geostorm.org


UTC 14:10:40
Monday
12/9/2024



December 2024
SuMoTuWeThFrSa 
1234567 
891011121314 
15161718192021 
22232425262728 
293031     
        
Calendar Tool

welcome

Networking - Linux Reference

Here are some solutions to problems Linux users often encounter. If you have a better solution or
have a question please send your solutions, questions, or comments to us.
Are any of these solutions obsolete? Are they clear and easy to understand?







[TOP]





How do I telnet to my linux server as root from a remote client?


Slackware:
look for 
/etc/securetty
uncomment ttys01-3 ttyp01-3 (that is, ttys01, ttys02, etc...)
also  note that /etc/login.defs contains login securetty info.

Redhat:
Remove file /etc/securetty
or just rename it.
There should be a better solution to this though. If you have a better
solution, please e-mail me.

SuSe:
/etc/rc.config sets lots of stuff including
allowing root login via telnet
edit it then /sbin/SuSEconfig*
I think I saw something in YaST once.
[TOP]



Quick guide to getting samba up and running?
Simple config:
  1.config /etc/smb.conf
  2.smbadduser unixuid=ntuserid <---- example: root=administrator
  3.smbpasswd 
  4./etc/rc.d/init.d/smb restart <---- this restarts samba
OR
  1.config /etc/smb.conf
  2.smbpasswd -a user<----change passwd add user
  3./etc/rc.d/init.d/smb restart <---- this restarts samba

Config /etc/smb.conf

For the impatient here's a very simple but working /etc/smb.conf file.
This is for those who don't read anyway:

SSSSSSSSSSSSSSSSSSSSS START SSSSSSSSSSSSSSSSSSS

[global]

# workgroup = NT-Domain-Name or Workgroup-Name
# You MUST change this to reflect your workgroup or domain
    workgroup = MyWorkGroup_OurFamily

    server string = Samba Server

    log file = /var/log/samba/log.%m

    max log size = 50

    security = user

    smb passwd file = /etc/smbpasswd

    username map = /etc/smbusers

    socket options = TCP_NODELAY

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
    dns proxy = no

[printers]
    comment = All Printers
    path = /var/spool/samba
    browseable = no

    guest ok = no
    writable = no
    printable = yes

[root_dir]
    available = yes
    path = /
    public = yes
    guest only = yes
    writable = yes
    browseable = yes
    only user = no

EEEEEEEEEEEEEEEEEEEE  END EEEEEEEEEEEEEEEEEEEEE

Now for those of you who want to see the whole file, here it is:
Right click and choose save as
   
DOWNLOAD
This will make the root directory "/" of your samba server look like
another windows machine to actual MS Windows users. You can change "/" to
whatever directory you like; it will appear as the root directory to
windows clients.

smbadduser
To add a new user, use this smbadduser
  smbadduser unixuid=ntuserid <---- example: root=administrator
So, if you are root on linux and you are administrator on windows,
you would use the smbadduser command like this:
  smbadduser root:administrator
or if you are user joe on linux and you are user joe on windows,
you would use the smbadduser command like this:
  smbadduser joe=joe

If you don't see the smbadduser command, but you do see the smbpasswd
command, then you can skip the smbadduser procedure.


smbpasswd
Now, change the user password. It would be better to make your smb
username and password match that of your windows username and
password. It would avoid many problems.
  smbpasswd -a joe
It is also possible to use smbpasswd to add user and set the password.
The above command adds user joe and changes his password.

restart
Now you need to restart samba. You don't need to reboot, just restart
samba.
  /etc/rc.d/init.d/smb stop
wait one second...
  /etc/rc.d/init.d/smb start
You must type in the full path.

It is possible that your particular distribution and kernel version is
buggy and less stable, you may want to reboot.


Notes:
Windows 95, Win98, and Windows Millennium will easily see samba.
Windows NT 4 and Windows 2000 will work fine without any modifications
when trying to see samba. They do use encrypted passwords so make sure
samba does that. In the smb.conf file, there's a line for that.
  encrypt passwords = yes
Otherwise windows will cooperate with samba. 

If your Win32 system does not see the samba server it's either not
set up properly or it could be that samba is just not broadcasting.
You can still map to a samba share. You would have to put in the
IP address to samba and the share name.
So, in windows, you have the server name plus the share name of
the shared drive like this:
\\computername\drive_d
In the example smb.conf file you would map that drive as:
\\123.45.67.89\root_dir
where you would substitute the numbers with your samba server's
IP address.
[TOP]



How do I run pop3 e-mail?
NOTICE: The following is for slightly older distributions
and some new distributions. For example use the following method
for RedHat 6.2, but not for RedHat 7+ because it uses /etc/xinetd.d
instead of /etc/inetd.conf. If your system uses /etc/xinetd.d, you
need to go into /etc/xinetd.d/ and edit the individual files. Each
file has a disable = yes/no field.

