ubuntu Archives - Page 3 of 4 - Networking HowTos

Remove Disk from LVM Array on Ubuntu

January 6, 2013 Linux, Ubuntu

This howto guide will go through the process of moving data off a disk in a LVM array, so it can be physically removed from the system.
Continue Reading…

Installing Newznab on Ubuntu

January 1, 2013 Linux, Other, Ubuntu

Ever wanted to run your own usenet search engine? This howto will go through the steps required to install the Newznab usenet indexer on Ubuntu. Ubuntu 12.04 was used for this guide, however all current versions of Ubuntu should be the same.
Continue Reading…

Connect to a PPTP VPN Server from Ubuntu Linux

December 2, 2012 Linux, Ubuntu

This howto outlines how to connect to a PPTP VPN server from a Linux computer running Ubuntu (or a Ubuntu based distribution). It covers the installing of the PPTP VPN client, configuration, and connecting/disconnecting from the VPN connection.
Continue Reading…

Enable Apache Rewrite module on Ubuntu 12.04

November 29, 2012 Linux, Ubuntu

By default, Ubuntu 12.04 doesn’t enable the rewrite engine module after installing Apache. The rewrite engine for Apache allows for on-the-fly URL rewriting/changing. This allows for the use of urls that are human readable, and SEO friendly. The rewrite engine is capable of capturing a website request, running it through a series of expression checks, and if a match is found, it will pass on the rewritten request to the web server. The end user would not notice anything different within their web browser, other than perhaps easier to read urls. The rewrite engine is great for re-directions, and is a requirement for some CMS packages such as Drupal.
This guide assumes that Apache is already installed on your machine. If it not installed, please install it first using the command “sudo apt-get install apache2”
Follow the steps below to enable the rewrite engine.
Enable the rewrite module using the command “sudo a2enmod rewrite”

Depending on which website you want the rewrite engine to work on, you may need to modify the Apache configuration files some more.
For the default website, open up the “/etc/apache2/sites-available/default” file in your favorite editor. I am using “nano” for this example

The file should look something like the image below. The lines you will need to focus on are the ones that start with “AllowOverride”.

You need to change the “AllowOverride None” to be “AllowOverride All” for the directories you want the rewrite engine to work in. There are other options that can be used for the AllowOverride feature, but I won’t be going into the details of those in this article.

Exit the editor, and Save the file.
Restart Apache using “sudo /etc/init.d/apache2 restart”

If Apache hasn’t been configured for a ServerName option yet, you may get the above error message, or something similar. This isn’t a huge concern, and can be resolved later.
You should now be able to create .htaccess files, and use them how you want.

Changing network interface numbers on Ubuntu

April 15, 2012 Linux, Ubuntu

Have you ever replaced a network card on Ubuntu and found that it is now appearing as eth1, instead of eth0? Or simply wanted to swap the numbering of two network interfaces? This guide shows you how to do just that.
Ubuntu uses the udev dynamic device management system, and automatically keeps track of what net card is assigned to what interface name.
Udev allows for device name persistance using rule files, which are stored in “/etc/udev/rules.d/”.
“70-persistent-net.rules” is the file that contains the persistance rules for network devices.
Open this file in your editor of choice.

$ nano /etc/udev/rules.d/70-persistent-net.rules

It should look something like this:

# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:31:44:9e", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:31:44:a8", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

This indicates that the network card with the MAC address of “00:0c:29:31:44:9e” will always be assigned to “eth0” and “00:0c:29:31:44:a8” will always be assigned “eth1”.
You can simply swap eth0 and eth1 around, if you have two network cards in use.
If you only have the one network card (due to replacing a old one for example), you can simply delete the lines referring to the old card, and rename the new card to the correct “eth#” number.
Save the file and exit the editor.
Reboot the computer for the changes to take effect.

