I'm using sendmail and I'm trying to set up some forwarding accounts. It seems simple enough but all the results I've gotten on Google so far are pretty unhelpful. Isn't there a straightforward tutorial somewhere?
View 4 RepliesI will expain my setup :
SERVER 1 - SHARED ACCOUNTS
SERVER 2 - RESELLER ACCOUNTS
On server 2, all of a sudden my resellers are complaining that the accounts they create are not working, so I checked out.. and I realised that the accounts all have 'Unknown' as the IP.
So, steps I took so far...
1. Rebuilt Apache
2. Restarted the server
After each of these steps I have created new accounts, and still I have this error.
I am looking at creating two user accounts for "contract system admins"..These guys will be performing sys admin duties for a sever -- however, I am still concerned about security of data. For example, the server contains password information for our database, etc.Besides making them sign an NDA, etc. what other security mechanisms could I put in place to ensure that they don't just go buck wild. For example, when someone makes a sudo command, is this logged?
what are some recommendations for general security practices?
i'm configuring sendmail for a little office but i was requested for two domains e.g. [URL] and [URL] i've created this two domains but at the moment i create a user account how could i make the difference between wich domain the user belongs?
View 1 Replies View RelatedIs there a command to see what user accounts are set to expire or expired.(OS = Red Hat)
View 1 Replies View RelatedWhat is the least painful way to temporarily prevent uploads to an FTP server by certain accounts? they all only upload directly to their home directory setup in /etc/password
View 1 Replies View RelatedI have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
My Linux laptop has recently been hanging for no apparent reason, and so I have been using a Mac OS X laptop in the meantime. I just installed Thunderbird and wanted to copy all my preferences and account settings to the new laptop. All email accounts are IMAP based.Can I simply copy the data, or does Thunderbird for OS X store data in a different format from OS X? What about if I wanted to copy the preferences to Thunderbird under Windows? Finally, what files do I copy? I haven't powered up the Linux laptop yet but I'm guessing there's a ~/.thunderbird/ directory, can I just copy this to the Mac?
View 1 Replies View RelatedI have been using a cron job to duplicate a folder into another users account every day and someone suggested using symbolic links instead although I cannot get them to work. In summary user GAMER generates log files that they want to access via HTTP, however I only have a web-server in the user account SERVER, in the past I would copy the logs folder from GAMERS account into SERVER/public_html/. and then chmod the files so the server could access them. Trying to use symbolic links I set up a link from root (as only root can access both accounts) I used: ln -s /home/GAMER/game/logs/ /home/SERVER/public_html/logs
However it seems that only root can use this link, I tried chmoding the link, all the files in the gamers /game/logs/*, /game/logs itself to 777 as well as changing chown and chgrp to server the files still cannot be read. When viewed from servers account my shell shows the link and where it is to hi-lighted in black with red text. /home/GAMER/game/ (chmod & chgrp) drwxrwxrwx 3 SERVER SERVER 4096 2011-01-07 15:46 logs
/home/SERVER/public_html (chmod -h & chgrp -h)
I am trying to figure out a way to pull the user information from local users on a Linux server. I have approximately 40 servers running SUSE and Ubuntu that are using Microsoft Active Directory in order to authenticate. Our internal auditing group has made us disable root ssh ability, I was doing this with clusterssh, but I can login as me then su on the server to conduct root, admin, work. This is an ongoing request to get the local users and it is a painfully slow process since I have to login to each server to get the /etc/passwd file. Is there another way to get the local user information? They are now asking about seeing the last logon date or if the account is disabled, any thoughts there as well?Most of our auditors think Windows and I am trying to make my life easier but not sure what options I have. I need to get local accounts and if they are active or disabled plus last logon date. I'm sure there will be more but if I can get the basics adding more shouldn't be too difficult but I guess I'll cross that bride when I get there.
View 7 Replies View RelatedI am trying to create users accounts reading from a file. I can get it to show if the user already exists but I want it to instead of not creating the user account to create e.g. Scott1 etc.The code i have so far is :
#!/bin/bash
while read line
do
[code]...
