Where to host a bitcoind server? | Bitcointalksearch.org

Wolf0

member

Activity: 81

Merit: 1002

It was only the wind.

Quote from: gweedo on February 26, 2013, 05:12:50 PM

Quote from: Wolf0 on February 26, 2013, 05:08:12 PM

Quote from: gweedo on February 26, 2013, 04:53:21 PM

Quote from: dust on February 24, 2013, 08:29:00 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

I wasn't talking about SSH logs

What logs were you referring to?

System logs, he could also change change your shell path and so when you ssh in, your actually using a program that allows you to monitor his SSH activities. I mean there is just so many things that can be done here to make you think it is private but your really being watched or lured into a false sense of security.

Hm, clever. Or I could try to get it right out of /dev/mem, since I'd obviously have root.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Seal on February 26, 2013, 05:25:49 PM

Quote from: gweedo on February 26, 2013, 04:53:21 PM

Quote from: Seal on February 26, 2013, 04:46:13 PM

I just signed up and am officially running the bitcoind on an EC2 server

Its downloading the block chain but taking ages.

this is cause you share CPU time and you need CPU to verify the blocks so yea this is going to take a while.

Do you have one running on an EC2 instance gweedo?

It was fast up until the more recent blocks, now its taking ages. Damn satoshidice and all those transactions!

LOL yes satoshidice did mess it up LOL but it is what it is. I tried it out on one that I bought for a different project, and I really didn't like it, so now I don't, I host mine on a dedicated box that I know I only have access too, and is very secure.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Wolf0 on February 26, 2013, 05:08:12 PM

Quote from: gweedo on February 26, 2013, 04:53:21 PM

Quote from: dust on February 24, 2013, 08:29:00 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

I wasn't talking about SSH logs

What logs were you referring to?

System logs, he could also change change your shell path and so when you ssh in, your actually using a program that allows you to monitor his SSH activities. I mean there is just so many things that can be done here to make you think it is private but your really being watched or lured into a false sense of security.

Wolf0

member

Activity: 81

Merit: 1002

It was only the wind.

Quote from: gweedo on February 26, 2013, 04:53:21 PM

Quote from: dust on February 24, 2013, 08:29:00 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

I wasn't talking about SSH logs

What logs were you referring to?

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: dust on February 24, 2013, 08:29:00 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

I wasn't talking about SSH logs

Quote from: Seal on February 26, 2013, 04:46:13 PM

I just signed up and am officially running the bitcoind on an EC2 server

Its downloading the block chain but taking ages.

this is cause you share CPU time and you need CPU to verify the blocks so yea this is going to take a while.

Wolf0

member

Activity: 81

Merit: 1002

It was only the wind.

Quote from: gweedo on February 24, 2013, 08:16:36 PM

Well I hate to be the bad guy, but sadly if someone paid for storage on your server, they be a fool, and yes you could easily trick a newbie into letting you host a site or files for them, but that would be mean. So help the community out so later we can help you out.

What's wrong with buying an SSH account or storage on a third party server? If you don't trust the third party but want to upload sensitive data, encrypt it. I don't see much of a problem with using it as a proxy, either, as all I could really do (assuming malice) was snoop whatever they sent in cleartext, which almost never includes sensitive data. More than likely, they'd just want to be on Facebook or Twitter at work. Tongue

If I don't get any takers, I probably will run an Electrum server or something, though. Thanks for the idea.

Quote from: dust on February 24, 2013, 08:29:00 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

I don't think so either, besides, I'd strongly encourage (if not require) public key authentication. However, it does say that SSH debugging logs invade user privacy, and it's not too much of a stretch to think that if I changed the default logging level to debug, I might get a history of what they typed AFTER they were logged in, which could possibly include wallet passwords. This, of course, assumes I'm an evil bastard, though.

alfa.soft

newbie

Activity: 5

Merit: 0

for setup bitcoind for sci you can use any vps , but if you want shared hosting , i suggest you choose :
http://leaseweb.com / Netherlands location
http://godaddy.com / popular hosting
http://kabuuk.com / good price

Seal

donator

Activity: 848

Merit: 1078

Quote from: gweedo on February 26, 2013, 04:53:21 PM

Quote from: Seal on February 26, 2013, 04:46:13 PM

I just signed up and am officially running the bitcoind on an EC2 server

Its downloading the block chain but taking ages.

this is cause you share CPU time and you need CPU to verify the blocks so yea this is going to take a while.

