I am trying to remove the ability to login with password so, I follow the procedures I have found to generate a key, copy it on the server and after editing the sshd_conf file to set PasswordAuthentication to no, after I restart ssh, I find my self locked out of it....
View 5 RepliesIn Ubuntu 10.10 I want to have a shell script execute on bootup after everything else is done, *just* before the computer gets to and sits at the login screen. I find this easy in CentOS/Red Hat. If I place my scripts in /etc/inittab near the end, right after the mingettys, that is PERFECT. But Ubuntu has no /etc/inittab and I have spent the past few days going over and over and OVER more info about Upstart and the rcX scripts and I can't seem to get it. Anything I place in an rcX script runs too late, only after the machine is past the login screen i.e. a human must log in first. And I would rather not have to enable auto-login. I've heard that Ubuntu will honor an /etc/inittab file if you create one, and it does, but that too runs too late, only after a human has logged in. Can anyone tell me where a script should be placed in Ubuntu to execute after all system initialization is done, but before human interaction is required?
View 3 Replies View RelatedI choose not to run a login manager on my systems, instead opting for a tty login and then invoking xinit manually (slightly long story, it makes my life a lot easier to have a bunch of environment tweaks that my login shell sets up and has the rest inherit), but this leaves me with a security issue if someone else comes upon my PC, because even if I've locked my X session they can switch to a tty and kill my X session, dropping back to a shell.
I can either
Start running xinit; logout (which still has a race condition issue, if they get another Ctrl+C in before logout is invoked it'll give a shell) Try to disable the tty switching keys in X Wrap xinit in something to catch and ignore the signal from the Ctrl+C
I have created a Joomla! website on a subdomin that I host. The site has a mangement section URL... and I am trying to secure the administrator section only using SSL/https.So far I created the self-signed certificate and installed mod_ssl. I have added a *:443 virtual hosts in my httpd conf .This is really confusing me because the page exists, it works for http and https is just another protocol. Its almost like ssl does not have permission to access those files... Is there something im missing in ssl.conf or http.conf?I am not entirely sure I am going about this the right way.
I had a quick search through the joomla forums and found lots of errors, but not really any instructions. I have done some google searches and there seems to be about 10 different ways to skin the cat.
I am quite new to Squirrelmail but got it working at the first place. Then, with the intention to secure login and data flow, I downloaded and installed the secure login plugin. However, just right after that, I started to get "the connection was interrupted" messages in firefox. I guess that it has something to do with SSL, probably I need to configure that in Apache, not sure. Unfortunately the README and INSTALL files are rather compact in the plugin and I struggle to find a step-by-step tutorial on what needs to be done in order to make it work.Would someone be able to give me a hint on where to find such an information or tell me what else I need to do besides the 3 points written in INSTALL?
View 1 Replies View RelatedI just used dd to clone a linux partition to a new hard drive, it had 800mb left on the old hard drive, after dd, new hard drive lists 1.29/1.3 terabytes full. Is this what happens by default in dd? How can I fix this?
View 1 Replies View RelatedI am using Red Hat and was wondering how to disable username and password only login and require that a PPK secure key file be used for authentication ? I can log in using the secure private key and the public key that is in ~/.ssh/authorized_keys but i can still log in using the plain username and password login.
View 2 Replies View RelatedI'm trying to setup an open-source project, I have a couple of developers on the team but nobody has experience with Apache. I would like to setup a simple home server for Bugzilla on Ubuntu 10.04, so my question is, is there a server that comes secure out-of-the-box so that simply adding files to /htdocs would suffice?
View 1 Replies View RelatedRequirements
1) Can be integrated into web browser (so when click on chat the a window will open for chat with technical support executive:- It will be basically used for TS)
2) Must Have option to transfer file between costumer and TS execut
3) No installation on part of client
Basically it chat support as any other company on net... Like Symantec and all(Not That big thought)Any one know or have experience in this(setting up is relatively simple for me i need info on any particular software that i should try)Currently thinking about experimenting with ejabber... If that a bad choice i will loose lot of time and be behind schedule by miles.
I would like to set up a proxy server at home which i can use to access sites from work. I was thinking a web-page i log into and then a sort of use like a browser? like this for example, but where i can have a secure login
View 4 Replies View RelatedI am going to be away semi permanently and want to create a VPN that will allow me to act as if my laptop was connected to my home network.
All I want is for the drives to be accessible so I can use them for primary access as if they are in the laptop.
Questions:
1. Can I set up a Linux VPN that is secure using public WiFi (or however I connect to the net) when I am on the road?
2. I will be using a desktop (32 bit) as the server, what version of Linux would be best for this?
3. If my server is linux and the server drives are NTFS will they be accessible using a windows machine? (I will be double booting the laptop)
4. I would like to set up a pass-code that is stored on the laptop so that only that machine can get access.
This can be up to 255 characters and encrypted so it would be very hard to break. Even I would not know what it is. (I would store it on a pen drive and be able to recover it from there.)
One more. I might want to add separate users that only have access to their one drive, not the server drive. Is that OK?