Installing NGINX, PHP, and MySQL on Ubuntu 10.04 LTS using php-cgi

April 5, 2012 Linux, Ubuntu

Nginx (pronounced Engine-X) is a fast & lightweight HTTP and HTTPS web server (it can also act as a reverse proxy, and perform load balancing).
(Note: this is a updated version of a similar how to located here, but this article is using php-cgi package instead of php-fpm, and using only default Ubuntu repository’s).
Its small memory footprint requirements make it great for systems with small amounts of memory, such as low end cloud servers. Nginx is great for serving static files to users, and is cable of handling more than 10,000 simultaneous connections, but it lacks the embedded module support for PHP as Apache does.
Thankfully you can use the php5-cgi package to add PHP support to Nginx, and end up with a PHP enabled web server running on a low footprint setup. Nginx essentially offloads processing of .php files to the PHP fast cgi package, which in turn passes the interpreted script information back to Nginx, to return back to the end user.
The how to article below describes installing the usual components for the LAMP stack (Linux, Apache, MySQL, and PHP), however the Apache part is exchanged for Nginx.
Make sure the apt sources are up to date before installing:

$ sudo apt-get update

MySQL Configuration
Install MySQL:

$ sudo apt-get install -y mysql-server mysql-client

You will be asked to enter a “root” password for the MySQL server. Generate a strong password, type it in, and keep note of it for future reference.
PHP Configuration
To use PHP with Nginx, you require the PHP5-CGI package. Install PHP with php5-cgi and any other modules that you may require:

$ sudo apt-get install -y php5-cgi php5-mysql php5-curl php5-gd php5-idn php-pear php5-imagick \
php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-ps php5-pspell php5-recode \
php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-json

Note: You can modify the above command to add/remove individual PHP packages if needed. The php5-cgi package is however required when used with Nginx.
Download and set up the php-fastcgi init script for Ubuntu, using the following commands:

$ cd /etc/init.d
$ sudo wget -O php-fastcgi http://www.networkinghowtos.com/wp-content/uploads/scripts/php-fastcgi
$ sudo chmod +x php-fastcgi
$ sudo update-rc.d -f php-fastcgi defaults

The source for this file and more details can be found on the following page:
http://www.networkinghowtos.com/howto/ubuntu-php-fastcgi-init-script/
Start (or Restart) PHP Fast CGI:

$ sudo /etc/init.d/php-fastcgi restart

NGiNX Configuration
Install Nginx:

$ sudo apt-get install -y nginx

Edit the Nginx configuration file so that it knows what to do with .PHP files:

$ sudo nano /etc/nginx/sites-available/default

There will be a section with the heading starting with “pass the PHP scripts to FastCGI server” as seen below:

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
                #fastcgi_pass   127.0.0.1:9000;
                #fastcgi_index  index.php;
                #fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
                #includefastcgi_params;
        #}

Uncomment the lines as shown below, and modify the “fastcgi_param” line to reflect your website folder path. In my example I am using /var/www.
Also take note of the space added to the “include” line. For some reason the example code in the config file was missing the space. Add this space (or tab) as per the below example.

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /var/www$fastcgi_script_name;
                include fastcgi_params;
        }

Save and exit the editor.
Please note that there could be potential security issues with this generic base configuration (particularly if you are running a publicly accessible website, and allow file uploads). If you would like further information on this, please read the blog post at https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ and also read through the Nginx documentation.
Start Nginx:

$ sudo /etc/init.d/nginx start

Conclusion and Testing
Create a .php file containing the following PHP code and save it in your website folder and call it test.php (/var/www/test.php in my example.):

<?php
   phpinfo();
?>

Load up your site in a browser, and add the file /test.php to the url, and make sure it comes up with the usual PHP information page, and not just the source code for the .php file you created.
You should now have a working Nginx, PHP, and MySQL stack. Read the Nginx documentation for more detailed configuration options.
The Nginx documentation can be found on the Nginx website at http://nginx.org/

