Securely Administer Your Ubuntu Server Remotely

If you want to Administer Your Ubuntu Server Remotely in secure manner for your daily tasks or some maintenance for this you need to install SSH server.SSH provides you with the ability to remotely log in to your server and run commandsall over an encrypted channel. Plus, SSH offers a number of advanced functions that can make remote administration simpler.

Install SSH server in Ubuntu

sudo apt-get install openssh-server

This will complete the installation.the package will take care of creating the initial RSA and DSA keys you need, as well as providing you with a default SSH config.

Connecting to the server

Now you can connect to the server from other machines using the following command

ssh serveripaddress

Example

ssh 195.14.2.1

Configure SSH

The main configuration file located at /etc/ssh/sshd_config and the default configuration will enables remote root logins and X11 forwarding which is not good for your server security.So now we will disable these two options.

Disable remorte root logins

For this you need to search for the following line in /etc/ssh/sshd_config file

PermitRootLogin yes

and chnage this to the following one

PermitRootLogin no

Disable X11 forwarding

For this you need to search for the following line in /etc/ssh/sshd_config file

X11Forwarding yes

and chnage this to the following one

X11Forwarding no

After finishing your configuration you need to restart SSH server using the following command

sudo /etc/init.d/ssh restart

X11 Forwarding

If you want to use X11 Forwarding option so that you can connect your remote machine desktop using Xterm if you want to connect the X11 session you need to use the following command

ssh -X serveripaddress

Copy Files Securely using SCP

Another common need is to be able to copy files between servers you are administering. While you could set up FTP on all of the servers, this is a less-than-ideal and potentially insecure solution. SSH includes within it the capability to copy files using the scp command. This has the added benefit of copying the files over a secure channel along with taking advantage of any key-based authentication you might have already set up.

To copy a file to a remote machine use the following command

scp /path/to/file user@remotehost:/path/to/destination

If you need to copy from the remote host to the local host, reverse the above command

scp user@remotehost:/path/to/file /path/to/destination

if you need to copy an entire directory full of files to a remote location, use the -r argument

scp -r /path/to/directory/ user@remotehost:/path/to/destination/

If you are transferring logfiles or other highly compressible files, you might benefit from the -C argument. This turns on compression, which, while it will increase the CPU usage during the copy, should also increase the speed in which the file transfers.

Use the -l argument to limit how much bandwidth is used. Follow -l with the bandwidth you want to use in kilobits per second. So, to transfer a file and limit it to 256 Kbps use the following command

scp -l 256 /path/to/file user@remotehost:/path/to/destination

Advertisements

Setting Up a Telnet Server in Ubuntu

A terminal emulation program for TCP/IP networks such as the Internet. The Telnet program runs on your computer and connects your PC to a server on the network. You can then enter commands through the Telnet program and they will be executed as if you were entering them directly on the server console. This enables you to control the server and communicate with other servers on the network. To start a Telnet session, you must log in to a server by entering a valid username and password. Telnet is a common way to remotely control Web servers.

Install Telnet Server in Ubuntu

You will find the Telnet server installation packages in Synaptic under the telnetd package.If you want to install telnet server package you can also use the following command

sudo apt-get install telnetd

This will complete the installation.Now you Restart inetd service using the following command

sudo /etc/init.d/inetd restart

Once installed, select Administration, Services and enable Telnet

you can now fire up your other Linux box and type telnet . You are prompted to enter your username and password. The whole conversation should look like this

telnet 192.168.0.1
Trying 192.168.0.1…
Connected to 192.168.0.1 (192.168.0.1)
Escape character is ‘^]’.
Welcome to telnetserver
Running Ubuntu LAMP server

* All access is logged *

login: admin12
Password:
Last login: Sat Dec 25 1:05:1 from 192.168.0.1
[admin12@telnetserver ~]$

If you are using windows machine you can download telnet clients if you like like putty and teraterm to connect.

