License Key hashes: New method for installs/setup.sh and getLicense.sh

bdacus01

Verified User
Joined
Jul 22, 2017
Messages
3,741
Location
Murfreesboro
do 50 license IP changes, and someone could run 50 servers from one license, for up to a month.
I dont have time for that nonsense..
ust a regular guy from Tennessee testing out a dozen FreeBSD VPS's and installing DA on them.
Only until January 2022... Unless you want to talk about the FreeBSD guy helping to keep it going...
legacy auto option will work just fine.
I hope this stays like that...
 

bdacus01

Verified User
Joined
Jul 22, 2017
Messages
3,741
Location
Murfreesboro
I know if we could get everyone to buy FreeBSD licenses between now and January 1 2022. Maybe DA would reconsider...

Maybe I will just go set up a FreeBSD box just for nostalgia.
 
Last edited:

MaXi32

Verified User
Joined
Jul 25, 2016
Messages
548
Location
The Earth
Hai everyone, after reading some posts here I still don't get a clear picture between using 'auto' or just using the 'LicenseKey' argument.

First question: Do they behave the same thing (like both will install the same components like CSF, mysql etc ..) except if we use auto then we don't have to supply a License key? Just that reason?

  • ./setup.sh auto
  • ./setup.sh "LicenseKey"

When I test this on a new VPS server it actually requires some arguments like DA_EMAIL= to successfully install. Without it, the installer will finish with an error (invalid email).

My second question: I'm wondering why do we need to supply an email during setup?.

and also it needs DA_HOSTNAME argument as well. Without this hostname argument, it will just ask to enter hostname manually during setup. Hence, using the auto argument here no longer makes sense.

./setup.sh auto (installation failed)
DA_HOSTNAME="server.domain.com" DA_EMAIL="[email protected]" ./setup.sh auto (works)

Previously the auto mode alone works fine without the above arguments.


Screenshot:

When hostname is not supplied during setup we will get this interactive input:

manual_hostname.JPG

When an email argument is not supplied, the installer ends with the following errors:

*************************************
* *
* All parts have been installed *
* *
*************************************

No grub changes needed.
## REPORT_START
Welcome to DirectAdmin version 1.63.2!
The email provided is not a valid email
check the /usr/local/directadmin/scripts/setup.txt
## INSTALL_FAILED
## REPORT_END

System Security Tips:
https://docs.directadmin.com/operation-system-level/securing/general.html#basic-system-security


*********************************
*
* Cannot find /usr/local/directadmin/conf/directadmin.conf
* Please see this guide:
* https://docs.directadmin.com/direct...a-service.html#directadmin-not-starting-canno t-execute-binary-file
*
*********************************
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,478
Location
LT, EU
When I test this on a new VPS server it actually requires some arguments like DA_EMAIL= to successfully install. Without it, the installer will finish with an error (invalid email).
Please check
Code:
hostname -f
. I don't think it's an FQDN.
 

MaXi32

Verified User
Joined
Jul 25, 2016
Messages
548
Location
The Earth
Please check
Code:
hostname -f
. I don't think it's an FQDN.
@smtalk Yes, the hostname was not fqdn (because the server image was built from scratch by linode image and they did not set it) ... but the previous installer was able to resolve that automatically. When I test the previous installer, I never set hostname the auto mode was working perfectly without any other arguments.

Why not the installer just use the hostname information from the license and automatically add it to the hostname?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,478
Location
LT, EU
@smtalk Yes, the hostname was not fqdn (because the server image was built from scratch by linode image and they did not set it) ... but the previous installer was able to resolve that automatically. When I test the previous installer, I never set hostname the auto mode was working perfectly without any other arguments.

Why not the installer just use the hostname information from the license and automatically add it to the hostname?
It's a known issue, which is fixed in beta branch (RC) already :) Just wanted to explain why the issue happened.
 

Kelvin

Verified User
Joined
Oct 20, 2020
Messages
6
I don't know why the automatic installation always shows this.

~]# ./setup.sh auto
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 236 100 236 0 0 78 0 0:00:03 0:00:02 0:00:01 222

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,478
Location
LT, EU
I don't know why the automatic installation always shows this.

~]# ./setup.sh auto
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 236 100 236 0 0 78 0 0:00:03 0:00:02 0:00:01 222

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
I was unable to reproduce it. Please make sure setup.sh is latest (re-download it), if the issue re-occurs, try executing it like this and PM me the output:
Code:
bash -x ./setup.sh auto
 

Nickske00

Verified User
Joined
Nov 30, 2015
Messages
80
Thinking about it, this makes it easier to setup a vm on your own computer to test things. :D
 

nmb

Verified User
Joined
Sep 13, 2008
Messages
220
Is it possible to delay the deactivate on old server for like a day? In case user need to migrate to another server, a day should be good enough. It should be better than to request you guys to give user a temp license which will take some time.
 

DirectAdmin Sales

Administrator
Staff member
Joined
Feb 27, 2003
Messages
544
Is it possible to delay the deactivate on old server for like a day? In case user need to migrate to another server, a day should be good enough. It should be better than to request you guys to give user a temp license which will take some time.

Under the new system this is no longer possible. It was discussed above how this was never an approved method to begin with -- in fact it violates the licensing agreement. If you need a solution that involves no wait time, you can always generate a 60-day trial license through our site. It is instant and requires no billing info.
 

nmb

Verified User
Joined
Sep 13, 2008
Messages
220
Under the new system this is no longer possible. It was discussed above how this was never an approved method to begin with -- in fact it violates the licensing agreement. If you need a solution that involves no wait time, you can always generate a 60-day trial license through our site. It is instant and requires no billing info.
Good to know that there is a method that I can do instantly if needed.

