Archive for the 'linux' Category

Jan 18 2009

htpasswd executable for Nginx running on Debian

Published by under linux,Nginx

You need htpasswd executable for enabling password protection in Nginx webserver. Mod_Auth is a core module of Nginx webserver. But it does not come with a htpasswd equivalent tool. Normally people use the htpasswd provided by Apache webserver. If you have not installed apache then chances are that you dont have these tool. I did not have this tool and my search on the internet did not yeild this executable.

So I am sharing the htpasswd executable that I  built on a Debian 4.1 (X86) machine. If you are unable to execute this  on your platform then you need to build from the source.  You can download Apache 2.2 source from this link, from which I built the htpasswd executable.

To build htpasswd executable.

Download and untar the Apache source.

./configure
make
cd httpd2.2.11/support ( htpasswd is in this directory )

One response so far

Jan 11 2009

Configuring Samba as a Home File-Server

Published by under linux,Nginx

Samba is a very powerful software that can act as File-server & print-server using SMB/CIFS protocol. Here I describe a Home environment  and provide a appropriate Samba server configuration.

Assumptions

Samba is installed correctly and it execute with out issues.
Samba configuration file is located in /etc/samba
Samba Configuration file name is smb.conf ( This is the default )
Samba is installed on Debian Linux distribution. ( This should not matter much )


Description of the Mr Lingsiva’s Home Environment

  • A Linux server with huge disk-space
  • A Mac desktop system
  • A Windows XP desktop
  • Office Laptop that needs to work in both Office and Home environment
  • A DSL Internet from ISP. DSL model Cum wireless router acts as the firewall for Home Network
  • All these computers form a private network behind the firewall and Wifi security is enabled for wireless connections.

Samba File Server Requirements

  • A common folder accessible to all home computers and office laptop while operating under home profile.
  • A private folder for each of the family members
  • The common folder should be available only for the trusted systems. That is,
    the systems I identify as trusted. For example, if one of my friend
    visits my house and plugs his computer in my network, the common folder
    should not be accessible from his computer.
  • Private folder of User A should not be accessible by User B
  • Samba service is only available with in the private network and must not be accessible from the Internet.

Links to Refer

http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html

http://oreilly.com/catalog/samba/chapter/book/index.html

smb.conf File That Satisfies The Above Requirements

[global]
netbios name = squad
server string = Siva’s File Server
invalid users = backup,bin,daemon,games,gnats,irc,list,lp,mail,man,news,proxy,root,sshd,sync,
sys,uucp
workgroup = HOME
os level = 34
valid users = @users
security=user

[common]
browseable = yes
comment = Common folder for family members
path = /path/to/directory
writeable = yes
force group = users
create mode = 770
directory mode = 770
[homes]
browseable = no
read only = no

Comments Off

Dec 26 2008

Installing Ubuntu/Debian from USB Thumbdrive to a CDDrive-Less and Floppy Less System

Published by under linux,Ubuntu

I wanted to install Ubuntu 8.04  on a system that did not have a CDROM drive and floppy. So  I had to install from a USB stick. Installation from USB stick is not straight forward either. Hence, I thought of sharing how I installed the OS. Please follow the steps below:

  1. Get a USB thumdrive with atleast 1 GB freespace.
  2. Format the drive using Windos Format tool
  3. Download syslinux . Syslinux utility is avilable for both Linux and WIndows. I downloaded Windows version. Follow this link to learn more about SysLinux. Syslinux is used to install the bootloader on the USB Drive
  4. Insert the thumbdrive into your Windows machine and open a command window
  5. Execute  syslinux.exe -m -a -d e: ( Here e: is assumed to be the Drive letter for the USB thumbdrive. ). After this command, you should see syslinux.cfg in the root dir of the thumbdrive.
  6. Download Ubuntu 8.04 ISO image to your local drive.
  7. Using “Winrar” extract the ISO image on to your harddisk. This is needed to copy some files into the USB thumbdrive.
  8. Download initrd.gz and vmlinuz files  for Ubuntu 8.04 ( Hardy ) from this link. These files are required for installing from USB Thumbdrive. ( NOTE: If you want to install a different version of OS, Say 8.10, then you need to download these two files that was built for that version of OS. For example, for 8.10, these two files for Ubuntu 8.10 are  here)
  9. Copy the following into USB thumdrive root folder
    1. copy the contents of isolinux into the root dir of USB thumbdrive. (To be unambigious:  isolinux is a folder you get when you extract the 8.04 iso image  )
    2. create a directory named “install” and copy “initrd.gz” and “vmlinuz”  into this folder.
    3. copy the whole 8.04 iso image into the USB thumdrive. ( To be unambiguous: You need to copy the whole ISO image and NOT the extracted files )
  10. Rename isolinux.cfg to syslinux.cfg
  11. Plug in your USB thumbdrive
  12. Power your  system  (Make sure that you have set your Bios to boot from USB-HDD )
  13. Ubuntu install screen will be presented and follow the instructions to complete Ubuntu 8.04 Installation

