> For the complete documentation index, see [llms.txt](https://documentation.opencrvs.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.opencrvs.org/v1.3/setup/3.-installation/3.3-set-up-a-server-hosted-environment/3.3.1-provision-your-server-nodes-with-ssh-access.md).
# 3.3.1 Provision your server nodes with SSH access
{% hint style="info" %}
**Recomennded requirements for each server:**\
**16GB RAM / 8CPUs / 320 GB Disk / Ubuntu 22.04 (LTS) x64**
{% endhint %}
{% hint style="danger" %}
You must create a PEM(RSA), PKCS8, and RFC4716(OpenSSH) SSH Key for access to your servers. **Be aware that these developers have root level access to your server. If they leave your organisation, it is your responsibility to remove their id\_rsa.pub from the authorized\_keys file in** [**git**](https://github.com/opencrvs/opencrvs-countryconfig/blob/develop/infrastructure/authorized_keys) **and on the servers.**
{% endhint %}
1. Using your hosting provider, setup **1, 3** or **5** Ubuntu server nodes **with an additional backup server node in production**. Take note of all generated IP addresses and server hostnames.
2. Decide which of your IP addresses will be the **manager server node.** This server will be the manager in the Docker Swarm and the main server you will regularly SSH into to perform commands in this documentation.
3. Ensure that you have created SSH keys using [ssh-keygen.](https://www.ssh.com/academy/ssh/keygen) Then use [ssh-copy-id](https://www.ssh.com/academy/ssh/keygen#copying-the-public-key-to-the-server) to copy the public key: **id\_rsa.pub** key to all servers' **.ssh/authorized\_keys** file. Use the following command to copy and paste the **id\_rsa.pub** key into the [**authorized\_keys file in the countryconfig repo here.**](https://github.com/opencrvs/opencrvs-countryconfig/blob/master/infrastructure/authorized_keys) All public keys in this file will have SSH access to the server. **Never reveal the id\_rsa file!**
```
cat ~/.ssh/id_rsa.pub
```
4. For production deployments of 3 or 5 servers, ensure that the **manager server node** can ssh into all the other servers by itself if required in a bash script.\
\
SSH into **manager server node** and create an ssh key using [ssh-keygen.](https://www.ssh.com/academy/ssh/keygen) Then use [ssh-copy-id](https://www.ssh.com/academy/ssh/keygen#copying-the-public-key-to-the-server) to copy the public key: **id\_rsa.pub** key to the 2-4 other servers' **.ssh/authorized\_keys** file. SSH into the **manager server node**, and confirm that you can SSH into all nodes from inside the manager server node.
You are now ready to exit all nodes and run the Ansible command from your local environment to install the required dependencies on the servers. To set up a backup server in production, refer to the next step.
### Setting up a backup server for production
{% hint style="info" %}
In the next step, your servers will be configured. In this configuration process, OpenCRVS can optionally set up a scheduled task in Ubuntu's crontab to backup OpenCRVS every night to another external server.
{% endhint %}
1. If you are setting up a backup server, **SSH into the backup server** to add the **manager server node's** id\_rsa.pub key into its .ssh/authorised\_keys file.
2. Create a directory to store OpenCRVS backups, e.g /root/opencrvs
3. **SSH into the manager server node** and wnsure that the **manager server** can ssh into the backup server.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://documentation.opencrvs.org/v1.3/setup/3.-installation/3.3-set-up-a-server-hosted-environment/3.3.1-provision-your-server-nodes-with-ssh-access.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.