[For most distributions]
Chances are, you've already got it installed. 
You just need to enable pop3:

edit /etc/inetd.conf
uncomment (remove #) these lines:

  pop-2   stream  tcp     nowait  root    /usr/sbin/tcpd  ipop2d
  pop-3   stream  tcp     nowait  root    /usr/sbin/tcpd  ipop3d
  imap    stream  tcp     nowait  root    /usr/sbin/tcpd  imapd

RedHat (and their copy-cats)
Now restart sendmail and inet.
  /etc/rc.d/init.d/sendmail stop
  /etc/rc.d/init.d/inet stop

  /etc/rc.d/init.d/sendmail start
  /etc/rc.d/init.d/inet start

You must type in the full paths.
If you're not comfortable, just reboot your computer.


[TOP]



I'm on a remote computer and I'm trying to send e-mail via sendmail, but sendmail tells me
"relaying denied".

Can't send email, "relaying denied" problem.
This is a security feature of sendmail.
By default, sendmail will only let the localhost send email via.
sendmail service.
In other words, no one else can use it. You need to add your IP.

All linux distributions:
to allow your IP to access sendmail, edit:
/etc/mail/access

add these lines:
-----------------------------

23.45.67.89   OK
10            OK

-----------------------------

The first line says that 23.45.67.89 can access sendmail.
Where 23.45.67.89 can be an outside IP address.

The second line says that all of 10.*.*.* can access sendmail.
10 is the first number of every computer on your network.
If you have the following five computers:
  10.0.0.2
  10.0.0.3
  10.0.0.4
  10.0.0.5
  10.0.0.6
    you would use 10.

Now do this:
makemap hash /etc/mail/access < /etc/mail/access

now, create a file called /etc/mail/relay-domains
add all IP addresses including local and public IPs

now restart your sendmail

RedHat, Mandrake, SuSE, and possiblly others:

/etc/rc.d/init.d/sendmail stop
/etc/rc.d/init.d/sendmail start

note: you must type in full paths. use [TAB] if you are lazy.

That will let you send mail.

To recieve mail see pop3 notes
Then restart networking services. If you are unsure of how
to do that, just reboot your computer.

[TOP]



Some notes on web service.
If you get an httpd problem with an error telling you
that httpd cannot determine hostname, then:


Edit this file: (redhat)
/etc/sysconfig/network


you may get something like this:

NETWORKING=yes
FORWARD_IPV4=false
HOSTNAME=hello.com
DOMAINNAME=helloWorld
GATEWAY=10.0.0.1
GATEWAYDEV=eth0


Now restart apache web server.
  /etc/rc.d/init.d/httpd stop
  /etc/rc.d/init.d/httpd start

Also (for redhat) run xinit
then start netcfg
make sure hostname is the same everywhere

then restart httpd by
/etc/rc.d/init.d/httpd restart

this will not work
httpd restart
must provide full path
note that /etc/hosts directly affects httpd
set host name there also. must be correct. must match hostname

--------
To change web docs root dirs:

redhat:
edit files in here:
  /etc/httpd/

also note:
  /etc/httpd/conf/srm.conf
(for redhat)

note that this (srm.conf) also contains inportant configs.
to allow .sht files to display a page instead of source code
add this for example:

AddType text/html .sht
AddHandler server-parsed .sht


---------------
to remove error and access logs:

redhat:

rm /var/log/http/*
/etc/rc.d/init.d/httpd restart

Next time someone accesses your web site, new log files will be created.

----------------


also edit
  /etc/httpd/conf/access.conf

[TOP]



How do I create password protected directories?


1. Find this file: /etc/httpd/httpd.conf
   Edit it with your favorite text editor.
     Find the section "DocumentRoot"
       or find: "<Directory" in "<Directory "/system/httpd/www">"
   Now, edit the section so it looks like the following:
      AllowOverride All <--- if you do not see 'All' put it in.
2. htpasswd -c /dirname/filename <username>
    filename and directory is where you want to create the
    htpasswd file. Put it in /etc/httpd/ and call it htpasswd.
    username is a valid username already on your system.
       for example: htpasswd -c /etc/httpd/htpasswd joe
3. Create file '.htaccess' in the directory you want to be protected.
   so if you want to proctect everything in www.yoursite.com/private/
   then you put the '.htaccess' file in private/
    The content of '.htaccess' is:
   AuthUserFile /etc/httpd/htpasswd
   AuthGroupFile /dev/null
   AuthName MyNameIsJohnDoe
   AuthType Basic
   <Limit GET PUT POST>
   require valid-user
   </Limit>
4. Restart apache.
     For example: /etc/rc.d/init.d/httpd restart
     You must type in the full path.

