand cloud provider requirements. Reviewing this information will ensure a smooth setup process and reduce the likelihood of configuration errors.

These sections are especially helpful for first-time Node Operators. However, experienced or technically proficient users may choose to skim or skip them as needed.

Topics covered in this section:

Setting Up Your Notes — Guidance on preparing and organizing the information you'll need throughout the node setup process.
Understanding Your VPS Specifications — Ensure that your virtual server meets the required hardware and system configuration.
Cloud Provider Specific Guides — Reference materials tailored to specific providers like AWS, DigitalOcean, and Heztner.

Take the time to review this material thoroughly before beginning any technical work.

Purpose

This document suggests a method for keeping notes and tips accessible when preparing to or operating your node.

We hope that referring back to your notes for reminders on managing your node and recalling necessary passphrases or passwords will be time-saving, useful, and efficient.

Even the most advanced users with the best memory will forget the necessary information to access the various aspects of running a node. Keeping notes is important.

Understanding Passphrase & Passwords

There are 3 main passwords that we must have an understand and control of the concepts to make the administration of our nodes simple and less aggravating.

SSH Remove Access

Passphrase used to complete the connection authentication.

This is used to access your VPS/node from your local system. You’ll typically enter it once per session when establishing a connection to your node.

Administer Your Node

Password used to confirm authorization.

When issuing administrative commands on your node, you will be required to enter your sudo password associated with the nodeadmin user whenever a privileged action is executed or your session times out.

The nodectl utility operates with elevated privileges and therefore requires sudo access to perform many of its core functions.

P12 Key Store

PKCS#12, or PFX

The P12 keystore (also referred to as PKCS#12 or PFX) contains your cryptographic key pair, both the private and public keys. it is used for signing transactions on the node. These keys also serve as authentication credentials for managing your node’s hot wallet.

The passphrase protecting this keystore is critical: it is required to authorize actions related to rewards, collateral management, and token transfers. Store this passphrase securely, as losing it may result in permanent loss of access to these functions.

If you have previously imported your node’s private key into the Stargazer wallet, it is possible to recover access to your funds even if the P12 keystore is lost or the keystore passphrase is forgotten. This is because the private key alone is sufficient to restore control over the associated wallet and its assets.

Password and Note Storage

The following mediums are a good start to where you should record and maintain your notes.

Medium

Description

Secured Software Manager

There are password managers that allow for keeping passwords, passphrases, notes, and documents. From LastPass, 1Password, Bitwarden, Dashlane, KeePass, to others.

USB Stick

Placing your information on a USB stick that is stored in a secure location such as a safe.

Physical Piece of Paper

Writing down your notes and storing in a secure location such as a safe.

Make sure to create backups that will be stored in a safe location.

Warnings

🚑 PLEASE DO NOT 🚒

Do not use the same passphrases or other sensitive values/information as shown in this example.

These examples are public facing and may be used by a nefarious actor as a first attempt to access your node in a penetration attack.

The example values in these notes are fictitious, please replace usernames, passwords, passphrases, etc. with your own.

Notes for Macintosh

Constellation Validator Node Notes:

To access our node:
    open a terminal and enter:
    ssh -i /home/myuser/.ssh/myprivatekey [email protected]
    
    This command will attempt to SSH into our VPS/node 
    We will be challenged for access to supply the passphrase.
    passphrase: efg6abc13efg6

    If the command hangs or an error message stating 
    "refused" check to make sure that our firewall 
    on the VPS is properly setup to use the local 
    IP address of our system. During installation, 
    we restricted this down to a specific IP of our 
    local system, that may have changed.   
    www.whatismyip.com

To issue commands using nodectl we use sudo
   We need to use our nodeadmin password here:
   passphrase: efg6abc13efg6

If we need to access our p12 file (hot wallet)
   passphrase: abc13efg6abc13

Reminders:
----------
ssh private key: myprivatekey
ssh public key: mypublickey.pub
ssh passphrase: efg6abc13efg6
location of keys:
   - on this USB stick
   - local mac directory: /home/myuser/.ssh/

p12 keystore name (hot wallet): myp12name.p12
p12 keystore passphrase: abc13efg6abc13

VPS IP: 113.113.113.113
VPS SSH port: 22
VPS username: mynodeadmin
VPS sudo password: 

Access My Node
--------------
1. Open Terminal Session
2. ssh -i /Users/yourname/.ssh/myprivatekey [email protected]

* After typing in: sudo nodectl
  you can double-tap the tab key for a list
  of commands.
  
Key Commands
------------
sudo nodectl status
sudo nodectl restart -p all
sudo nodectl upgrade
sudo nodectl check_versions
sudo nodectl check_consensus
sudo nodectl dag -p dag-l0

Notes for Windows

Just in Case

If you are using a Command Prompt verses PuTTy, you may want to copy the Macintosh notes 👆and replace Terminal with Command Prompt as necessary.

Constellation Validator Node Notes:

To access our node:
    open PuTTy
    select our saved session from the 
    PuTTy main menu, load, and then open
    (or double click)
    
    This command will attempt to SSH into our VPS/node 
    We will be challenged for access to supply the passphrase.
    passphrase: efg6abc13efg6

    If the command hangs or an error message stating 
    "refused" check to make sure that our firewall 
    on the VPS is properly setup to use the local 
    IP address of our system. During installation, 
    we restricted this down to a specific IP of our 
    local system, that may have changed.   
    www.whatismyip.com

To issue commands using nodectl we use sudo
   We need to use our nodeadmin password here:
   passphrase: hij678hij678&*()

If we need to access our p12 file (hot wallet)
   passphrase: abc123abc123!@#

Reminders:
----------
ssh private key: myprivatekey
ssh public key: mypublickey.pub
ssh passphrase: efg345efg$%%^
location of keys:
   - on this USB stick
   - <enter saved location here>

p12 keystore name (hot wallet): myConstellationP12File.p12
p12 keystore passphrase: abc123abc123!@#

VPS IP: 113.113.113.113
VPS SSH port: 22
VPS username: nodeadmin
VPS sudo password: hij678hij678&*()

Access My Node
--------------
1. Open Terminal Session
2. ssh -i C:\Users\myuser\.ssh\myprivatekey [email protected]

* After typing in: sudo nodectl
  you can double-tap the tab key for a list
  of commands.

Key Commands
------------
sudo nodectl status
sudo nodectl restart -p all
sudo nodectl upgrade
sudo nodectl check_versions
sudo nodectl check_consensus
sudo nodectl dag -p dag-l0 (intnet-l0) (dor-dl1)

PreviousCreate Discord Account NextNode Specifications

Last updated 7 months ago

Was this helpful?

Before We Begin

Purpose

Understanding Passphrase & Passwords

SSH Remove Access

Administer Your Node

P12 Key Store

Password and Note Storage

Warnings​

Notes for Macintosh​

Notes for Windows​

Warnings

Notes for Macintosh

Notes for Windows