Comments Off

Jan 25 2008

How to install webmin on Linux

Published by under linux,Ubuntu

WEbmin is an excellent tool to do Unix/Linux System Adminstratio/Configuration. The configuration interface is just a plain internet browser. Moreover it is free as well.
Visit Webmin to download the webmin package for your linux/unix distribution.

Here, i have used Ubuntu/Debian Distribution.
First, install the webmin package. If the webmin install package is in .deb format, then issue the below command

sudo dpkg –install webmin_1.390.deb

If the required perl modules are already installed, then you will not see any dependency errors. If you do see, then you need to install all the dependency.
i am installing the whole perl and other perl modules required by webmin.

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl

Now run
sudo dpkg –install webmin_1.390.deb

You should be all set now.

Comments Off

Jan 23 2008

Setting up apt-get, wget to use http-proxy

Published by under linux

If you are inside a corporate network, the chances are that you can only access the internet through the http-proxies.

This snippet shows you how to setup the proxy address for apt-get, wget and such programs to access internet.

First method:

In Bash Command Shell, execute

export http_proxy=http://proxy-address:portnumber

proxy-address is your proxy server address.

For example if your proxy server address is proxy1.mydomain.com and port is 8080 then

export http_proxy-http://proxy1.mydomain.com:8080

Second Method

in .bashrc file , type the following

http_proxy=http://proxy-address:portnumber

export http_proxy

Comments Off

Jan 20 2008

How to obtain and install SSL certificates on CentOS 4.5

Published by under linux,Security,SSL

This article describes what needs to be done to have a SSL ( HTTPS) enabled site on CentOS 4.5. This should work on other distro’s as well but i have not tested.

Assumptions

Apache 2 Webserver

OpenSSL is installed and functional

In possession of Domain Name. If not obtain one from many Domain Name sellers like GoDaddy

  1. Generate a RSA Private Key
    sudo openssl genrsa -out my.key 1024
  2. Generate a CSR ( Certificate Signing Request ). The CSR must be signed by private key “my.key” generated in the step 1. Please note you must enter at least your domain name as highlighted below in bold.

openssl req -new -key my.key -out mysite.csr

Country Name (2 letter code) [GB]:SG
State or Province Name (full name) [Berkshire]:Singapore
Locality Name (eg, city) [Newbury]:Singapore
Organization Name (eg, company) [My Company Ltd]:NA
Organizational Unit Name (eg, section) []:NA
Common Name (eg, your name or your server’s hostname) []:your.domain.com
Email Address []:your@email.com

Now you need to take mysite.csr to a Certificate signing authority to get your SSL Certificate.

I used a free Certificate authority named CAcert.org . Very highly recommended by open source community. But the issue is that many mainstream browsers do not automatically recognize CAcert. So for first time visitors, a warning will pop up. Just accept it permanently. After this, the pop up wont show when ever you visit from the same browser.

  1. First signup with CACert. Once done, then go to the next step.
  2. Then click on “Domains->Add” as shown below

  3. Then add your domain in the provided textbox

  4. Cacert will do a domain verification by sending an email to your registered email address. Open your email and click on the link sent to you by the CAcert.
  5. Then Click on “Server Certificate ->New” to get a new certificate for your site.

  6. Open the CSR file “mysite.csr” you created above and cut and paste the content of the file into the provided text box and click submit

  7. CAcert will show the certificate file. Copy and store it on a file named mysite.crt. (filename can be anything )
  8. Configure SSL options in httpd.conf file.

An example SSL enabled virtual host configuration is shown below for your reference

NameVirtualHost *:443
<VirtualHost *:443>

ServerName your.domain.com
DocumentRoot /var/www/public

SSLEngine on
SSLCertificateFile /etc/httpd/mysite.crt
SSLCertificateKeyFile /etc/httpd/my.key
SSLVerifyClient optional

</VirtualHost>

Comments Off

Next »