I installed AWSTATS on my LAMP 10.04 LTS and followed several tutorials URL...) but I can't secure the folder, either by an alias or by .htaccess. I tried both methods manually and by using Webmin.If you go to the URL www.mywebsite/awstats/awstats.pl it shows up, which is good, but this is the default installation site and anyone who knows awstats could possibly see my stats. The conf folder is /etc/awstats/, and I did an alias for that, then .htacess, but neither worked. With the .htaccess, I would get a password promt but the full stats page was visible behind the password promt, and if you clicked "Cancel" about 20 times or so the promt would go away and the full stats page would be visible.
The actual file that powers awstats is in /usr/share/lib/cgi-bin/awstats.pl, and I also tried an Alias and .htaccess seperately and neither worked.I restarted apache2 after each change and I've searched several forums, but I still can't figure this out.
Seem my rotation part is not removing files older than 90 days. Anybody know what is wrong?
Code:
#!/bin/sh
#navigate to the desired backup location
cd /public/backup/linux
#dump the MySQL entirely, output file is dated
mysqldump -u root -pmt1jxz68f2 --all-databases > "`date +%Y%m%d`.sql"
#backup the web folder
[Code]...
I'm trying to figure out how to access the local part and the domain part of an email address in postfix's main.cf. For example, myname@mydomain.net has myname as the local part and mydomain.net as the domain part.I get the whole email address with %s. I want to speed up the lookups by writing better database queries.I've had no luck finding this in the otherwise well documented postfix.
View 2 Replies View Relatedwe have access to one domain name , 1 internet ip address and may servers hosting different part of site. I want them all to be accessed via same web site . some of the server in our network are embedded devices.they have their specific utility being hosted on that machine. So the severs are bound to be distributed . I just wanted to know how can I access them via single ip, domain name.
View 6 Replies View RelatedI'm running Ubuntu Server 9.10 and I'm looking to setup an FTP server. I have SSH running beautifully and it's accessible from any computer whether it be inside the network or coming in from the internet (provided you have the administrator username and password ). I've tried Proftpd and vsftpd and have failed miserably so far. Which FTP server application do you think I should go with and how could I go about setting it up through my SSH connection?
My current setup is this:
- Ubuntu Server 9.10 with Fixed IP of 192.168.1.100
- 500GB Hard Drive
- SDA1 = 512MB ext2 /boot
- SDA2 = 2GB swap
- SDA3 = 20GB ext4 /
- SDA5 = 438GB ext4 /home
- One User (Username = administrator)
- Full SSH Capabilities
- IP Address to DNS provided by www.dyndns.org
- WRT120N Router with Remote Access and Port 22 Open
I basically want to set up a secure FTP server that anyone on the internal network can access as well as anyone from the internet (as long as they have a username and password). I want to setup a username and password for each user so that they all have read/write access to the same folder in my /home partition (I'll call it FTPSHARE).
how to setup a secure and reliable server, i have three ubuntu 10.10 servers a Dell PowerEdge 850,1850 and 2850 which has a Dell PowerVault 220s attached to it.The Dell PE850 Server Consists of:
Intel Pentium D 3.0GHz
4 GB RAM
Eventually 2x250GB Sata Hard Drives
The Dell PE850 Server Consists of:
2xIntel Xeon Processors 3.4GHz
4 GB RAM
2x76GB SCSI Hard Drives RAID 1
The Dell PE850 Server Consists of:
2xIntel Dual Core Processors 2.8GHz
4 GB RAM
6x76GB SCSI Hard Drives RAID 5 (pretty sure)
Dell PowerVault 220s
I would like to setup a reliable webserver, mail server, DNS and Dynamic DNS, DHCP, SQL, FTP, Samba (with Roaming Profiles), PXE Boot Server.I know how to setup most of the server modules, i would just like to know the best way to do it tho. I also want to no how to setup the secuity of the system correctly, and setup and partition up my hard disks to allow for the best reliabilty, even when a server crashes.I would like to now how to set these servers up from start to finish in a sence.
I am going to set up a file server on Ubuntu. I have searched a while, but can't seem to find a guide to what I want. The requirements specifications are the following:File server: possible to upload, change and download files.Linux (Ubuntu) clients, Windows clients if possible.Access restriction to deny access to other than registered users.Only the user should be able to read the content of the files.Ideally root should not be able to see the individual files, but in worst case it is ok for root to see the files.Root should not be able to open the files.Point 1-3 is easy to find out how to set up. But I can't seem to find a way to deny root to view the files. The only solution I can think of is to encrypt files or a whole folder, but I don't know how to set it up.
The setup is for a home network, but the server used as a file server will have a web server as well. If someone manages to get access to the server I don't want them to be able to read the files.
On a windows system I installed xampp, and let web applications on the computer be acceseable via internet . On a forum I was firmly instructed that it was an unsecure pracsis.Now I saw on utube, that it is possible to install apache and php on ubuntu 10.04 lts desktop edition.
q1: What shall I install to get apache and php and sql databases?
q2: Is runnings web applications that are acceseable via internet on a ubuntu desktop edition with the above descripted software also unacceptable in terms of security, or is it a productive secure platform. I was told that productive platforms are ok to connect to the internet.
