3
1
I regard myself as being a competent programmer and have good general IT knowledge; however I know very little about BTC. I just want to make sure that my setup is "generally secure" and that I'm grasping as much of the low hanging fruit as possible (from a security point of view).
So I installed bitcoin-cli on my Ubuntu 14.04 VPS (I am quite trustworthy of the company who provide the VPS):
sudo add-apt-repository ppa:bitcoin/bitcoin
sudo apt-get update
sudo apt-get install bitcoind
Here's my init script:
description "bitcoind"
start on filesystem
stop on runlevel [!2345]
oom never
expect daemon
respawn
respawn limit 10 60 # 10 times in 60 seconds
script
exec 2>>/var/log/bitcoind.log
set -x
user=eamorr
home=/home/$user
cmd=/usr/bin/bitcoind
pidfile=$home/.bitcoin/bitcoind.pid
# Don't change anything below here unless you know what you're doing
[[ -e $pidfile && ! -d "/proc/$(cat $pidfile)" ]] && rm $pidfile
[[ -e $pidfile && "$(cat /proc/$(cat $pidfile)/cmdline)" != $cmd* ]] && rm $pidfile
exec start-stop-daemon --start -c $user --chdir $home --pidfile $pidfile --startas $cmd -b -m
end script
Saved init script to /etc/init/bitcoind.conf
service bitcoind start
OK great.
* Now what? *
(Bearing in mind that I don't want to use a third party website)
Do I need to open port 8333 on my firewall? Is that ok?
Is there some "private key" I should store somewhere safe? Do I need to store this on my VPS?
Is there anything else I should do?
I want to buy €50 of BTC. I guess I need an address. How do I create an address? I will tell the folks at bittylicious.com to send €50 worth of BTC to my newly created address, right?
Finally, how do I create multiple BTC addresses, receive money at those and transfer into my "master" BTC address?
Here's some command outputs for your information:
>> bitcoin-cli getnetworkinfo
{
"version" : 90201,
"protocolversion" : 70002,
"timeoffset" : 0,
"connections" : 8,
"proxy" : "",
"relayfee" : 0.00001000,
"localaddresses" : [
{
"address" : "xxxxxxxxxxxxxxx - IPv4 address",
"port" : 8333,
"score" : 9
},
{
"address" : "xxxxxxxxxxxxxxx - IPv6 address",
"port" : 8333,
"score" : 1
}
]
}
>> bitcoin-cli getinfo
{
"version" : 90201,
"protocolversion" : 70002,
"walletversion" : 60000,
"balance" : 0.00000000,
"blocks" : 172082,
"timeoffset" : 0,
"connections" : 10,
"proxy" : "",
"difficulty" : 1498294.36281651,
"testnet" : false,
"keypoololdest" : 1409306527,
"keypoolsize" : 101,
"paytxfee" : 0.00000000,
"relayfee" : 0.00001000,
"errors" : ""
}
>> bitcoin-cli listaccounts
{
"" : 0.00000000
}
>> bitcoin-cli listreceivedbyaddress
[
]
Thanks for your help guys,
Update:
There's an init script for Debian (works on my Ubuntu 14.04) in the offical repo:
https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.conf
So, all you have to do to get bitcoin up and running headless (from a fresh install) is:
sudo apt-add-repository ppa:bitcoin/bitcoin
sudo apt-get update
sudo apt-get install bitcoind
sudo curl https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.conf > /etc/init/bitcoind.conf
sudo vim /etc/init/bitcoin.conf
#Delete the line "disablewallet" (part of "exec start-stop-daemon" command) - don't delete if you don't want a wallet
adduser bitcoin
sudo mkdir /var/run/bitcoind
sudo chown bitcoin:bitcoin /var/run/bitcoind
sudo mkdir /var/lib/bitcoind
sudo chown bitcoin:bitcoin /var/lib/bitcoind
sudo mkdir /etc/bitcoin
sudo touch /etc/bitcoin/bitcoin.conf #put your config in here: rpcuser, rpcpassword, etc.
sudo apt-get install ufw
sudo ufw allow 22
sudo ufw enable
This installation is maintainable and gives a "good" level of security.
Hi knapo, thank you for the update. I didn't realise it would take 20GB! Now my VPS is out of disk space. I do have another VPS (it has more disk space). So should I have a "border-router" bitcoind on this VPS and store my wallet on the other VPS? Do I need a public node at all? Thank you again, – Eamorr – 2014-08-29T19:49:01.130
Also, do I have to open port 8333? – Eamorr – 2014-08-29T19:59:16.020
1No, you don't have to have a public node if you don't want to. It's perfectly OK if you don't enable the 8333 port - you'll then only use connections initiated by you. If you're just starting with Bitcoin though, you may want to look for other clients, like Electrum, that have much lower requirements (so called thin clients). When you know your way around and want to have a full-node at VPS, do it as I described in my answer. You'll need a big (30+GB) storage on both machines (private and public). Hope this helps. – Jozef – 2014-08-29T20:04:23.833
That's good information to have. I have port 8333 open at the moment -- what info is being exchanged? Would I be contributing to the BTC community in this case? So I am currently relaying traffic? A bit like the Tor network? – Eamorr – 2014-08-29T20:06:33.933
1Yes, if you have 8333 open, you can consider yourself a contributor :-) In fact, there's never enough stable full nodes listening for incoming connections, so you'd be doing a good job. I'd not compare it much to TOR though, since it is not relying what you're doing - it's actually directly providing the public information for anyone to download - so in this case more like BitTorrent, if you want a comparison. The info that is being exchanged is the blockchain itself and also new unconfirmed transactions. – Jozef – 2014-08-29T20:12:48.420
@JozefKnaperek Just want to confirm - I'm using
ufwfirewall on my VPS, I need to open port 8333 to TCP connections, right? i.e.ufw allow 8333/tcp. Just confirming it's TCP, which I'm 99.9% sure of. Cheers! – mecampbellsoup – 2016-11-20T18:12:22.453Yes, all communications are done over TCP.
– Jozef – 2016-11-21T14:32:35.583I'm here from the future and just want to say @Eamorr, "20 GB!", that's cute. – Oliver Kane – 2018-02-01T18:17:44.183