Note that the server responds with Welcome to telnetserver, running Ubuntu LAMP server, which is a customized message. Your machine will probably respond with Ubuntu and some version information. This is insecure: giving away version numbers is never a smart move. In fact, even saying Ubuntu is questionable. Edit the issue and issue.net files in your /etc directory to change these messages.

Running the w command now shows you as connecting from the external IP address.

Telnet is fast but also insecure. It sends all your text, including your password, in plain text that can be read by anyone with the right tools. SSH, on the other hand, encrypts all your communication and so is more resource-intensive but secureeven a government security agency sniffing your packets for some reason would still have a hard time cracking the encryption.

Install Oracle Application Server 10g Release 2 in Ubuntu

Oracle Application Server 10g offers a comprehensive solution for developing, integrating, and deploying your enterprise’s applications, portals, and Web services. Based on a powerful and scalable J2EE server, Oracle Application Server 10g provides complete business integration and business intelligence suites, and best-of-breed portal software. As the only platform designed for grid computing as well as full lifecycle support for Service-Oriented Architecture (SOA), Oracle Application Server gives you unmatched scalability, availability, manageability, and security.Create an ‘oracle’ user and ‘oracle’ group.

sudo adduser oracle

sudo addgroup oracle

Now you need to add user ‘oracle’ add ‘root’ to secondary list of groups

You need to chnage the permissions of opt directory using the following command

sudo chmod 775 /opt

Now you need Log out and log back in as oracle user

To fix a missing ‘ntcontab.o’ error, install the following packages

sudo apt-get install gcc make manpages-dev autoconf automake libtool flex bison gdb gcc-2.95-doc binutils

sudo apt-get install libdb1-compat

Download the Oracle Application file ‘as_linux_x86_core_101202.cpio’ from oracle site

Extract in local user directory

cpio -i –file=/

/as_linux_x86_core_101202.cpio -dcd Disk110

Run the installer using the following command

./runInstaller -ignoreSysPrereqs

At the end of the install near 95% if is says that it cannot verify that the instance is running(message:

/opmn/bin/opmnctl start), hit continue.That’s it. Let it do it’s initialization process. When it is finished exit.

Go to http://localhost:1156 for the admin console.

Source: Ubuntu Geek

Disable internet access for particular user in Ubuntu

This is very useful if you want to block internet access to your kids or particular users

First you need to edit the network interfaces file using the following comamnd

sudo vi /etc/network/interfaces

or

sudo gedit /etc/network/interfaces

Now you need to add the simple iptables rule to the interfaces file when the internet connection starts up

Simply add this under auto wlan0 or auto eth0 in the interfaces file

pre-up iptables -A OUTPUT -p tcp -m owner –uid-owner username -j DROP

save and exit the file.

Now you need to type in the terminal with the following command

sudo iptables -A OUTPUT -p tcp -m owner –uid-owner username -j DROP

and switch users to the username you blocked and try to access the internet.

How-To Recover password under Ubuntu

If you forgot you password for your ubuntu system you can recover using the following steps

Turn your computer on.

Press ESC at the grub prompt.

Press e for edit.

Highlight the line that begins kernel ………, press e

Go to the very end of the line, add rw init=/bin/bash

press enter, then press b to boot your system.

Your system will boot up to a passwordless root shell.

Type in passwd username

Set your password.

Type in reboot

Source: Ubuntu Geek

Create Disk Usage Reports with durep

durep is a perl script used for disk usage reports. It can generate text output with bar graphs to allow easy comparisons of disk usage between directories. It can also generate web pages which can be navigated through the directory structure. This allows easy visual monitoring of disk usage. durep was designed for monitoring disk usage in a more visual way than du. The du program works fine but doesn’t allow a lot of control over how the results are displayed. This perl script is designed to produce output more useful for reports.

Install durep in Ubuntu

Use the following command to install durep

sudo aptitude install durep

Using durep

durep Syntax

durep [OPTION]… [DIRECTORY]

durep Examples

1. “durep -w ~/durepweb -td 2″

This would print the directory tree starting from the current directory to depth 2 to the console and also create web pages in the directory ~/durepweb (this directory must exist).