Notes: After you have created /etc/httpd/htpasswd with the option -c,
       you can add more users by using htpasswd without the -c option.
       You also do not have to restart Apache.
[TOP]



How do I add more IPs for one linux box? IP aliasing
IP address alias
(1 NIC, many IP addresses)

If running redhat:
either run ifconfig or netcfg

netcfg is easier.
click on the interfaces tab
click on your network card (like eth0)
then click 'alias'
add whatever address you like.


If you choose ifconfig:
  ifconfig eth0 10.0.0.2 up
This will setup your linux machine to use IP address 10.0.0.2.
To remove that IP:
  ifconfig eth0 10.0.0.2 down

[TOP]



How do I restrict access to my ftp and telnet service?
Edit the text file:
  /etc/hosts.deny
with a plain text editor.
Start by restricting ALL USERS including yourself.
Add this single line:

  ALL: ALL #this restricts all users

Now, edit this file
  /etc/hosts.allow

You can add any one of these lines:

To allow an IP and port to use a service:
  <service>: <ipaddress> <port>

e.g.,:
  ALL: 213.13.5.2 300
This allows a user behind a firewall to use all services.
The firewall has an IP address of 213.13.5.2 and a proxy server
opens port 300 to that user.


To allow a specific IP to telnet in:
  in.telnetd: 123.45.67.89
This allows a user at IP 123.45.67.89 to telnet in, but nothing else.
He/She/It cannot ftp or use POP3 for example.

To allow a specific IP to ftp in:
  in.ftpd: 123.45.67.89
This allows a user at IP 123.45.67.89 to ftp in, but nothing else.
He/She/It cannot telnet or use POP3 for example.

[TOP]



How do I add my ISPs new DNS servers? I want to use their New NameServers.
To add a new DNS server to an exisiting one:
add dns server to /etc/resolve.conf
Just add this one line:
  nameserver 123.45.67.89
[TOP]



Networking services often stops, how do I get it back up without rebooting?

for redhat:
restart /etc/rc.d/init.d/inet

for SuSE 6.2:
restart /etc/rc.d/init.d/inet
It seems in SuSE Linux, you need to do more than just restart inet.
Even after you restart it, though you can now ping your machine from
another machine, you still can't browse the web or telnet in from another
machine. You will probably have to restart dns services somewhere. 
I don't know. If anyone has a solution for SuSE or other distributions,
Please send it to linux@fusionplant.com

[TOP]



Local access to my Linux server (from my private network (LAN)) "seems" to hang. Two minutes later, I can get in. Outside users (from the internet or web) can access my server without a problem.

You need to edit this file "/etc/hosts".

If you are on a local network only, without internet access and you are
not on other networks then Telnet, FTP, and HTTPd (web) services to
server will be fast to access (login).

In the setup:
local network + gateway + internet access
and
local network + other networks
Telnet, FTP, and web services to server will appear to hang when
accessed from client machines on a LAN because it does not have a
domain name entry. The server is looking for a domain name entry
and will wait for the DNS server to find one. It will wait and time
out and finally log you in.

For each machine on your LAN, you need to enter it's IP address and a
domain name (any name will do).

You edit /etc/hosts
If your local area network (LAN) is on a 10.0.0.* network, then for each
client machine, you enter:

10.0.0.2        machine.one
10.0.0.3        john.smith
10.0.0.4        mary


[TOP]



I'm using Sendmail 8 or above and I cannot recieve e-mail from the internet.
First thing you need a fully qualified domain name set on your
machine. It should be set in:

/etc/hosts
enter a line like 198.192.0.1 mycompany.com

/etc/sysconfig/network
enter these lines
NETWORKING=yes
HOSTNAME=mycompany.com
GATEWAY="198.192.0.1"
FORWARD_IPV4="yes"
GATEWAYDEV="eth0"


Now open:
/etc/mail/sendmail.mc

find this line:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

comment it out with 'dnl' (not #)
so that it will look like this:
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

now run this:
m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

Restart sendmail:
/etc/rc.d/init.d/sendmail stop
/etc/rc.d/init.d/sendmail start


To be able to send e-mail, see I'm on a remote computer and I'm
trying to send e-mail via sendmail, but sendmail tells me
"relaying denied". 

[TOP]