Ubuntu PHP-FastCGI init script

April 4, 2012 Linux, Ubuntu

Below is an example of a PHP-FastCGI init script for use on Ubuntu systems.
This startup init script was copied from http://wiki.nginx.org/Ubuntu-php-fastcgi and slightly modified to keep all start up settings in the one script file. Thanks to the original author.
It can also be downloaded in full from:
http://www.networkinghowtos.com/wp-content/uploads/scripts/php-fastcgi
Remember to “chmod +x” this script to make it executable.
This file should be stored in “/etc/init.d” and set to run at startup by running the “sudo /usr/sbin/update-rc.d -f php-fastcgi defaults” command.
To download and set up the init file in one go, run the following commands:

cd /etc/init.d
sudo wget -O php-fastcgi "http://www.networkinghowtos.com/wp-content/uploads/scripts/php-fastcgi"
sudo chmod +x php-fastcgi
sudo update-rc.d -f php-fastcgi defaults

/etc/init.d/php-fastcgi contents:

#! /bin/sh
### BEGIN INIT INFO
# Provides:          php-fastcgi
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start and stop php-cgi in external FASTCGI mode
# Description:       Start and stop php-cgi in external FASTCGI mode
### END INIT INFO
# Author: Kurt Zankl 
# Do NOT "set -e"
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="php-cgi in external FASTCGI mode"
NAME=php-fastcgi
DAEMON=/usr/bin/php-cgi
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
########################################################################
#
# Settings for php-cgi in external FASTCGI Mode
#
# Should php-fastcgi run automatically on startup? (default: no)
START=yes
# Which user runs PHP? (default: www-data)
EXEC_AS_USER=www-data
# Host and TCP port for FASTCGI-Listener (default: localhost:9000)
FCGI_HOST=127.0.0.1
FCGI_PORT=9000
# Environment variables, which are processed by PHP
PHP_FCGI_CHILDREN=4
PHP_FCGI_MAX_REQUESTS=1000
########################################################################
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
#[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# If the daemon is not enabled, give the user a warning and then exit,
# unless we are stopping the daemon
if [ "$START" != "yes" -a "$1" != "stop" ]; then
        log_warning_msg "To enable $NAME, edit /etc/init.d/$NAME and set START=yes"
        exit 0
fi
# Process configuration
export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS
DAEMON_ARGS="-q -b $FCGI_HOST:$FCGI_PORT"
do_start()
{
        # Return
        #   0 if daemon has been started
        #   1 if daemon was already running
        #   2 if daemon could not be started
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
                || return 1
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
                --background --make-pidfile --chuid $EXEC_AS_USER --startas $DAEMON -- \
                $DAEMON_ARGS \
                || return 2
}
do_stop()
{
        # Return
        #   0 if daemon has been stopped
        #   1 if daemon was already stopped
        #   2 if daemon could not be stopped
        #   other if a failure occurred
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE > /dev/null
        RETVAL="$?"
        [ "$RETVAL" = 2 ] && return 2
        # Wait for children to finish too if this is a daemon that forks
        # and if the daemon is only ever run from this initscript.
        # If the above conditions are not satisfied then add some other code
        # that waits for the process to drop all resources that could be
        # needed by services started subsequently.  A last resort is to
        # sleep for some time.
        start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
        [ "$?" = 2 ] && return 2
        # Many daemons don''t delete their pidfiles when they exit.
        rm -f $PIDFILE
        return "$RETVAL"
}
case "$1" in
  start)
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        do_start
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  stop)
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  restart|force-reload)
        log_daemon_msg "Restarting $DESC" "$NAME"
        do_stop
        case "$?" in
          0|1)
                do_start
                case "$?" in
                        0) log_end_msg 0 ;;
                        1) log_end_msg 1 ;; # Old process is still running
                        *) log_end_msg 1 ;; # Failed to start
                esac
                ;;
          *)
                # Failed to stop
                log_end_msg 1
                ;;
        esac
        ;;
  *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac
:

Compile HAProxy from source on Ubuntu

March 29, 2012 Linux, Ubuntu

This guide will step you through the process of compiling, installing, and setting up the latest version of HAProxy on Ubuntu.
Install HAProxy from the repository to get required scripts
Install HAProxy using the package management tools first, so we can get a copy of the sample config file, and the start up scripts.
Note: This may seem like a weird option, but we really only a few of the scripts/config files that come in this package. We wont be running the version that gets installed from the repository.

