Archive for December, 2006
Getting started with SSH Tutorial
Getting started with SSH Tutorial
Getting started with SSH Tutorial - Connecting to your server with SSH
Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and protocol for securely getting access to a remote computer. It is widely used by network administrators to control Web and other kinds of servers remotely. SSH is actually a suite of three utilities - slogin, ssh, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted. SSH uses RSA public key cryptography for both connection and authentication. Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default.
The server you are connecting to must be running SSH, and you must be running a secure shell client on your own machine as well, more details on getting a secure shell client are below.
Step 1) Download the SSH client on your local machine, we are assuming you’re using Windows. If not then see other PuTTY download options here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Windows PuTTY Download
http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
Step 2) Save the file to your desktop and double click it.
Step 3) You should see a something that looks like this, asking you what server you want to connect to.
Click for larger screenshot
Step 4) Enter your servers IP and click on Open.
Step 5) Enter your account’s username to connect then enter your password.
Click for larger screenshot
Step 6) Change to the root user, type: su –
That’s it! You have now logged into your server using SSH.
Now get comfortable with it and learn some shell/SSH commands in the article listed below.
lingerd - Setup and Installation
lingerd - Setup and Installation
WHAT IS LINGERD?
Under high load, a dynamic page server running Apache with mod_php spends a lot of its time doing an operation called “lingering close”, which amounts to waiting a second or two on a connection just to make sure it gets closed properly.
Lingerd, then, is a daemon (service) designed to take over this job. Unlike Apache, which uses one process per connection, lingerd can do thousands of lingers in parallel, from a single process. The end result is that Apache needs much fewer running processes to handle the same load, which greatly increases its scalability, and diminishes the load on the server.
For technical reasons, lingerd is only effective on servers where keep-alives are disabled. To get the most out of your servers, for a high traffic site, you need to have the dynamic webpages served from one Apache server, and the images and other static data from another. The dynamic page server can then use lingerd.
HOW STABLE IS IT?
Lingerd has been in production use for a few months, and has lingered nearly 2,000,000 connections with no errors, under Linux.
More testing is still needed under other platforms (eg BSD, Solaris). Lingerd is not portable to Windows.
WHERE DO I FIND IT?
The homepage for lingerd is at http://www.iagora.com/about/software/lingerd/
The daemon itself can be found at ftp://iagora.com/pub/software/lingerd/lingerd-0.94.tar.gz
HOW DO I USE IT?
Installing lingerd is fairly simple, but it does require recompiling Apache from source.
Here are some quick installation instructions for Apache with mod_php and lingerd (see http://www.phpbuilder.com/manual/install-unix.php for more details), under Unix or Linux:
1. tar zxvf apache_1.3.x.tar.gz
2. tar zxvf php-3.0.x.tar
3. tar zxvf lingerd-0.94.tar
4. cd lingerd-0.94
5. vi config.h
(set the right directories for SOCKPATH and PID_FILE; these directories
must be writeable by the userid that Apache runs as)
6. vi apache-1.3/ap_lingerd.h
(set SOCKPATH here too)
7. make ; make install
(also set the system up to start lingerd automatically, e.g by
adding the line “/usr/local/sbin/lingerd” to your
/etc/rc.d/rc.local file)
8. cp apache-1.3/ap_lingerd.* ../apache_1.3.x/src/main/
9. cd ../apache_1.3.x
10. patch -p0 -d src/ < ../lingerd-0.94/apache-1.3/aplinger.diff
11. ./configure --prefix=/www
12. cd ../php-3.0.x
13. ./configure --with-mysql --with-apache=../apache_1.3.x --enable-track-vars
14. make ; make install
15. cd ../apache_1.3.x
16. ./configure --prefix=/www --activate-module=src/modules/php3/libphp3.a
17. make ; make install
To see if lingerd is running, and how many connections it has been handling, watch out for its messages in /var/log/messages.
Lingerd is not tightly tied to the dynamic programming language, so it can be used with PHP3, PHP4, and also with other scripting engines like mod_perl, mod_snake or mod_dtcl.
You can find more information about lingerd in its homepage at http://www.iagora.com/about/software/lingerd/ , and in the documentation files included in the distribution.
No commentsInstalling Pico on FreeBSD
Installing Pico on FreeBSD
Pico is a simple, display-oriented text editor based on the Pine message system composer. As with Pine, commands are displayed at the bottom of the screen, and context-sensitive help is provided. As characters are typed they are immediately inserted into the text.