Do you have one running on an EC2 instance gweedo?

It was fast up until the more recent blocks, now its taking ages. Damn satoshidice and all those transactions!

Seal

donator

Activity: 848

Merit: 1078

Quote from: Wolf0 on February 24, 2013, 08:39:12 PM

If I don't get any takers, I probably will run an Electrum server or something, though. Thanks for the idea.

Youre welcome

Quote from: zoinky on October 22, 2012, 07:53:12 PM

Anyone have experience running it off a EC2 Server on AWS?

I just signed up and am officially running the bitcoind on an EC2 server

Its downloading the block chain but taking ages.

dust

hero member

Activity: 840

Merit: 1000

I'm experimenting with a setup that utilizes two servers, a cheap VPS for the frontend, and dedicated hardware I have physical control of to run bitcoind and the backend. The backend services can be further segregated using VMs. The VPS handles all internet traffic, whereas the backend only communicates directly with the VPS with signed messages. The frontend can verify that messages from the backend are valid, and the backend can maintain its own records to audit the requests sent by the frontend. If the VPS was compromised, then any malicious requests sent to the backend would raise alarms.

Currently, I'm not handling any coin, so it is a bit overkill, but this kind of design would be extremely beneficial where security matters.

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

I don't think that SSH logs record passwords, that would be a huge security issue.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 08:11:02 PM

Quote from: Seal on February 24, 2013, 08:05:01 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

Maybe you could put it to use hosting a spare electrum server mirror?

Or he can just host a node on it, and just not the use the wallet, to help protect the network.

Good ideas, but I'd like to use it to make some bitcoins. I have more electronic storage in particular than I know what to do with, but the server itself could be put to really any purpose, which is why I was hoping I could rent it out cheaply.

Well I hate to be the bad guy, but sadly if someone paid for storage on your server, they be a fool, and yes you could easily trick a newbie into letting you host a site or files for them, but that would be mean. So help the community out so later we can help you out.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Seal on February 24, 2013, 08:05:01 PM

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

Maybe you could put it to use hosting a spare electrum server mirror?

Or he can just host a node on it, and just not the use the wallet, to help protect the network.

Seal

donator

Activity: 848

Merit: 1078

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 07:31:07 PM

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

Good point, debug SSH logs might show something like that. Oh well, maybe someone can use it for a less... financial purpose.

Maybe you could put it to use hosting a spare electrum server mirror?

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: ?? on ??

Quote from: gweedo on February 24, 2013, 06:31:37 PM

Quote from: ?? on ??

If someone's just looking for a place to host it, see my thread here: https://bitcointalksearch.org/topic/server-services-for-bitcoin-146588

Please don't host it on some random dude's server, who admits he has no bitcoins, and has no rep, this is recipe for disaster.

I would recommend cold storage solution, only way to keep bitcoins safe.

Normally I would agree with you, but I couldn't do anything with an encrypted wallet anyway. Besides, how do you earn rep if not someone trusting you without it and you coming through for them?

You could just use your logs and get the password from him or sniff all incoming traffic. It takes time to earn rep, being around, helping and using the forums is how you build rep, just like a credit card, over time we will see your a good guy.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: ?? on ??

If someone's just looking for a place to host it, see my thread here: https://bitcointalksearch.org/topic/server-services-for-bitcoin-146588

Please don't host it on some random dude's server, who admits he has no bitcoins, and has no rep, this is recipe for disaster.

I would recommend cold storage solution, only way to keep bitcoins safe.

weex

legendary

Activity: 1102

Merit: 1014

Just to provide a little bit of perspective, you can run a bitcoind on any server you want but you need to manage the funds on that server according to the risk.

