You need htpasswd executable for enabling password protection in Nginx webserver. Mod_Auth is a core module of Nginx webserver. But it does not come with a htpasswd equivalent tool. Normally people use the htpasswd provided by Apache webserver. If you have not installed apache then chances are that you dont have these tool. I did not have this tool and my search on the internet did not yeild this executable.
So I am sharing the htpasswd executable that I built on a Debian 4.1 (X86) machine. If you are unable to execute this on your platform then you need to build from the source. You can download Apache 2.2 source from this link, from which I built the htpasswd executable.
To build htpasswd executable.
Download and untar the Apache source.
cd httpd2.2.11/support ( htpasswd is in this directory )
Samba is a very powerful software that can act as File-server & print-server using SMB/CIFS protocol. Here I describe a Home environment and provide a appropriate Samba server configuration.
|Samba is installed correctly and it execute with out issues.
Samba configuration file is located in /etc/samba
Samba Configuration file name is smb.conf ( This is the default )
Samba is installed on Debian Linux distribution. ( This should not matter much )
Description of the Mr Lingsiva’s Home Environment
- A Linux server with huge disk-space
- A Mac desktop system
- A Windows XP desktop
- Office Laptop that needs to work in both Office and Home environment
- A DSL Internet from ISP. DSL model Cum wireless router acts as the firewall for Home Network
- All these computers form a private network behind the firewall and Wifi security is enabled for wireless connections.
Samba File Server Requirements
- A common folder accessible to all home computers and office laptop while operating under home profile.
- A private folder for each of the family members
- The common folder should be available only for the trusted systems. That is,
the systems I identify as trusted. For example, if one of my friend
visits my house and plugs his computer in my network, the common folder
should not be accessible from his computer.
- Private folder of User A should not be accessible by User B
- Samba service is only available with in the private network and must not be accessible from the Internet.
Links to Refer
smb.conf File That Satisfies The Above Requirements
netbios name = squad
server string = Siva’s File Server
invalid users = backup,bin,daemon,games,gnats,irc,list,lp,mail,man,news,proxy,root,sshd,sync,
workgroup = HOME
os level = 34
valid users = @users
browseable = yes
comment = Common folder for family members
path = /path/to/directory
writeable = yes
force group = users
create mode = 770
directory mode = 770
browseable = no
read only = no
WEbmin is an excellent tool to do Unix/Linux System Adminstratio/Configuration. The configuration interface is just a plain internet browser. Moreover it is free as well.
Visit Webmin to download the webmin package for your linux/unix distribution.
Here, i have used Ubuntu/Debian Distribution.
First, install the webmin package. If the webmin install package is in .deb format, then issue the below command
sudo dpkg –install webmin_1.390.deb
If the required perl modules are already installed, then you will not see any dependency errors. If you do see, then you need to install all the dependency.
i am installing the whole perl and other perl modules required by webmin.
sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl
sudo dpkg –install webmin_1.390.deb
You should be all set now.
If you are inside a corporate network, the chances are that you can only access the internet through the http-proxies.
This snippet shows you how to setup the proxy address for apt-get, wget and such programs to access internet.
In Bash Command Shell, execute
proxy-address is your proxy server address.
For example if your proxy server address is proxy1.mydomain.com and port is 8080 then
in .bashrc file , type the following
This article describes what needs to be done to have a SSL ( HTTPS) enabled site on CentOS 4.5. This should work on other distro’s as well but i have not tested.
Apache 2 Webserver
OpenSSL is installed and functional
In possession of Domain Name. If not obtain one from many Domain Name sellers like GoDaddy
- Generate a RSA Private Key
sudo openssl genrsa -out my.key 1024
- Generate a CSR ( Certificate Signing Request ). The CSR must be signed by private key “my.key” generated in the step 1. Please note you must enter at least your domain name as highlighted below in bold.
openssl req -new -key my.key -out mysite.csr
Country Name (2 letter code) [GB]:SG
State or Province Name (full name) [Berkshire]:Singapore
Locality Name (eg, city) [Newbury]:Singapore
Organization Name (eg, company) [My Company Ltd]:NA
Organizational Unit Name (eg, section) :NA
Common Name (eg, your name or your server’s hostname) :your.domain.com
Email Address :firstname.lastname@example.org
Now you need to take mysite.csr to a Certificate signing authority to get your SSL Certificate.
I used a free Certificate authority named CAcert.org . Very highly recommended by open source community. But the issue is that many mainstream browsers do not automatically recognize CAcert. So for first time visitors, a warning will pop up. Just accept it permanently. After this, the pop up wont show when ever you visit from the same browser.
- First signup with CACert. Once done, then go to the next step.
- Then click on “Domains->Add” as shown below
- Then add your domain in the provided textbox
- Cacert will do a domain verification by sending an email to your registered email address. Open your email and click on the link sent to you by the CAcert.
- Then Click on “Server Certificate ->New” to get a new certificate for your site.
- Open the CSR file “mysite.csr” you created above and cut and paste the content of the file into the provided text box and click submit
- CAcert will show the certificate file. Copy and store it on a file named mysite.crt. (filename can be anything )
- Configure SSL options in httpd.conf file.
An example SSL enabled virtual host configuration is shown below for your reference