Download Blue Lines and Gradients

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Server Message Block wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Lag wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Transcript
Lecture 8
Linux Services Configuration
Objectives
• Configuring Telnet
• Configuring SSH
• Configuring DNS
• Configuring LAMP applications
• Configuring FTP server
Telnet
Telnet
Telnet is a network protocol used on the Internet or local area networks to provide a
bidirectional interactive text-oriented communication facility using a virtual terminal
connection.
The term telnet may also refer to the software that implements the client part of the
protocol. Telnet client applications are available for virtually all computer platforms.
Telnet is a program that allows users to log into your server and get a command prompt
just as if they were logged into the VGA console. The Telnet server RPM is installed
and disabled by default on Fedora Linux.
One of the disadvantages of Telnet is that the data is sent as clear text. This means that it
is possible for someone to use a network analyzer to peek into your data packets and
see your username and password. A more secure method for remote logins would be
via Secure Shell (SSH) which uses varying degrees of encryption.
Telnet
Using Telnet
The command to do remote logins via telnet from the command line is simple. You enter
the word telnet and then the IP address or server name to which you want to connect.
Here is an example of someone logging into a remote server named 192.168.1.74 from a
debian remote machine. The user looks at something like this:
SSH
SSH ("Secure SHell") is a protocol for securely accessing one computer from another.
Despite the name, SSH allows you to run command line and graphical programs,
transfer files, and even create secure virtual private networks over the Internet.
To use SSH, you will need to install an SSH client on the computer you connect from, and
an SSH server on the computer you connect to. The most popular Linux SSH client
and Linux SSH server are maintained by the OpenSSH project.
The OpenSSH client is included in Ubuntu by default.
Using ssh:
The command to do remote logins via ssh from the command line is simple. You enter the
word ssh and then the username you want to long in as followed by a '@' sign and IP
address or server name to which you want to connect.
SSH
Here is an example of someone logging into a remote server named 192.168.1.74 from a
debian remote machine. The user looks at something like this:
DNS
Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain
names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses.
Computers that run DNS are called name servers. Ubuntu ships with BIND (Berkley Internet Naming
Daemon), the most common program used for maintaining a name server on Linux.
Installation
At a terminal prompt, enter the following command to install dns:
sudo apt-get install bind9
Configuration
There are many ways to configure BIND9. Some of the most common configurations are a caching
nameserver, primary master, and as a secondary master.
•
When configured as a caching nameserver BIND9 will find the answer to name queries and remember
the answer when the domain is queried again.
•
As a primary master server BIND9 reads the data for a zone from a file on it's host and is authoritative
for that zone.
•
In a secondary master configuration BIND9 gets the zone data from another nameserver authoritative
for the zone.
DNS
The DNS configuration files are stored in the /etc/bind directory. The primary configuration file
is /etc/bind/named.conf. The include line specifies the filename which contains the DNS options.
The directory line in the /etc/bind/named.conf.options file tells DNS where to look for files. All files BIND uses
will be relative to this directory.
The file named /etc/bind/db.root describes the root nameservers in the world. The servers change over time, so
the /etc/bind/db.rootfile must be maintained now and then. This is usually done as updates to
the bind9 package. The zone section defines a master server, and it is stored in a file mentioned in
the file option.
It is possible to configure the same server to be a caching name server, primary master, and secondary master. A
server can be the Start of Authority (SOA) for one zone, while providing secondary service for another zone. All
the while providing caching services for hosts on the local LAN.
Logging - BIND9 has a wide variety of logging configuration options available. There are two main options.
The channel option configures where logs go, and the category option determines what information to log. If no
logging option is configured the default option is:
logging {
category default { default_syslog; default_debug; };
category unmatched { null; };
};
LAMP
LAMP installations (Linux + Apache + MySQL + PHP/Perl/Python) are a popular setup for Ubuntu servers. There is
a plethora of Open Source applications written using the LAMP application stack. Some popular LAMP
applications are Wiki's, Content Management Systems, and Management Software such as phpMyAdmin.
One advantage of LAMP is the substantial flexibility for different database, web server, and scripting languages.
Popular substitutes for MySQL include PostgreSQL and SQLite. Python, Perl, and Ruby are also frequently
used instead of PHP. While Nginx, Cherokee and Lighttpd can replace Apache.
The fastest way to get started is to install LAMP using tasksel. Tasksel is a Debian/Ubuntu tool that installs multiple
related packages as a co-ordinated "task" onto your system. To install a LAMP server type in the following
command in the terminal promp: sudo tasksel install lamp-server
After installing it you'll be able to install most LAMP applications in this way:
•
Download an archive containing the application source files.
•
Unpack the archive, usually in a directory accessible to a web server.
•
Depending on where the source was extracted, configure a web server to serve the files.
•
Configure the application to connect to the database.
•
Run a script, or browse to a page of the application, to install the database needed by the application.
•
Once the steps above, or similar steps, are completed you are ready to begin using the application.
LAMP
A disadvantage of using this approach is that the application files are not placed in the file
system in a standard way, which can cause confusion as to where the application is
installed. Another larger disadvantage is updating the application. When a new version
is released, the same process used to install the application is needed to apply
updates.
Fortunately, a number of LAMP applications are already packaged for Ubuntu, and are
available for installation in the same way as non-LAMP applications. Depending on
the application some extra configuration and setup steps may be needed, however.
FTP
File Transfer Protocol (FTP) is a TCP protocol for downloading files between computers. In the past, it has
also been used for uploading but, as that method does not use encryption, user credentials as well as
data transferred in the clear and are easily intercepted. So if you are here looking for a way to upload
and download files securely, see the section on OpenSSH instead.
FTP works on a client/server model. The server component is called an FTP daemon. It continuously listens
for FTP requests from remote clients. When a request is received, it manages the login and sets up the
connection. For the duration of the session it executes any of commands sent by the FTP client.
Access to an FTP server can be managed in two ways: Anonymous and Authenticated
In the Anonymous mode, remote clients can access the FTP server by using the default user account called
"anonymous" or "ftp" and sending an email address as the password. In the Authenticated mode a user
must have an account and a password. This latter choice is very insecure and should not be used
except in special circumstances. If you are looking to transfer files securely see SFTP in the section on
OpenSSH-Server. User access to the FTP server directories and files is dependent on the permissions
defined for the account used at login. As a general rule, the FTP daemon will hide the root directory of
the FTP server and change it to the FTP Home directory. This hides the rest of the file system from
remote sessions.
vsftpd - FTP Server Installation - vsftpd is an FTP daemon available in Ubuntu. It is easy to install,
set up, and maintain. To install vsftpd you can run the following command: sudo apt-get install
vsftp