$ sudo apt-get install haproxy

This will probably install a older version of HAProxy, but we wont be using that. Keep it in mind if you ever run apt-get upgrade, and it comes up with HAProxy to upgrade. If you do upgrade, you may need to edit the start up script again as per the instructions below.
Compiling the latest version from source
Download the latest copy of HAProxy (see http://haproxy.1wt.eu/ for the latest version). At the time of of writing this article, it was version 1.4.20.

$ wget "http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.20.tar.gz"

Extract the file.

$ tar xzvf haproxy-1.4.20.tar.gz

Change directory into the newly created folder containing the HAProxy source code.

$ cd haproxy-1.4.20/

Start the compile process.

$ make TARGET=linux26

If you got errors during the above compile stage, you may be missing some dependencies required to compile HAProxy. If this is the case, run the command below, and then run the compile command above again.

$ sudo apt-get build-dep haproxy

Install the compiled binaries into the system.

$ sudo make install

Configuring the startup scripts to use the compiled version of HAProxy
On Ubuntu, by default the HAProxy service is disabled. To enable it you need to modify the /etc/default/haproxy file.
$ sudo nano /etc/default/haproxy
Modify the ‘ENABLED=0’ line to ‘ENABLED=1’ as shown below.
Change this:

ENABLED=0

To this:

ENABLED=1

Save and exit the editor.
Edit the startup script to tell it where the newly compiled haproxy binary is located.

$ sudo nano /etc/init.d/haproxy

Find the following line:

HAPROXY=/usr/sbin/haproxy

and modify it to read:

HAPROXY=/usr/local/sbin/haproxy

Save the file and exit the editor.
You can now start/stop HAProxy as you normally would with any Ubuntu service.

$ sudo /etc/init.d/haproxy start

$ sudo service haproxy start

You should now be running the latest version of HAProxy compiled from source code.

How To Change The SSH Server Port Number

March 8, 2012 Linux

Changing the port number that your SSH server listens on is a simple way to prevent random brute force login attacks against your server. While people can still perform attacks against SSH running on a different port number, most automated tools will default to port 22, and not actually do a full port scan.
Any port number can be used, as long as it is not already in use by another service.
Note: Make sure you are logged in as a user with root privledges when running these commands.
Open the /etc/ssh/sshd_config file in your favorite editor.

# vi /etc/ssh/sshd_config

Look for the following line (it may be commented out, as port 22 is the default):

Port 22

#Port 22

Edit this line to reflect the port number you wish to listen on. Un-comment it if it was commented out:

Port 22843

This will set up the SSH server to listen on port 22843.
Save the file and exit the editor.
Restart the SSH daemon:
Ubuntu:

$ sudo service ssh restart

CentOS:

# service sshd restart

FreeBSD:

# service sshd restart

Confirm that it is listening on the new port number by issuing the following command:

netstat -an | grep LISTEN

Make sure that next time you connect, you specify the new port number.

How To Disable root Logins Over SSH on Ubuntu

March 8, 2012 Linux, Ubuntu

Most Linux distributions allow the root user to connect in via SSH, however if you try to connect into Ubuntu as root after a default install, you will find that you wont be able to get in. While it may look like the root account is not permitted to login, it is just because that the root account doesn’t have a password set. If you end up setting a password on the root account for some reason, you will be able to SSH in as root.
It is recommended that root logins are never used, and you should use either su or sudo to elevate the permissions of a normal user account. As such, the best option is to disable root logins in the SSH server configuration file.
Open the /etc/ssh/sshd_config file in your editor of choice (nano in this example):

$ sudo nano /etc/ssh/sshd_config

There should be a line containing the following:

PermitRootLogin yes

Edit this to read:

PermitRootLogin no

Save the file and exit the editor.
Restart the SSH server:

$ sudo service ssh restart

$ sudo /etc/init.d/ssh restart

Root logins over SSH should now be disabled.

Older Posts

Newer Posts