I have couple of users in one machine. I can access the /etc/passwd,/etc/shadow and /etc/group files in this box. I have another box. I want to create some user accounts in the second box by just looking in the passwd, shadow and group files in the first box. I would just copy over the corresponding lines into the corresponding for whichever accounts I want to create as new and also change the lines for which I want to update the account information. Is this possible and will also the passwords work fine? Please also let me know there is any good tool for automatically doing this kind of stuff. Both the boxes that I have are Ubuntu machines though one is running Ubuntu 8.04 and the other is 10.04.
View 5 Replies View Relatedi have a linux box at work that was configed by some that has left the company. we have an email add: e.g test@test.com, if you enter that mail add to a new email it then sends the mail to several email accounts the are on the server.i would like to remove and add new users onto that email address, is there anyone out there that can help?
View 1 Replies View Relatedhere is what i need to do: [url]..... resolves to 209.5.5.5 which is my public IP on the external side of my router. Router is setup to forward (port forwarding) all port 80 based traffic to internal ip 192.168.1.10 which I want that server to lookup the request, and for web1 forward to 192.168.1.101, for web2 to .102 etc....how can i acheive this? What do i need to use?
View 6 Replies View RelatedThe default output audio port Ubuntu doesn't work on my system. It should be "Analog Mono Output/Amplifier", instead of "Analog Output/Amplifier". I can easily change that in sound preferences, just by choosing the right port in the "Output" tab. The problem is this would only apply to a single account, and I would like to change it system-wide, so it applies to all accounts on the system (I have more than 100 users...).
Update: I can achieve the same effect as I would by changing it in sound preferences using the following command: pacmd 'set-sink-port' 'alsa_output.pci-0000_00_1f.5.analog-stereo analog-output-mono;output-amplifier-on' Unfortunately that's still not system-wide,
I wrote a small script that gets me the list of enabled system accounts in my system.
I figure '*' & '!' (in field #2 of /etc/shadow) mean that the account is disabled or they cannot login, hence 'safe-to-ignore'
Code:
IFS=$'
'
for i in `cat /etc/passwd` #get each line in the passwd file
do
var1=`echo $i | cut -d':' -f3` #get user ID field
if [ $var1 -lt 500 ] && [ $var1 -gt 0 ] #compare to extract relevant IDs
[Code].....
BTW i figure the following command gives me the list of system users, but i am not able to find a way to process it further... :-(
Code:
awk -F":" '$3 >= 1 && $3 < 500 { print $1 }' /etc/passwd
Originally Posted by http://salcedoweb.com/rds/server.htmlUncomment or add line in /etc/inetd.conf:
# Post Office Protocol version 3 (POP3) server:
pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popa3d
How do I add an account so I can access my mailbox from M$ Outlook from a Windows 7 machine?I am planning on using my ISPs smtp server for sending mail.Or is there anything else I should be aware of?http://www7.pic-upload.de/21.04.11/ieg6wv3qx6g.jpg
I have a VM with RHEL 5 without an X server. My host has Windows 7.
I need to connect to the VM and redirect the X11 output of the commands to my host.
I know that if my host were a GNU/Linux machine it would be as easy as ssh -X .
I'm ussing PuTTy to connect by SSH to the VM, I tried enabling X11 forward option in PuTTy config, but nothing happened.
I'm trying to forward the X session to my Windows laptop (using Xming and putty), and I have no problem opening new programs such as gedit and having them forward, but how would I forward something such as a Firefox window which is already open and running? I don't want to shut it down and restart it. Is there any way of forwarding something that's already running? And if so, can I "unforward" the X session without closing the program down?
View 2 Replies View RelatedI've spent pretty much the whole night trying to figure out how I can achieve the following: If a certain Keyword, say [key], is in the subject line, then the email is forwarded to a list of people.
My recipe (now) looks like this:
Code:
:0
* ^Subject: .*[key].*
! my-email@gmail.com
The (verbose) procmail logfile gives me this:
[Code]....