On a cheap ass VPS on a host you don't really trust? Keep it to $20 worth or less of BTC on the server.

Running dedis in your network of hardened bunkers? Increase that to $1000-100000 worth (maybe you have real work to do).

It's easy talk to say, "Don't ever store bitcoins on the server" but to not mention risk management and some sense of stored value vs. difficulty of attack is reckless advice.

Wouldn't it be better to build something and get ripped off once for $20 than to get 10% complete on something that is 100% Secure(tm)*?

* exists only in textbooks and back-of-the-envelope designs

crazy_rabbit

legendary

Activity: 1204

Merit: 1002

RUM AND CARROTS: A PIRATE LIFE FOR ME

Quote from: zoinky on October 22, 2012, 07:53:12 PM

Anyone have experience running it off a EC2 Server on AWS?

Quote from: Seal on February 24, 2013, 03:38:58 PM

Quote from: zoinky on October 22, 2012, 07:53:12 PM

Anyone have experience running it off a EC2 Server on AWS?

Anybody? I'm interested in the same.

YES. It works well. You can use Cloud9 to set up very strict access control as well. It's not as cheap as a VPS, but at least you know you're instance is secure.

Seal

donator

Activity: 848

Merit: 1078

Quote from: zoinky on October 22, 2012, 07:53:12 PM

Anyone have experience running it off a EC2 Server on AWS?

Anybody? I'm interested in the same.

zoinky

hero member

Activity: 811

Merit: 1000

Web Developer

Anyone have experience running it off a EC2 Server on AWS?

MPOE-PR

hero member

Activity: 756

Merit: 522

Maybe give BitVPS a try.

zoinky

hero member

Activity: 811

Merit: 1000

Web Developer

Quote from: byronbb on October 20, 2012, 06:30:10 PM

Use blockchain.info's rpc service? http://blockchain.info/api/json_rpc_api

I get nothing but errors using that with PHP.

sippsnapp

sr. member

Activity: 322

Merit: 250

A vserver should be enough to host bitcoind.
If there is a lack of technical knowledge maybe managed hosting is an option.

As bitcoind is not very bandwidth intense its maybe an option to host it at home on a dedicated machine.

byronbb

legendary

Activity: 1414

Merit: 1000

HODL OR DIE

Use blockchain.info's rpc service? http://blockchain.info/api/json_rpc_api

moni3z

hero member

Activity: 899

Merit: 1002

Buy a cheap used rack server that is compatible with BSD/Linux and buy cohosting somewhere local where you can get access to your server and back it up encrypted on a regular basis. Where I live it's $40/mth and it sits behind an OpenBSD pfSense firewall with carp. There's also local console access to think about if you don't trust the cohost, plenty of IDS to set up, SElinux MAC, ssh keys ect.

I also like the Tor idea though I imagine that must be crazy slow, could see applications timing out before they reach bitcoind. I'll have to test that

Lethos

sr. member

Activity: 476

Merit: 250

Keep it Simple. Every Bit Matters.

Quote from: gweedo on October 12, 2012, 05:35:07 PM

Quote from: Lethos on October 12, 2012, 05:25:12 PM

Very few know how to keep your bitcoin secure on a server, so It's best to keep it separate and off-site from the main server.

It just takes some research and securing bitcoind is pretty easy, if you know linux. It is best to have a front end machine that does all the web stuff, and bitcoind on it's own vps.

Yes, that is all it takes, yet it still happens a lot where the worst still happens.

markm

legendary

Activity: 2940

Merit: 1090

Are you suggesting the term idiot was too mild a term?

Or that root does not have access to userspace RAM?

Or both?

-MarkM-

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: markm on October 12, 2012, 10:05:27 PM

Pretty much all the major hacks involved some idiot running bitcoind on a server they did not have physical custody of.

The linode employee who uses their admin interface to steal $80,000 or $250,000 bucks worth of bitcoins doesn't seem to give two shits for any "we will not steal your data" policies their employer might have in their terms of service. There is not really much if any evidence they would give any more or less shits about $80 worth or even $8 worth. (Thought they might lurk watching the small ones, watching for the right moment to catch the wallet at a peak of its value...)