2. “durep -f /var/spool/mail”

This might be useful for keeping a check on the mail directory. The “-f” switch tells durep to just scan files and not descend into directories. Since the “-w” switch is not present, no web pages are produced.

3. “durep -x -cp “/(etc|usr/share)” -ep “/var” /”

This more complicated version does the following. It scans the root filesystem only, hides the contents of any paths begining /etc or /usr/share and skips the contents of the /var directory.

4. “durep -q -sf durep.save /home ”

This scans /home and saves the results to the save fail durep.save. No text output is produced.

5. “durep -q -w ~/durepweb -lf durep.save /home ”

This reads the save file durep.save and produces a web report from it in the directory ~/durepweb. No text output is produced.

Source: Ubuntu Geek

Speed Up Firefox web browser

Mozilla Firefox is a graphical web browser developed by the Mozilla Corporation. Started as a fork of the browser component (Navigator) of the Mozilla Application Suite, Firefox has replaced the Mozilla Suite as the flagship product of the Mozilla project, stewarded by the Mozilla Foundation and a large community of external contributors.

Mozilla Firefox is a cross-platform browser, providing support for various versions of Microsoft Windows, Mac OS X, and Linux. Although not officially released for certain operating systems, the freely available source code works for many other operating systems, including FreeBSD,OS/2, Solaris, SkyOS, BeOS and more recently, Windows XP Professional x64 Edition.

In your location bar, type about:config

Once it Opens You should see similar to the following screen

Tip1

In the filter bar type network.http.pipelining

You should see the following screen

Normally it says ” false ” under value field , Double click it so it becomes ” true “.

Once you finished this you should see the following screen.

Tip2

In the filter bar again and type network.http.pipelining.maxrequests

Once it Opens You should see the following screen

Default it says 4 under value field and you need to change it to 8

Once you finished this you should see the following screen.

Tip3

Go to the filter bar again and type network.http.proxy.pipelining

Once it Opens You should see similar to the following screen

Normally it says ” false ” under value field , Double click it so it becomes ” true “.

Once you finished this you should see the following screen.

Tip4

Go to the filter bar again and type network.dns.disableIPv6

Once it Opens You should see the following screen

Normally it says ” false ” under value field , Double click it so it becomes ” true “.

Once you finished this you should see the following screen.

Tip5

Go to the filter bar again and type plugin.expose_full_path

Once it Opens You should see the following screen

Normally it says ” false ” under value field , Double click it so it becomes ” true “.

Once you finished this you should see the following screen.

Some more Tweaks

Enable the spellchecker for inputfields and textareas (default is textareas only)

layout.spellcheckDefault=2

Open lastfm://-links directly in amarok

network.protocol-handler.app.lastfm=amarok
network.protocol-handler.external.lastfm=true
Firefox Memory Leak Fix

Open a new tab. Type “about:config” without quotes into the address bar and hit enter/click Go.

Right-click anywhere, select New, then Integer. In the dialog prompt that appears, type:

browser.cache.memory.capacity

Click OK. Another dialog prompt will appear. This is where you decide how much memory to allocate to Firefox. This depends on how much RAM your computer has, but generally you don’t want to allocate too little (under 8MB), but if you allocate too much, you might as well not do this. A good recommended setting is 16MB. If you want 16MB, enter this value into the dialog prompt:

16384

(Why 16384 instead of 16000? Because computers use base-12 counting. Thus 16 megabytes = 16384 bytes. Likewise, if you want to double that and allocate 32MB, you’d enter 32768.)

Click OK to close the dialog box, then close all instances of Firefox and restart. If your Firefox still uses the same amount of memory, give it a few minutes and it should slowly clear up. If that fails, try a system reboot.

Now your Firefox will now be 3 – 30 times faster in loading pages.

Source: Ubuntu Geek