Install vsftpd
# apt-get install vsftpd libpam-pwdfile
Configure vsftpd
Add the following line in /etc/vsftpd.conf
virtual_use_local_privs=YES
guest_enable=YES user_sub_token=$USER
local_root=/home/ftp/$USER
chroot_local_user=YES
hide_ids=YES
Edit /etc/pam.d/vsftpd
Comment all the default setting and add the following lines
auth required pam_pwdfile.so pwdfile /etc/vsftpd-passwd
account required pam_permit.so
Create file to store virtual user and password
# htpasswd -c /etc/vsftpd-passwd
Create virtual FTP user
# htpasswd /etc/vsftpd-passwd john
Create user directory
# mkdir /home/ftp/john
Change directory permission
# chmod -R 707 /home/ftp/john
Restart vsftpd service
# /etc/init.d/vsftpd restart
DONE!!!
Tuesday, January 19, 2010
Wednesday, December 16, 2009
How to ssh without password
Sometimes we need to remotely copy and backup files to a backup server every night. In linux, it is very easy to do so.
Here's how...
At local host, generate ssh key.
1. guest@guest:~$ ssh-keygen -t rsa
2. Generating public/private rsa key pair.
3. Enter file in which to save the key (/home/guest/.ssh/id_rsa):
4. Enter passphrase (empty for no passphrase):
5. Enter same passphrase again:
Your identification has been saved in /home/guest/.ssh/id_rsa.
Your public key has been saved in /home/guest/.ssh/id_rsa.pub.
The key fingerprint is:
0c:51:be:1e:2d:1c:8f:34:18:b9:8e:21:a3:50:6e:95 guest@guest
After that, at the remote linux host, copy the file in /home/guest/.ssh/id_rsa.pub
Create directory .ssh
1. myhost@myhost:~$ mkdir .ssh
2. From guest, guest@guest:~$ scp ~/.ssh/id_rsa.pub myhost@myhost:~/.ssh/authorized_keys
3. Change to file permission, myhost@myhost:~$ chmod 600 .ssh/authorized_keys
4. Then now you can ssh into the myhost without any password.
5. guest@guest:~$ ssh myhost@remoteIPaddress
6. guest@myhost:~$
Then, you are ready to go...
Here's how...
At local host, generate ssh key.
1. guest@guest:~$ ssh-keygen -t rsa
2. Generating public/private rsa key pair.
3. Enter file in which to save the key (/home/guest/.ssh/id_rsa):
4. Enter passphrase (empty for no passphrase):
5. Enter same passphrase again:
Your identification has been saved in /home/guest/.ssh/id_rsa.
Your public key has been saved in /home/guest/.ssh/id_rsa.pub.
The key fingerprint is:
0c:51:be:1e:2d:1c:8f:34:18:b9:8e:21:a3:50:6e:95 guest@guest
After that, at the remote linux host, copy the file in /home/guest/.ssh/id_rsa.pub
Create directory .ssh
1. myhost@myhost:~$ mkdir .ssh
2. From guest, guest@guest:~$ scp ~/.ssh/id_rsa.pub myhost@myhost:~/.ssh/authorized_keys
3. Change to file permission, myhost@myhost:~$ chmod 600 .ssh/authorized_keys
4. Then now you can ssh into the myhost without any password.
5. guest@guest:~$ ssh myhost@remoteIPaddress
6. guest@myhost:~$
Then, you are ready to go...
Monday, March 30, 2009
PostgreSQL Need To Know
Installation
# apt-get install postgresql-8.3 postgresql-contrib-8.3
Note:
postgresql-contrib-8.3 contains additional facilities for postgresql
Configuration file location
# /etc/postgresql/8.3/main/postgresql.conf
# /etc/postgresql/8.3/main/pg_hba.conf
Actual location is /var/lib/postgresql/8.3/main/postgresql.conf
To configure connection for postgresql, edit pg_hba.conf
# "local" is for Unix domain socket connections only
local all all ident sameuser (default) -> meaning database user does not need password for database editin.
It should be changed from ident sameuser to md5, this will require password login for database user for security purposes.
Tuesday, March 24, 2009
Things I Learn Today
I have learned something today that I would like to share here.
Something useful in postfix,
# postqueue -p (list active queue)
# postsuper -d msgID (delete queue id)
# postsuper -d ALL (delete all queue)
Something useful in postfix,
# postqueue -p (list active queue)
# postsuper -d msgID (delete queue id)
# postsuper -d ALL (delete all queue)
Saturday, March 21, 2009
Feelings For Mother
My mom passed away a month ago. I was very sad as she has worked so hard to raise me and my sister and she has never rested enough until the day she passed away. I felt really guilty of not spending more time with her when she is still around.
My mom always encourages us to eat fruits and vegetables to stay healthy. She is a hardworking and a loving mother. She always worked non-stop not only at work but at home as well. I really felt ashame of myself of not helping my mom to do the household chores and be there when she needs me.
Today, I was cleaning my mom's room. I found some old photos of me, my sister and my mom together. When I saw those photos, those days were happy moments. I felt so sorry because I did not share my feelings with her and make her happy.
I have promised to my mom that I will take care of my sister and I will keep that promise.
Mommy, I Love You! You are the greatest mother in the world!
My mom always encourages us to eat fruits and vegetables to stay healthy. She is a hardworking and a loving mother. She always worked non-stop not only at work but at home as well. I really felt ashame of myself of not helping my mom to do the household chores and be there when she needs me.