-MarkM-

you do realize in the linode hacks the wallet wasn't encrypted either js

markm

legendary

Activity: 2940

Merit: 1090

Pretty much all the major hacks involved some idiot running bitcoind on a server they did not have physical custody of.

The linode employee who uses their admin interface to steal $80,000 or $250,000 bucks worth of bitcoins doesn't seem to give two shits for any "we will not steal your data" policies their employer might have in their terms of service. There is not really much if any evidence they would give any more or less shits about $80 worth or even $8 worth. (Thought they might lurk watching the small ones, watching for the right moment to catch the wallet at a peak of its value...)

-MarkM-

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Lethos on October 12, 2012, 05:25:12 PM

Very few know how to keep your bitcoin secure on a server, so It's best to keep it separate and off-site from the main server.

It just takes some research and securing bitcoind is pretty easy, if you know linux. It is best to have a front end machine that does all the web stuff, and bitcoind on it's own vps.

SätöshiTable

newbie

Activity: 28

Merit: 0

if you have a nice home-connection you could do this:

have your bitcoind on a local machine in your house behind router/firewall and connect it via TOR network TOR HIDDEN SERVICE

then you can install TOR on your web-server and from your web-app you can connect to your homeserver.

this needs the web-app to be able to cope with connection errors... having a list of pre-generated receive-addresses ...

you get the deal...

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: giantdragon on October 12, 2012, 05:13:21 PM

Quote from: gweedo on October 12, 2012, 03:49:29 PM

That is why you have to read TOS, and privacy policies

Have you ever seen at least one web hosting company who takes any liability in its terms of service?! Grin

Liability has nothing to do with this, but if you look at the TOS and privacy policy most web hosting companies can't access your server with out your permission or they need to have a cause to look at the files on it. Also I would never host a hot wallet, from a home network, this just opens you up hackers, where they can get at more of your bitcoins.

Lethos

sr. member

Activity: 476

Merit: 250

Keep it Simple. Every Bit Matters.

I wouldn't trust to host it in a server, unless I owned that physical server.
Very few know how to keep your bitcoin secure on a server, so It's best to keep it separate and off-site from the main server.

giantdragon

legendary

Activity: 1582

Merit: 1002

Quote from: gweedo on October 12, 2012, 03:49:29 PM

That is why you have to read TOS, and privacy policies

Have you ever seen at least one web hosting company who takes any liability in its terms of service?! Grin

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: giantdragon on October 12, 2012, 03:37:06 PM

I host bitcoind on my home PC. Never trust Bitcoin wallet to the hosting company!

That is why you have to read TOS, and privacy policies, but if your power or internet goes down then your service is kinda done.

giantdragon

legendary

Activity: 1582

Merit: 1002

I host bitcoind on my home PC. Never trust Bitcoin wallet to the hosting company!

ehmdjii

sr. member

Activity: 351

Merit: 250

Quote from: payb.tc on October 10, 2012, 12:39:09 AM

Quote from: gweedo on October 10, 2012, 12:22:57 AM

Any VPS will do

some give only 256mb of RAM which is really dodgy for bitcoind... make sure you get AT LEAST 512.

is that the reason why bitcoinmax.com is down after the login page?

payb.tc

hero member

Activity: 812

Merit: 1000

Quote from: gweedo on October 10, 2012, 12:22:57 AM

Any VPS will do

some give only 256mb of RAM which is really dodgy for bitcoind... make sure you get AT LEAST 512.

gweedo

legendary

Activity: 1498

Merit: 1000

Any VPS will do, but the real question is how to secure a bitcoind, that is most important part.

zoinky

hero member

Activity: 811

Merit: 1000

Web Developer

Where do most web services host a reliable bitcoind server to handle their traffic? Such as SatoshiDice.com, BTCDice.com or any other rapid 0 confirmation service?

Topic: Where to host a bitcoind server? (Read 4769 times)