Is my recipe wrong in any way? I pretty much copied it from available ones.
It's a university server, so I'm no admin, just a user. How can I figure out whether some setting that the admin made prevents procmail from calling sendmail or whatever?
I have an OpenGL program in a Linux server. I want to run the program remotely with X forwarding, but it fails, whereas programs such as xclock and xeyes work fine. (I confirmed that the program works in the local desktop environment.) Below is additional information.
Test Code:
#include <GL/glut.h>
#define WIDTH 300
#define HEIGHT 300
void display()
[Code]...
How do I setup Self Port Forwarding on Fedora 13 x64 How Port Forwarding Works Port forwarding allows access to a local area network by a remote user through forwarding ports that provide ftp access and web server access. The operating systems use a kernel or ipfirewall to carry out the port forwarding process.
There are several different ways that port forwarding is accomplished. * Self Forwarding: Self forwarding is port forwarding that is accomplished on a local area network that has multiple computers connected to the network. Since all of the computers share the same IP address, the port forwarding must be conducted within each computer on its own system. If the local area network router has a network access translator then the computers that are connected to the router must also do port forwarding within their own system.Port forwarding can be accomplished with Unix systems however the port can only be accessed by the root administrator. This is a less common method of port forwarding due to the fact that using a root administrator poses risks to the system because the users will often take a detour to a higher port number to gain faster access to the server.Double port forwarding involves the use of multiple routers that join computers on a local area network. As a result, the ports on one router are forwarded to another router that acts as a gateway. The gateway router then forwards to a host on the local area network (LAN). This type of port forwarding involves the communication of several components which include the session server, session client, and session port. When the user establishes a connection the session server will connect to one of the session ports that are to be forwarded which will in turn, forward the port to the session client. Reverse port forwarding is used when access is required to a port that is protected behind a firewall.
While port forwarding is convenient, there are a few things to be aware of when using this type of technology. If you use port forwarding only one port can be used at a time and the machine that is receiving the port forwarding can only view the information as coming from the router instead of the original machine. Additionally, port forwarding can open up network access to other machines that may be able to find the port forwarding by gaining unauthorized access. I know how to setup port forwarding in my router along with Dyndns.org free ED, but my local area network has multiple computers connected to the network on my router. All of the computers share the same external (public) dynamic IP address; when I setup port forwarding only my Web Server can access the internet, so how do I setup Self Port Forwarding on Fedora 13 x64
[Code]...
I am trying to set up a new user account I can give to friends so they can SSH into my forward computer, and only allow forwarding of certain ports.
I do not want my friends to have a shell, or be able to change what ports to where they are allowed to forward.
example session: joe(friend) connects using PuTTY (that I have pre-set, he isn't good with computers) to example.com(my Internet facing computer) forwarding ports 8080,1990,25565 to him(with what ever end ports he wants, preferably they stay the same numbers) example ssh command to do similar (but he can still change the ports on my computer!)
ssh -N restricteduser@example.com -p443 -L8080:192.168.1.2:8080 -L1990:127.0.0.1:1990 -L25565:127.0.0.1:25565
is it possible to also leave default SSH functinality for all other users but this one?
I found this when I was searching google, but alas, I did not quite understand what was being suggested, and I don't think they covered restricting port forwarding
So unfortunately I live in a place that will not let me have a static IP, so I have been setting up access to my home computer via reverse SSH tunnels that run on an micro amazon ec2 instance. I have gotten SSH to work fine, but I cannot figure out port forwards.Here is a small infographic I made to help illustrate (i felt the question was clearer with a diagram of what I was trying to do. Here are the commands listed in the graphic:I the following on my home computer: ssh -R 1337:localhost:22 -i .ssh/tokyoMinekey.pem ec2-user@ec2serveraddressand I run this on the ec2 server: ssh -L6600:localhost:6600 -Nf localhost -p 1337
View 2 Replies View RelatedI need create ssh forwarding to other linux box that works as a proxy.I have two linux boxes(centos 5.5), one in the office(server1) behind firewall, other at colocation(server2)server1 has squid proxy instaled on port 3128.i cant use server1 as a direct proxy from home because its behind firewall.iwas able to create ssh tunnel from server1 to server2 and when i log in to server2 ican ssh root@localhost -p 12312 to server1
what i need is configure server2 so it forwards port server2:3128 to server1:3128....and i could add server2 ip addres and port to firefox proxy's and access ofice network.