Editing commands are entered using control-key combinations. As a work-around for communications programs that swallow certain control characters, you can emulate a control key by pressing ESCAPE twice, followed by the desired control character, e.g. “ESC ESC c” would be equivalent to entering a ctrl-c. The editor has five basic features: paragraph justification, searching, block cut/paste, a spelling checker, and a file browser.
Installing Pico
Login to SSH as root.
Sometimes, direct root login is disabled. If it is disabled do the following:
# su -
# password: [Enter your WHM root pass]
# [Hostname]: [Ready to work ]
To Download ports:
# /stand/sysinstall
- Go to Configure (post install)
- Go to Distributions
- Select ‘ports’
- Select ‘ok’
From there select FTP transfer (ftp.freebsd.org is ok) and it should download the ports into /usr/ports. When it’s done, just exist sysinstall and run the commands I stated earlier.
It’ll take a while to download.
after its finished downloading, do this:
# cd /usr/ports/editors/pico
# make install
This will install Pico for you, then you are finished!
Pico Commands
Options
+n
Causes pico to be started with the cursor located n lines into the file. (Note: no space between “+” sign and number)
-a
Display all files including those beginning with a period (.).
-b
Enable the option to Replace text matches found using the “Where is” command.
-d
Rebind the “delete” key so the character the cursor is on is rubbed out rather than the character to its left.
-e
Enable file name completion.
-f
Use function keys for commands. This option supported only in conjunction with UW Enhanced NCSA telnet.
-h
List valid command line options.
-j
Enable “Goto” command in the file browser. This enables the command to permit explicitly telling pilot which directory to visit.
-g
Enable “Show Cursor” mode in file browser. Cause cursor to be positioned before the current selection rather than placed at the lower left of the display.
-k
Causes “Cut Text” command to remove characters from the cursor position to the end of the line rather than remove the entire line.
-m
Enable mouse functionality. This only works when pico is run from within an X Window System “xterm” window.
-nn
The -nn option enables new mail notification. The n argument is optional, and specifies how often, in seconds, your mailbox is checked for new mail. For example, -n60 causes pico to check for new mail once every minute. The default interval is 180 seconds, while the minimum allowed is 30. (Note: no space between “n” and the number)
-o dir
Sets operating directory. Only files within this directory are accessible. Likewise, the file browser is limited to the specified directory subtree.
-rn
Sets column used to limit the “Justify” command’s right margin
-s speller
Specify an alternate program spell to use when spell checking.
-t
Enable “tool” mode. Intended for when pico is used as the editor within other tools (e.g., Elm, Pnews). Pico will not prompt for save on exit, and will not rename the buffer during the “Write Out” command.
-v
View the file only, disallowing any editing.
-version
Print Pico version and exit.
-w
Disable word wrap (thus allow editing of long lines).
-x
Disable keymenu at the bottom of the screen.
-z
Enable ^Z suspension of pico.
-q
Termcap or terminfo definition for input escape sequences are used in preference to sequences defined by default. This option is only available if pico was compiled with the TERMCAP_WINS define turned on.
Written by: Ibrahim Ezzy (ibrahim.Ezzy@Searchxs.com) and allera.
No commentsCustomizing PHP Safe Mode
Customizing PHP Safe Mode
We’ll guide you through using PHP safe_mode and how-to enable it and to customize it for certain sites on your server. When using PHP as an Apache module, you can also change the configuration settings using directives in Apache configuration files (e.g. httpd.conf) and .htaccess files. PHP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites.
Using PHP Safe_Mode
First of all we’ll take care of the files that you will edit, and make sure to have copy or backup .
Activate Safe Mode Globally
It is very simple to active safe mode on the entire server. All you need to do is just edit the php.ini file. If you can’t find where php.ini is or have multiple copies on your server the best thing to do is run phpinfo() to find it. Open up Notepad or your favorite HTML editor and paste in the following from this file.
http://www.webhostgear.com/phpinfo.phps
Save it as phpinfo.php and upload it to a website that you want to test on your server. Type in the URL and you’ll get a PHP configuration page telling you exactly where php.ini is located and all kinds of other useful information about the sites and servers configuration settings.
A few lines down you’ll see this:
Configuration File (php.ini) Path: /usr/local/Zend/etc/php.ini
Now that we know the location of php.ini we can proceed to edit it.
1) Open up php.ini in your shell with your favorite editing program.
pico /path to php/php.ini (replace with the path to your php.ini file)
2) Find the following line: safe_mode
Ctrl + W and type in: safe_mode
3) Turning safe mode on or off.
safe_mode = Off
You may active it by or turn it off by changing it to either On OR Off.
safe_mode = On
Good! Now save the file by ctrl + x then y
4) Restart the Apache web server by
/etc/init.d/httpd restart
Now safe_mode is active on all your server accounts.
