certification

SSH — Configure key-based authentication

Posted on

One of my favorite things to do when managing Linux systems is to configure key-based authentication. This allows me to connect to multiple systems via scripts without have to re-authenticate every time. A decent walkthrough is available at http://linuxproblem.org/art_9.htmlScenario: You are user A on host A, and you want to log onto host B as […]

certification

DNS — Configure a caching-only name server to forward DNS queries

Posted on

I am not sure what the difference si between forwarding queries and caching queries – they both forward to another location. There is a good walkthrough of setting up a chaching nameserver at http://www.redhat.com/magazine/025nov06/features/dns/ Install the needed components yum install bind bind-utils bind-libs bind-chroot caching-nameserver copy /etc/named.conf to /var/named/chroot/etc/edit /var/named/chroot/etc/named.conf Change listen-on port from 127.0.0.1; […]

certification

NFS — Provide network shares suitable for group collaboration

Posted on

Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.It all starts with installing and starting NFS yum install nfs-utils rpcbind service nfs start service rpcbind start Restricting to a […]

certification

SMB — Provide network shares to specific clients

Posted on

Setting up samba is always fun. Laden with landmines between the Windows and Linux world, everytime you think you have a working solution, it flakes out on you. Here are the steps needed to add an SMB share to specific clients. Install samba  yum install samba-client samba-common samba Configure the /etc/samba/samba.conf file Find the line […]

certification

NFS — Provide network shares to specific clients

Posted on

Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.It all starts with installing and starting NFS yum install nfs-utils rpcbind service nfs start service rpcbind start Restricting to a […]

certification

FTP — Configure anonymous-only download

Posted on

Enabling anonymous-only download appears to be enabled by default, so I am not sure why this is an objective. Below are the steps needed in case it isnt in the future. Install packages – yum install vsftpd ftp Edit /etc/vsftpd/vsftpd.conf Find the line anonymous_enabled and set it to YES Ensure anon_upload_enabled is set to NO […]

certification

DNS — Configure a caching-only name server

Posted on

There is a good walkthrough of setting up a chaching nameserver at http://www.redhat.com/magazine/025nov06/features/dns/ Install the needed components yum install bind bind-utils bind-libs bind-chroot caching-nameserver copy /etc/named.conf to /var/named/chroot/etc/edit /var/named/chroot/etc/named.conf Change listen-on port from 127.0.0.1; to any; Change allow-query from localhost; to any; Add forwarders { 1.2.3.4; 5.6.7.8; }; and forward only; to the options section […]

certification

HTTP/HTTPS — Deploy a basic CGI application

Posted on

The default apache configuration allows execution of CGI scripts in the /var/www/cgi-bin/ directory. This is controlled by the ExecCGI option for a specified directory. A good reference for this is at http://www.brennan.id.au/13-Apache_Web_Server.html#cgi An example of this is below     Options ExecCGI    SetHandler cgi-script Once a script is included in the target directory, it will begin […]