Know any documentation or software packages to do a open source "File Hosting" or also known as "one-click hosting" server.I want to create my own private secure site to easily have clients download sensitive files. If it could be setup to use SSL that would be great.
View 1 Replies View RelatedI would like to use my Ubuntu server machine as a proxy so I can browse a little more securely/privately while I am traveling. I connect to a lot of open Wi-FI networks.I have Squid setup on an old laptop running Ubuntu Server 10.10 at home, and the main machine I will be using to connect to the proxy is a computer running Windows Vista.I am able to connect and use the Ubuntu Server machine as a proxy while traveling with the squid config file modified with http access set to 'allow all'.
Obviously this isn't the ideal setting.After lots of reading and Googling I can't figure out how to allow only my Vista laptop to use the proxy.I'm a little lost with the ACL settings required.
I installed Postfix, Roundcube (webmail) and Dovecot. Postfix stores the e-mails in maildirs located at /home/postfix/maildir/[user]@[domain]. Now I set the mail_location configuration option in Dovecot to: mail_location = maildir:/home/postfix/maildir/%u@%d The problem I run into is logging in with [user]@[domain]. Right now I can only login with [user] (without @[domain]), which makes the mail_location invalid (no e-mails can be found). How could I configure dovecot to use the domain name as well as part of the username?
View 8 Replies View RelatedIn bootseqence of linux, the first step is check the CMOSRAM(size 64bytes) setup for custmor setting. So i am just confused wether CMOSRAM is a part of motherboard or is a part of RAM itself.
View 4 Replies View RelatedI was planning on using my VPS to grant some of my friends shells. The problem though is that I don't want them doing crazy stuff on it, like using up all my RAM or disk space. I would like to limit them to a very small 25 mb disk space, and allow them only certain application in /usr/bin like python perl irssi screen etc. I do NOT want them to be able to cd out of their home directory. I really want this to be setup like the shell provider SHellium. I can setup the FTP and SSH stuff myself.
View 3 Replies View RelatedI'm running a server using ubuntu 10.04 x64. I want to disable access of groups to "bin" folder so they cannot execute commands.
[info: actually because of a bug in cPanel (the control panel I installed) Perl will give access to all hosting users to execute commands.]
So what I wanna do is to ban some groups on 'bin' folder, for example 'my_group1' and 'my_group2" cannot access bin but 'my_trusted_group' can access it. How is it possible?
I've been having some problems w/ a my RAID 5 array, and after extensive investigation, I'm fairly sure that my last resort is rebuilding the array. I'd tried --assemble, b/c it's a previously created array, but it didn't seem to like that. So, I checked into --create, and it will re-create the array w/out destroying the data, if the superblocks are persistent, which they seem to be. However, here's what I get:
[Code]....
My question is: why do /dev/sdb1 and /dev/sdi1 show as both ext2fs and also as part of a RAID array?
I currently run Win 7 and want to upgrade my computer to a server to accomplish the following... I have a VPN Service. I want the server machine to connect to a VPN providing a secure connection. Then, I want all the machines in the house (windows based) to connect through the server onto the VPN connection. Hopefully this makes sense. Would it be better to stick to Windows Server 2008 or switch to Ubuntu?
View 5 Replies View RelatedAfter securing webmin on my web server, with a custom SSL connection.I wanted to do the same with phpMyAdmin. But I am unsure of where to look for the best tutorial(s) to do this, can anyone help?Plus I saw once at work our network tech adding in accounts but then allocating that to the login itself.For example, when your brought up with a .htaccess prompt in the browser, thats assigned to you login within phpMyAdmin, taken from the db server no doubt, is it possible to do this?Should there be anything else I need to know in securing mysql?I have limited all services to a set number of IPs so non of its publically functional at the moment so I can take as long as possible, but naturally I'd like to be able to be as speedy as possible about getting this sorted.
View 7 Replies View RelatedI just installed FC12 x86_64. After a clean install I found that httpd, mysql, svn, svnadmin, etc are already installed. I still need to install and configure tomcat running as a worker behind httpd and configure everything. But my question is about security. What do I need to do to ensure that when I start httpd and mysql that they are secure? Are there default settings that I need to change? Are there security patches I need to apply?
System Config:
Fedora Core 12 x86_64
AMD Athlon II X2 250 3.0 GHz dual core
GIGABYTE GA-MA785GM-US2H
G.SKILL 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 1066 (PC2 8500) Dual Channel Kit Desktop Memory Model F2-8500CL5D-4GBPK
As far as I know, servers are stable and don't go down easily, but every single server will eventually go down some day, either from hardware/software failure or from hacking.
But as sysadmins, our job is to keep servers running healthy as long as possible.
So I'm conducting another short survey (I might start more survey threads, and thank everyone for kindly replying my previous post):
1. Have you encountered server failures? What's the most common cause for server failure?
2. What is your most important trick in avoiding your server go down?
3. What security rules do you follow to protect your servers?