www/content/services/shell.md

---
title: "Shell Accounts"
geekdocDescription: "burble.dn42 Shell Services"
weight: 60
---
burble.dn42 provides shell accounts on the following servers:

- shell.fr.burble.dn42
- shell.uk.burble.dn42
- shell.de.burble.dn42
- shell.lax.burble.dn42
- shell.nyc.burble.dn42

There is also an anycast address [shell.burble.dn42](https://shell.burble.dn42)
that will route to the closest server.

## Accessing the Service

The shell service imports user information from the dn42 registry allowing
any MNTNER to log in to the servers. Usernames are constructed by
lowercasing and removing the '-MNT' suffix.

### Using an SSH public key

If you have an `auth` attribute with an SSH public key, this will be
imported from the registry and you can use the SSH key to log in to the
shell server.

### Using a password

MNTNERs without an SSH key must first use the
[burble.dn42 service portal](https://svc.burble.dn42) to set an account password.

### Connection Example

For mntner *FOO-MNT*

Log in to the closest server using your ssh key or burble.dn42 password:

```shell
ssh foo@shell.burble.dn42
```

or log in to a specific server:
```shell
ssh foo@shell.fr.burble.dn42
```

Your home directory is created automatically on first access and will then
persist across logins.  
Home directories are *not* replicated across servers.

## Key Services

### Installed Packages

A broad set of command line tools, applications and games are available;
the aim is to provide a comprehensive environment that is useful and
fun to tinker with.

The current set of packages can be found in the shell config repo:

- [https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml](https://git.dn42.dev/burble/config-shell/src/branch/main/roles/user_apps/tasks/main.yml)

Requests for additional packages are welcome, please raise these as
[issues](https://git.dn42.dev/burble/config-shell/issues) in the repo.

### Webserver

The shell servers include a webserver with user directories (`~/public_html/`)
and CGI (`~/public_html/cgi-bin/`) enabled. The webserver is accessed over https
and has a dn42 certificate.

- `https://shell.fr.burble.dn42/~<username>/`
- `https://shell.uk.burble.dn42/~<username>/`
- `https://shell.de.burble.dn42/~<username>/`
- `https://shell.lax.burble.dn42/~<username>/`
- `https://shell.nyc.burble.dn42/~<username>/`
- `https://shell.burble.dn42/~<username>/`

{{<hint info>}}
Remember that any files need to be accessible by the webserver,
which runs as user/group www-data/www-data; CGI scripts must also be executable.
The default umask of 077 means that the webserver won't be able to
read your public_html folder or any files within it without changing permissions.

A simplistic approach would be to make your home directory, and
public_html directory world readable:

```shell
chmod a+x ~
chmod -R a+rX ~/public_html
chmod -R a+rx ~/public_html/cgi-bin
```

A more secure way of allowing access would be to use posix ACLs:

```shell
setfacl -m "u:www-data:x" ~
setfacl -Rdm "u:www-data:rX" ~/public_html
setfacl -Rdm "u:www-data:rx" ~/public_html/cgi-bin
```
{{</hint>}}

{{<hint info>}}
Note also that home directories are not replicated across each shell server.

If you want to provide services using the anycast address you must copy your code
between servers yourself.
{{</hint>}}

### Login Shell

You can change your login shell using the
[burble.dn42 service portal](https://svc.burble.dn42).

### Classic Games

The shells have a number of classic text games installed:

**[Colossal Cave Adventure](https://en.wikipedia.org/wiki/Colossal_Cave_Adventure)**  
*Get lost in a twisty little maze of passages*  
```$ adventure```

**[Trek](https://en.wikipedia.org/wiki/Star_Trek_(1971_video_game))**  
```$ trek```

**[NetHack](https://en.wikipedia.org/wiki/NetHack)**  
*The original time sink*  
```$ nethack```

**[Zork](https://en.wikipedia.org/wiki/Zork)**  
*Zork 1, 2 and 3 are available in /usr/local/frotz/*  
```$ frotz /usr/local/frotz/ZORK1.DAT```  
```$ frotz /usr/local/frotz/ZORK2.DAT```  
```$ frotz /usr/local/frotz/ZORK3.DAT```

Take a look in /usr/games for more text games.

### Cron, Batch and Services

Cron and other batch or long running tasks are ok, but be a nice neighbour
and prioritise other users' interactive use.

Schedule crons to run at random or obscure times to avoid stampeding herds
and control your resource usage using tools like nice and ionice.

### Clearnet

Clearnet access is provided. Rate limiting allows for a small amount of
burst traffic, but then bandwidth is quickly limited to 10mbit/sec. In general,
you should be better off using your own clearnet access for large downloads.

### Connection Forwarding

SSH forwarding is enabled on the servers.

For example, this means you are able to use the shell servers as a
resilient, anycast jump host:

```sh
ssh -J shell.burble.dn42 my.other.host.dn42
```

There are also a small number of X11 apps installed on the servers:

```sh
ssh -X shell.burble.dn42 -f 'xterm & xeyes'
```

### Integration with S3 object storage

The shell servers include [rclone](https://rclone.org/) which can be used to access
the [S3 object storage service](/services/minio).  
See the
[S3 storage example](/services/minio/#using-the-s3-api-to-mount-buckets-using-rclone)
for details.

## Acceptable Use

In general, as long as you are not risking the service or other users you
should be ok. These services are provided free for your benefit, and the
objective is to provide a fun, open environment for dn42 users.
Please be considerate in your usage and remember that abusing the
service just spoils it for everyone else.

See also the main [Abuse Policy](/network/abuse).

## Source Code and Configuration

Configuration for the shell servers is maintained in a git repo:

- [https://git.dn42.dev/burble/config-shell](https://git.dn42.dev/burble/config-shell)

The repository may be used for raising issues or requesting additional
software to be installed.