I was having trouble setting up a db connection from my local machine to a db server that was configured to only accept connections from machines behind its own subnet. I had trouble setting up a multiple hop tunnel for chaining port forwarding through my firewall machine on the same subnet as the db. My first attempt involved two port forwards, on localhost and on the firewall machine, which didn't work for me. This approach I found at URL... involved constructing an end to end connection to the db via the firewall machine.
View 2 Replies View Related- I setup port forwarding of openssh :
connect 1: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22222:ip-server1:161
- Then I setup second connection
connect 2: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22223:ip-server1:3306
- Openssh waring to me "bind: address already in use"
- So I think port 22223 have had another program use,I use command:
ps aux | grep ssh /* find process id of second connection */
kill -9 <process-id-second-connection>
netstat -an | grep 22223 /*find which program use port 22223> */
- but I can't find anywhat
- Then I run again command :
connect 2: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22223:ip-server1:3306
- And I receive a error from OpenSSH :" bind: address already in use"
Right now I have a VPS that I tunnel through using SSH/Putty/Proxycap. I use it for a certain program which uses a certain port X for authentication, and a different port Y for its data. However, due to certain security protocols I need port X to be somewhat "transparent" so that the IP from the originator will be shown - whilst tunneling data through port Y. The conditions though, are that I cannot just change the X/Y port values in the application itself, these are company specific.
How would I go about doing this? Because right now, my understanding is that if Putty calls for a certain application to go through a socks server, ALL its ports will be directed at that. I want a certain port to be passthrough.
Say I have Computer A behind a router with NAT. I'm unable to add any port forwarding rules to that router. Then I have Computer B with a public IP address that I want to forward X windows from. This computer is headless, but does have a video card so X windows can be used. Here are some of the things I'd perform to setup my scenario.
1. Computer B, I'd run xhost + public_ip of NAT router.
2. Make sure that computer B's sshd service has X11 forwarding enabled.
3. SSH from Computer A to Computer B with the X windows forward option.
4. Once in Computer B, set the DISPLAY env variable to the public_ip of NAT router.
5. On Computer B run xclock.
At this point I'd expect to see an instance of xclock originating from Computer B onto my desktop. However this obviously won't work. The problem is that when the request is made to Computer B to forward the instance of xclock to Computer A the forwarded instance of xclock will get stuck at the NAT router. Without a port forwarding rule the NAT router will not know which internal IP to route the instance of xclock.
Here's my question. Is there any way for Computer A to initiate a connection to Computer B and then forward the instance of xclock? That way if it uses that same connection the NAT router will know which internal IP to route it to because it would be an active connection in the router's routing table. Or is there an alternative? Of course I can vnc into another computer outside the NAT network and then forward an X window to it just fine. But in the spirit of expanding my knowledge on X windows I'd like to see what is possible.
I also had ever tried all methods they mentioned, but my problem is still there. I am using a MAC OS X 10.6 ssh a remote redhat server. I hope to see X of redhat on my own MAC. Below is what I've done: 'MAC_ip' stands for my mac; 'redhat_ip' stands for redhat server.
1) ssh to redhat server
2) change to root
3) type command: DISPLAY=MAC_ip:0.0
4) type command: export
5) Back to MAC
6) change to root
7) type command: xhost +Redhat_ip
8) vim /etc/ssh_config, add X11Forwarding yes
9) Back to redhat, type: xclock
I got below message: Error: Can't open display: MAC_ip:0.0 I also tried some methods to login as others suggested:
[Code]....