Cradicle Explorer
alpha-delta-context
/ testnet-ssh-fixed.md
testnet-ssh-fixed.md
  1  # Testnet SSH Access - RESOLVED
  2  
  3  **Date**: 2026-01-21
  4  **Issue**: SSH connection timeouts to all 5 testnet validators
  5  **Root Cause**: SSH port changed from 22 to 2584 during security hardening on 2026-01-20
  6  **Resolution**: Updated SSH config to use port 2584
  7  
  8  ## Timeline
  9  
 10  ### 2026-01-20 19:42 UTC
 11  Security hardening applied to all testnet servers:
 12  - SSH port migrated: 22 → 2584
 13  - UFW firewall enabled
 14  - Allowed ports: 2584 (SSH), 4130/5000/3030 (AlphaOS), 4131/5001/3031 (DeltaOS)
 15  - Implemented in commit: 227e892
 16  
 17  ### 2026-01-21 19:51 UTC
 18  Issue resolved:
 19  - Updated `~/.ssh/config` to specify `Port 2584` for testnet servers
 20  - Verified SSH access to all 5 validators
 21  - Updated documentation
 22  
 23  ## Current Configuration
 24  
 25  ### SSH Access
 26  ```bash
 27  # All testnet servers accessible via:
 28  ssh devops@testnetXXX.ac-dc.network  # Port 2584 auto-configured
 29  
 30  # Manual port specification (if needed):
 31  ssh -p 2584 devops@testnetXXX.ac-dc.network
 32  ```
 33  
 34  ### CI Runner
 35  - **IP**: 165.227.224.22 (already whitelisted on all servers)
 36  - **Key**: id_ed25519_devops
 37  - **User**: devops
 38  - **Sudo**: Passwordless sudo enabled
 39  
 40  ### Testnet Validators
 41  | Server | IP | Hostname | Status |
 42  |--------|----|-----------| -------|
 43  | testnet001 | 65.108.155.133 | Testnet-001 | ✅ SSH accessible |
 44  | testnet002 | 178.156.159.24 | Testnet-002 | ✅ SSH accessible |
 45  | testnet003 | 46.62.225.199 | Testnet-003 | ✅ SSH accessible |
 46  | testnet004 | 65.21.149.67 | Testnet-004 | ✅ SSH accessible |
 47  | testnet005 | 157.180.28.93 | Testnet-005 | ✅ SSH accessible |
 48  
 49  ### Security Configuration (Applied 2026-01-20)
 50  ```bash
 51  # Firewall (UFW)
 52  Status: active
 53  Default: deny incoming, allow outgoing
 54  
 55  Allowed Ports:
 56  - 2584/tcp   # SSH (custom port)
 57  - 4130/tcp   # AlphaOS P2P
 58  - 5000/tcp   # AlphaOS BFT
 59  - 3030/tcp   # AlphaOS REST API
 60  - 4131/tcp   # DeltaOS P2P
 61  - 5001/tcp   # DeltaOS BFT
 62  - 3031/tcp   # DeltaOS REST API
 63  ```
 64  
 65  ## Testing Verification
 66  
 67  ```bash
 68  # Tested all 5 validators:
 69  for i in {1..5}; do
 70    ssh devops@testnet00$i.ac-dc.network "hostname"
 71  done
 72  
 73  # Output:
 74  # Testnet-001 ✅
 75  # Testnet-002 ✅
 76  # Testnet-003 ✅
 77  # Testnet-004 ✅
 78  # Testnet-005 ✅
 79  ```
 80  
 81  ## Files Modified
 82  
 83  1. **~/.ssh/config** - Added `Port 2584` to testnet hosts
 84  2. **setup-testnet-ssh.sh** - Added note about obsolescence (already configured)
 85  3. **testnet-ssh-fixed.md** - This documentation
 86  
 87  ## Next Steps
 88  
 89  Now that SSH access is restored, we can proceed with:
 90  - ✅ Section 12: Testnet governance testing
 91    - Test genesis fetch in production mode
 92    - Submit test governance proposal
 93    - Vote with all validators
 94    - Monitor automatic upgrade execution
 95    - Verify dual-chain coordination
 96  
 97  ## References
 98  
 99  - Security setup commit: 227e892edd8903e62af2468356403d117f51e72a
100  - Security documentation: `tools/TESTNET-SETUP.md`
101  - Test results: `tools/TEST-RESULTS.md`