Thanks,
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
6,030
I am still not understanding something. I have a bunch of licenses, some used and some not currently being used. If using auto how will it know which license to use? How will it know which licenses are not currently being used? When installing on a new server what prevents it from disabling one of the used licenses instead of using one that is not used?
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
6,030
I have a VM template with DirectAdmin preinstalled. When a customer signs up for a vps with DA it uses that template and then when the vps boots it runs /usr/local/directadmin/scripts/getLicense.sh auto and runs ipswap to change the ip in the DA files.

I assume this method will not work anymore?
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
6,030
When looking at the clients section how do we know which license goes with which server? How do we know if a license if currently used?
 

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
2,260
Location
London UK
When looking at the clients section how do we know which license goes with which server? How do we know if a license if currently used?
I am still not understanding something. I have a bunch of licenses, some used and some not currently being used. If using auto how will it know which license to use? How will it know which licenses are not currently being used? When installing on a new server what prevents it from disabling one of the used licenses instead of using one that is not used?
I guess it looks for a matching eth0/etc IP you defined in the licence? 🤷‍♂️
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,164
I am still not understanding something. I have a bunch of licenses, some used and some not currently being used. If using auto how will it know which license to use? How will it know which licenses are not currently being used? When installing on a new server what prevents it from disabling one of the used licenses instead of using one that is not used?
Each license now has a "License Key Hash" (LK Hash). A long set of characters to define your license.
If you've updated your DA/license.key even semi-recently, you can check:
Code:
./directadmin l
to view the license info and license_key= value.
If it's showing the text, then you're all set.

If not, update your license.key and that will load something into our DB, and download the license.key with the LK hash in it, where you can ./directadmin l again to confirm it's loaded.

For any unused licenses, you can view the license in /clients, click a license. About the 5th or 6th (depending on license features/settings) will be a "License Key" row. If the value to the right is blank, click the (+) to show more text/info, and at the bottom of that new text is a "Reset" button. Using this will set a LK Hash if you don't currently have one.

------

For general use, installing DA would use:
Code:
./setup.sh <LK Hash>
(see the Install Guide
The "setup.sh auto" will only work if your license has the IP set. If you have "auto" for the IP, then you muse use the LK Hash to install.

Once you have DA installed, the "./getLicense.sh auto" would grab the LK Hash from the "./directadmin l" output, but will not work for there is not currently a license.key yet with the LK Hash in it. However, with the new system (once we're out of hybrid mode), you'll never need to grab a new license.key as the hash never changes, and the license.key no longer stores any info other than the LK Hash.

For any license (assuming current DA version using the new license system), you can view the active session when viewing the license. You'll know it's being used as there will be a session.
You can also lock a given license to an IP/range, so no other server can use it (we recommend using the "Auto Lock" for the License IP restrictions, as the incoming IP we see on our end can vary, it's sometimes the IPv6. There is not IP binding done for this outbound call on your server to make life much easier on NAS systems within a local network.
The actual /clients/index.php currently still uses the older mechanism for "active", but once we're out of hybrid mode, it will be updated to use the active sessions, and I can probably add the host/IP there too for quick reference (where it makes sense).

The license sessions system enforces one active session per license. DA will throw errors if you try to run 2 at the same time with the same LK Hash. 1.63.5 will now give much more descriptive license errors right at 2222 if you accidentally do this. Else, use "journalctl -u directadmin" to check for the licenses session errors, combined with checking /clients to view the active sessions (which shows the hostname of the box using it).


floyd said:
I have a VM template with DirectAdmin preinstalled. When a customer signs up for a vps with DA it uses that template and then when the vps boots it runs /usr/local/directadmin/scripts/getLicense.sh auto and runs ipswap to change the ip in the DA files.

I assume this method will not work anymore?
It will not. You'd need to specify the LK Hash if there is no license.key there already.
However, please contact [email protected] (or create a ticket to sales) as this system does have an option for multi-box licenses, where all your boxes use the same LK Hash. That would simplify things for multi-box providers. It pro-rates based on usage and sorts out the billing at the end of the month. Just be sure to setup your License/Client IP ranges/lists restrictions correctly.
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
6,030
So in my virtualizor setup I had all my DA ip's in a separate pool. I could easily see how many licenses I had available by looking at the number of unused ip's in the DA pool of ip's. When out of hybrid mode there will be no way for me to know which licenses are used and which are not just by looking at my virtualizor ip pool.

When I provision a vps I no longer have access to it to run "./directadmin l"

"./directadmin l" gives the license key to whoever happens to be leasing the vps at that time. We are told not to give this out but everybody who leases a vps will have access to it. If someone wants to reinstall the OS and DA then I will have to give them the license key or they can get it themselves with "./directadmin l". They can even use it at another provider it appears.

checking /clients to view the active sessions

I don't see a way to generate a list of active sessions. I have to look at each license individually to see the sessions.

The only saving factor I can see is that it looks like I can set up an ip restriction so that the license can only be used with a particular ip. That is the only way I can see to keep over 100 licenses organized and prevent theft. That way I can continue to used my system of DA ip pools to know which licenses are available.

I love you guys and don't mean to be critical. This change has caused me a lot of extra work and stress trying to figure out how to manage it. I am only a one man operation.
 
Last edited:
Top