Activate Safe Mode Using Per Site Basis
Now if you have scripts that require safe mode off like Modernbill or any script doesn’t work well with safe_mode on what you will do? Disable safe_mode on the entire server just for these scripts? This isn’t very practical when you can disable php safe mode per user account/site basis.
Let’s do it!
1) SSH to your server and login as root.
2) Then find the httpd.conf, normally it’s in /etc/httpd/conf/ or /usr/local/apache/conf/
If it’s not in either of those places try search for it: locate httpd.conf
3) Then find the site you wish to edit.
Ctrl+W and type in the domain name
You should see something like this
ServerAlias www.domain.net domain.net ServerAdmin webmaster@domain.net DocumentRoot /home/domain/public_html BytesLog domlogs/domain.net-bytes_log ServerName www.domain.net User domain Group domain CustomLog domlogs/domain.net combined ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
4) Now add this line:
php_admin_flag safe_mode Off
We have also found that the following works as well if the above does not but DO NOT USE BOTH, pick one!
php_admin_value safe_mode 0
to be like this :
ServerAlias www.domain.net domain.net ServerAdmin webmaster@domain.net DocumentRoot /home/domain/public_html php_admin_flag safe_mode Off BytesLog domlogs/domain.net-bytes_log ServerName www.domain.net User domain Group domain CustomLog domlogs/domain.net combined ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
5) Good 
Now save the changes.
Ctrl + X then Y
6) Restart the Apache web server by
/etc/init.d/httpd restart
Final Words
PHP Safe mode should be on by default on all your servers for added security. However there are some scripts that are not compatible with it on so you have to make an exception to some client sites. Make sure you know why they’re requesting to have it turned off because it is much more secure for everyone to have it on.
If you run into trouble after editing httpd.conf you can run the apachectl configtest
in shell. This will test the Apache configuration for errors and report them back to you if you can’t start it, very handy indeed!
More PHP customizing commands here: http://php.us.themoes.org/manual/en/configuration.changes.php
Article from: http://webhostgear.com/166.html
No commentsLinux Distributions
Linux Distributions
Who among us hasn’t heard of Linux yet? You know, that freely distributable ‘flavor’ of the Unix class of operating systems? Not a lot, probably. But do you all know that Linux comes in many distributions or ‘distros’ as the natives call it? Or, that, there are over a hundred of these ‘distros’ available online or otherwise?
That’s what I thought.
Well, if you’re a novice, like me, or not-so-new to the field but would like a memory jog, herein then is a quick tour of six of the most commonly used (at least, in my own humble opinion) in web hosting servers that are available under GNU-GPL, listed in alphabetical order.
Debian GNU/Linux is a free OS that uses the Linux kernel although most of its basic tools come from the GNU project. There are three releases in active maintenance as of this writing are: Version 3.0r2, codename: woody, (stable); codename: sarge (testing) and codename: sid (unstable).
Mandrake Linux was created in 1998 by MandrakeSoft, and takes a graphical approach to both installation and system administration. Mandrakelinux™ 10.0 is the latest release.
Red Hat Linux is probably the most popular, although not necessarily the best, of the lot. It was created in 1994 by Marc Ewing, developed by Red Hat Software (now Red Hat Inc.), and has evolved into two main product lines. The Red Hat Enterprise Linux was created in 2002 to become (according to their site anyway) the corporate Linux standard, and its latest release is version 3.0. The Fedora Project, introduced in 2003, for developers and enthusiasts using Linux in non-critical computing environments.
SuSE Linux is the distribution produced by SuSE GmbH. The main selling point emphasized by the company for its latest release, the SuSE Linux 9.0, is the inclusion of of innovative technologies to facilitate system migration for Linux newcomers. This, aside from all Internet, office, images, audio, video and network applications you could possibly want (or so their site says).
Slackware Linux was originally developed by Patrick Volkerding and first released in April 1993. It is a complete 32-bit multitasking UNIX-like system based currently around the 2.4 Linux kernel series and the GNU C Library version 2.3.2 (libc6). Its latest release is Slackware 9.1.
TurboLinux is the leading Linux distribution in the Asia-Pacific. Its unique clustering solution allows the construction of highly available and scalable networks based on low-cost commodity components. Its latest releases are the Turbolinux 10 Desktop, Turbolinux 8 Server and Turbolinux Enterprise Server 8.
CentOS is one of the free versions of the popular Red Hat Enterprise Linux, arguably just as functional, and the major benifit of being completely free.
White Box Linux is also another free clone of Red Hat Enterprise Linux
Parts from http://www.hostingvoice.com/
No comments