Ubuntu Linux with Container
This page explains all the steps required to get your node up and running using a Ubuntu Linux (virtual) server.
Last updated
This page explains all the steps required to get your node up and running using a Ubuntu Linux (virtual) server.
Last updated
So you decided you want to be part of the LTO Network, awesome!
A great way to be part of the community is by actively participating as a node in the network.
Make sure to check out the Prepare: Setup your wallet page before continuing. The node setup pages assume you utilize a 2-wallet setup for extra safety.
This tutorial is meant for beginners who want to set up an Ubuntu server for the first time. It contains the very basic steps of installing Ubuntu on a new server, enhance security and installing the LTO Network Public node. The tutorial is based on Ubuntu 16.04. It is recommended to run nodes on a rented VPS. Most providers offer a single click to install an OS. Things may differ depending on your provider.
Replace everything between < > with your own values.
To install Ubuntu, use the following official tutorial which will guide you through the process. https://tutorials.ubuntu.com/tutorial/tutorial-install-ubuntu-server-1604
We’re using SSH to connect to our server. For Windows use either PowerShell (run as administrator) or PuTTy.
Mac users can use the built-in terminal (spotlight, command + spacebar: search for terminal)
It is most likely that you’ve created a user with your own username during the installation and you’ll never have to login as ‘root’. If this is the case for you, you can skip to step 3.
By default, the root account password is locked in Ubuntu. This means that you cannot login as root directly or use the su command to become the root user. However, since the root account physically exists it is still possible to run programs with root-level privileges. This is where sudo comes in — it allows authorized users to run certain programs as root without having to know the root password. If you are, for some reason, logging in as root, please first follow step 1 and 2.
If you are done with the installation, connect to your server through SSH, using the root account provided by your host.
Change the root password (type your new password twice):
Login again to your system using a different terminal to make sure your password change was successful.
Now, we’re going to create a new regular user as it is not recommended to use the ‘root’ account for your node.
Enter a new and strong password twice and press enter six times to accept the default values.
Now we’re going to add the new user to the ‘sudo’ group. sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy.
Exit and connect to your server as the new user, not as root. Use the password you’ve set while creating the new user.
While it is possible to manage your servers using password-based logins, it is often a better idea to set up and use SSH key pairs. SSH keys are more secure than passwords, and can help you login without having to remember long passwords.
More info and extensive guide: https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1604
If you’ve followed step 1 and 2, you can now skip to step 4. If you are done with the installation, connect to your server through SSH, using the account you have set up during the installation process.
We need to add the user to the ‘sudo’ group. sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy.
The following commands require root privileges. To grant root privileges, simply prepend sudo to all the commands you need to run as root. If you ever get a ‘permission denied’ error, you probably forgot to prepend sudo to the command. Example: ‘sudo apt-get install npm’. Whenever you get the question if you want to continue and additional disk space will be used, just press Y on your keyboard.
It is important to update all the existing packages on the server. Ubuntu will ask you to fill in your password once again since you are now logged in as a ‘regular’ user.
To update the packages, use the following commands as the root user (and repeat those commands at least every week to get the latest security updates):
Reboot your server (just in case the kernel has been updated) and connect again.
It is important to have an accurate time on your system as this sometimes can cause for conflicts. In most cases it’s best to use pool.ntp.org to find an NTP server. The system will try finding the closest available servers for you.
Now, install additional packages which are needed or useful. We install nano text editor to edit the docker-compose file later in this tutorial.
We’re going to change the standard SSH port to make your server just a bit more secure.
To make it even more secure, you can use the following guide (not recommended): https://www.cyberciti.biz/faq/how-to-disable-ssh-password-login-on-linux/
We’re not recommending this, as you won’t be able to login anymore from any computer or mobile phone on the go.
Open the sshd_config file with nano:
Go to the line with ‘Port 22’ and change it to another port number between 49152 and 65535.
From now on, we will be referring to this new port as <new_ssh_port>.
Go to line ‘PermitRootLogin yes’ and change it to ‘PermitRootLogin no’.
Press control + X, press Y and press enter to save your new configuration.
Restart the SSH service:
Now we’re going to disconnect and reconnect again to test if the new port is working and remember to add your new port as following:
It’s not recommended to enable swap with SSD drives as it can cause drive degradation over time.
It is recommended to enable Swap on your server if you don’t have an SSD drive, if not done already.
First check if swap isn’t already enabled:
If swap is not enabled, use the following extensive guide to enable it: https://www.digitalocean.com/community/tutorials/how-to-add-swap-space-on-ubuntu-16-04
Fail2ban scans log files and bans IPs that show the malicious signs: too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time.
Now we’re going to edit the fail2ban config to your modified ssh port:
Replace every line that looks like this:
With your new ssh port:
It should look then similar to this:
Save and exit with ctrl + X, Y, ENTER.
Now, restart fail2ban:
Check this tutorial fore more details: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04
First check the status of the firewall:
Now we’re going to set up the firewall, blocking all the ports but allowing traffic on the ports for your SSH connection and opening the port for synchronization with other nodes in the network.
Check the status again to see if the rules are updated:
After a short period of time you can reconnect to your VPS.
We’re finally getting close to installing your LTO Network Public node! The node is easily installed through a Docker image, so first we’re going to need to install Docker & Docker Compose on our server. Use the following guides to do so and stop when you’ve ran the test provided in this guide (sudo docker run hello-world):
Now, give docker the proper privileges:
Log out and log back in so that your group membership is re-evaluated.
Verify that you can run docker commands without sudo.
For more info check: https://docs.docker.com/install/linux/linux-postinstall/#manage-docker-as-a-non-root-user
Yay, it’s finally time to start your node! At least you have a more secure server now, and that is super important!
Head over to the LTO.network Github repository: https://github.com/ltonetwork/lto-public-node/blob/master/docker-compose.yml and open the default Docker Compose file.
Look up your IP address by entering the following command in your command line, copy the IP address and save it somewhere, you will need it in the next step.
Now, all you need is the docker-compose.yml file. What works best is copying the content in a new file. So let’s make the new file on your server:
Open the file with nano:
Paste the contents from the docker-compose.yml file from the LTO Github repository in a code editor like Visual Studio Code and enter your details. Now copy it and paste the contents in the file in your node with your right mouse click. Example:
(not mandatory) If you want to approach your node from your localhost with a browser, add the following lines after the last line:
Press ctrl +x and y to close and save the file.
Now it’s really time to start your node! Use the following command to run the Docker container in the background. It will pull the latest image from the LTO node and start running.
To see the progress use the following command:
To leave the node running in the background either close the terminal or press ctrl + c.
If you get an ‘unsupported version’ error after starting your node, change the version number to ‘2’ in the docker-compose.yml file.
That’s it. You’ve successfully mastered setting up a LTO Network public node on your own Linux server. Awesome!
You can find the LTO Network Explorer at https://explorer.lto.network. It shows you the blocks generated, by who, when, how big they are and how many transactions are in the block.
After launching your node check the Explorer to see the number of the last block. Wait till another 1.000 blocks are generated and expect your node to be part of the LTO Network.
Utilize the available Community Tech Tools to get more insights into the network and your participation. Let's build a secure and useful network together!
Depending on your stake (the number of LTO tokens you have in the “2nd wallet”) it will take more or less time for you to start earning LTO. Be patient and be happy. Welcome to the amazing LTO Network community! Read more about community programs.