Today, I was cleaning my mom's room. I found some old photos of me, my sister and my mom together. When I saw those photos, those days were happy moments. I felt so sorry because I did not share my feelings with her and make her happy.
I have promised to my mom that I will take care of my sister and I will keep that promise.
Mommy, I Love You! You are the greatest mother in the world!
Thursday, March 19, 2009
How to setup a Linux Debian Etch/Lenny Samba Server
Today, I would like to share my experience on how to setup a Linux Debian Etch Samba Server. I believe it works for Debian Lenny as well because I have upgraded my Linux Debian Etch Samba Server to Lenny successfully without any issues.
Here are the steps.
1. Setup a normal Debian Etch or Lenny server.
2. Install basic packages by using apt-get install such as ssh, sudo, apache2, php5, phpsysinfo and etc
3. Install Samba packages - samba, samba-common, samba-doc, smbfs, smbclient and swat
4. After install the packages, it's time to configure Samba for your clients.
First, add your clients by using adduser command.
# adduser john
Then disable remote login such as ssh, by editing file /etc/passwd
# vi /etc/passwd
Change /bin/sh to /bin/false for user john
# john:x:1002:1002:,,,:/home/john:/bin/false
Save the file.
Secondly, add related group to enable users in the group to share files.
Add group command
# addgroup itgroup
Add related users into the group
# vi /etc/group
# itgroup:x:1003:john (user john is added into itgroup to share files)
Save the file.
Now it's the time to configure Samba. Remember that we have installed swat during the step 3 above. It is Samba Web administration tool. To access this web page, go to http://ipaddress:901
It will prompt out username and password to login. To login, please use root and root password. You can configure anything inside the web.
Here's my working Samba configuration in /etc/samba/smb.conf
# Samba config file created using SWAT
# from 192.168.xxx.xx (192.168.xxx.xx)
# Date: 2008/12/17 12:35:30
[global]
workgroup = IT
netbios name = SAMBA
server string = %h server
encrypt passwords = false
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
os level = 64
local master = No
domain master = No
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
invalid users = root
read list = john
write list = jay (edit write list follow your own needs, write list users are users that own the folders)
hosts allow = 192.168.1.0/24, 192.168.2.0/24
[homes]
comment = Home Directories
valid users = %S
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
read only = No
browseable = No
[winreg]
comment = registry for windows
path = /usr/share/doc/samba-doc/registry
guest ok = Yes
[data]
comment = Data Directories
path = /data
admin users = jay
force user = jay
force group = itgroup
read only = No
create mask = 0640
directory mask = 0740 (only folder owners can edit the file)
inherit permissions = Yes (This setting will preserve the group permissions and ownership although the file owners have edited the files)
inherit acls = Yes
You can manually edit the samba configuration or edit the file by using swat. Both is the same. Remember to restart samba service whenever you change any settings in the samba configuration file.
Restart samba command -> # /etc/init.d/samba restart
After that, set samba password for your user login by using smbpasswd command.
# smbpasswd -c /etc/samba/smbpasswd (create a file to store samba password)
# smbpasswd -a john (add user john into the samba password file)
# smbpasswd -x john (delete user john from the samba password file)
After you have added related users, it is time for your clients to connect the samba server. Before that, your Windows client need to install the windows registry file in the samba server to enable blank username and password for Windows access. It has been configured in my configuration file above. The windows registry path is located at /usr/share/doc/samba-doc/registry
To access your samba server from Windows PC, type IP address and then access the folders. It will prompt out login name and password. If you are able to login with the correct password that created earlier, then your linux Samba server is ready for implementation. It's that simple.
More tips and tutorials coming soon. Enjoy!!!
Monday, March 16, 2009
TM SME Biz Net 2009
This morning I went to SME Biz Net 2009 at Star City Hotel organized by TM. There are three agendas during the session.
1.Talks about SMIDEC Grant
-> SMIDEC stands for Small and Medium Industries Development Corporation. It helps to promote and coordinate the development of SMEs in Malaysia.
-> For more information, please log on to http://www.smidec.gov.my
-> It is very helpful to new business starters. Take a look if you are interested to start a business.
2. SME Biz Net Package
-> The package basically includes Internet Broadband Services for business and also some other promotions. They also promote Toll Free number for SMEs.
-> I received a new information from TM presenter that they provide one stop solution from their new website that is http://www.tmsme.biz
The site is developed to provide information for SMEs in developing a successful business. It has latest news and events to be launched in the coming months.
3. E-Secure Solution by ESS
-> Basically, it is a simple and brief description of the importance of Internet security. TM also provides E-Secure in their Internet services for SMEs.
Overall, many business partners attended the event and I'm satisfied with the information provided.
1.Talks about SMIDEC Grant
-> SMIDEC stands for Small and Medium Industries Development Corporation. It helps to promote and coordinate the development of SMEs in Malaysia.
-> For more information, please log on to http://www.smidec.gov.my
-> It is very helpful to new business starters. Take a look if you are interested to start a business.
2. SME Biz Net Package
-> The package basically includes Internet Broadband Services for business and also some other promotions. They also promote Toll Free number for SMEs.
-> I received a new information from TM presenter that they provide one stop solution from their new website that is http://www.tmsme.biz
The site is developed to provide information for SMEs in developing a successful business. It has latest news and events to be launched in the coming months.
3. E-Secure Solution by ESS
-> Basically, it is a simple and brief description of the importance of Internet security. TM also provides E-Secure in their Internet services for SMEs.
Overall, many business partners attended the event and I'm satisfied with the information provided.
Subscribe to:
Comments (Atom)