Saturday, November 10, 2012
Free Linux Tutorials | Linux Howtow's | Linux Basics: How Filter Keywords in Squid Proxy Server
Free Linux Tutorials | Linux Howtow's | Linux Basics: How Filter Keywords in Squid Proxy Server: In This video we will learn how to filter keywords using Access Control List in squid proxy server
Free Linux Tutorials | Linux Howtow's | Linux Basics: How to Host Multiple Domains on Single IP
Free Linux Tutorials | Linux Howtow's | Linux Basics: How to Host Multiple Domains on Single IP: We are going to learn in this tutorial how to host multiple domains on a single IP. Bind Installation ———————- yum install bind bind-ut...
Free Linux Tutorials | Linux Howtow's | Linux Basics: Squid Proxy Authentication Using ncsa_auth Helper
Free Linux Tutorials | Linux Howtow's | Linux Basics: Squid Proxy Authentication Using ncsa_auth Helper: This will only allow authorized users to use proxy server. nobody can access internet without username and password
Saturday, November 3, 2012
How to set password for website
Inside the <Directory >….. </Directory> add the following content
AuthType Basic
AuthName "Private Documentation Repository"
AuthUserFile /var/www/html/.htpasswd
Require valid-user
Create username and password for your website
htpasswd -c /var/www/html/.htpasswd htuser
New password:
Re-type new password:
Adding password for user htuser
Your username and password will save in this file /var/www/html/.htpasswd
Check for apache syntax error
/usr/sbin/apachectl -t
Syntax OK
Now reload/restart the apache server. Use one of the following comment to restart the apache server
service httpd restart
Now go to your website and access it.
NIC Bonding in rhel5
Bonding in rhel5
Red Hat Enterprise Linux allows administrators to bind multiple network interfaces together into a single channel using the bonding kernel module and a special network interface called a channel bonding interface. Channel bonding enables two or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy.
The following is a sample channel bonding configuration file:
#vi /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROTO=none
ONBOOT=yes
IPADDR=10.0.1.27
NETMASK=255.255.255.0
NETWORK=10.0.1.0
USERCTL=no
After the channel bonding interface is created, the network interfaces to be bound together must be configured by adding the MASTER= and SLAVE= directives to their configuration files. The configuration files for each of the channel-bonded interfaces can be nearly identical.
For example, if two Ethernet interfaces are being channel bonded, both eth0 and eth1 may look like the following example:
#vim /etc/sysconfig/network-scripts/ifcfg-ethX
DEVICE=ethX
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
In this example replace X with the Numerical Value of the interface
Far Channel Bounding interface to be valid, The Kernel Module Must be Loaded. To ensure that the module is Loaded when the Channel bounding interface is brought up.
#vim /etc/modprob.conf
The following Lines in
alias bond0 bonding
options bond0 mode=balance-alb miimon=100
Then
#modprobe bonding
# service network restart
# ifconfig
Red Hat Enterprise Linux allows administrators to bind multiple network interfaces together into a single channel using the bonding kernel module and a special network interface called a channel bonding interface. Channel bonding enables two or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy.
The following is a sample channel bonding configuration file:
#vi /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROTO=none
ONBOOT=yes
IPADDR=10.0.1.27
NETMASK=255.255.255.0
NETWORK=10.0.1.0
USERCTL=no
After the channel bonding interface is created, the network interfaces to be bound together must be configured by adding the MASTER= and SLAVE= directives to their configuration files. The configuration files for each of the channel-bonded interfaces can be nearly identical.
For example, if two Ethernet interfaces are being channel bonded, both eth0 and eth1 may look like the following example:
#vim /etc/sysconfig/network-scripts/ifcfg-ethX
DEVICE=ethX
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
In this example replace X with the Numerical Value of the interface
Far Channel Bounding interface to be valid, The Kernel Module Must be Loaded. To ensure that the module is Loaded when the Channel bounding interface is brought up.
#vim /etc/modprob.conf
The following Lines in
alias bond0 bonding
options bond0 mode=balance-alb miimon=100
Then
#modprobe bonding
# service network restart
# ifconfig
Configure SFTP Server using chroot jail in Linux
Release:
RedHat Enterprise Linux, CentOS
Openssh 5.6P1
Problem:
Configure the sftp-server on a per-user-basis (restrict users to their individual home directory) using chroot() jail in RedHat Enterprise Linux
Solution:
1) Install the OpenSSH latest version that must support the chroot() function
2) Configure Openssh to use its internal sftp subsystem by editing the sshd_config file
# vi /etc/ssh/sshd_config
Replace
Subsystem sftp /usr/local/libexec/sftp-server
by
Subsystem sftp internal-sftp
3) Now configure the chroot() by using match rule, add the below entries in the end of the sshd_config file
# vi /etc/ssh/sshd_config
Match group sftponly
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Note: Here %u represents username, that means all the users in the sftponly group home directories are chrooted. Also chroot directory must be owned by root.
4) Add one new group named as sftponly
# groupadd sftponly
5) Create a new user to use retricted sftp. First create a user's home directory after that add the user
# mkdir /home/test
# useradd -g sftponly test
# usermod -d / test
Note: In here, create a home directory as a root user, while adding the user one warning comes like this, "useradd: warning: the home directory already exists"
6) Now test the configuration from client side
[root@server Desktop]# sftp test@192.168.2.201
Connecting to 192.168.2.201...
test@192.168.2.201's password:
sftp> ls
IN
sftp> cd IN
sftp> ls
sftp> mput 1.png
Uploading 1.png to /IN/1.png
1.png 100% 90KB 90.4KB/s 00:00
sftp> ls
1.png
sftp> bye
7) Test the SFTP-Server function from the windows client use the “WinSCP” or “Filezilla”
RedHat Enterprise Linux, CentOS
Openssh 5.6P1
Problem:
Configure the sftp-server on a per-user-basis (restrict users to their individual home directory) using chroot() jail in RedHat Enterprise Linux
Solution:
1) Install the OpenSSH latest version that must support the chroot() function
2) Configure Openssh to use its internal sftp subsystem by editing the sshd_config file
# vi /etc/ssh/sshd_config
Replace
Subsystem sftp /usr/local/libexec/sftp-server
by
Subsystem sftp internal-sftp
3) Now configure the chroot() by using match rule, add the below entries in the end of the sshd_config file
# vi /etc/ssh/sshd_config
Match group sftponly
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Note: Here %u represents username, that means all the users in the sftponly group home directories are chrooted. Also chroot directory must be owned by root.
4) Add one new group named as sftponly
# groupadd sftponly
5) Create a new user to use retricted sftp. First create a user's home directory after that add the user
# mkdir /home/test
# useradd -g sftponly test
# usermod -d / test
Note: In here, create a home directory as a root user, while adding the user one warning comes like this, "useradd: warning: the home directory already exists"
6) Now test the configuration from client side
[root@server Desktop]# sftp test@192.168.2.201
Connecting to 192.168.2.201...
test@192.168.2.201's password:
sftp> ls
IN
sftp> cd IN
sftp> ls
sftp> mput 1.png
Uploading 1.png to /IN/1.png
1.png 100% 90KB 90.4KB/s 00:00
sftp> ls
1.png
sftp> bye
7) Test the SFTP-Server function from the windows client use the “WinSCP” or “Filezilla”
Subscribe to:
Comments (Atom)