This article will deal with installation and configuration of WebDAV server on Ubuntu Linux. WebDAV stands for Web Distributed Authoring and Versioning and allows connected users the edit and share data online via the HTTP protocol. This makes WebDAV a popular choice for developers when combined, for example, with Subversion or OpenLink Virtuoso. WebDAV is supported by number of clients ranging from davfs2, which makes it possible to mount the WebDAV's data storage to include into the local filesystem. This can be done with the mount command to various GUI applications with the native WebDAV support such as Nautilus, konqueror, etc. Futhermore, in this guide we will combine WebDAV with the Apache2 server.
In this section I would like to describe a scenario used in this tutorial. WebDAV can be very flexible service, which allows for number of configuration settings and scenarios. In this WebDAV tutorial we will start with the simplest basic startup WedDAV configuration and from there we will build it up to fit more complex environment. You can think of WebDAV as a HTTP extension for your existing website configuration. Normally, you may already have your apache website up and running. Thus, in that case, all you need to do to in order to include the WevbDAV service is to:
- create additional upload data directory to use by WebDAV
- configure your existing apache2 virtual host file
However, in this guide we will start from scratch starting from apache2 installation, virtual host creation, etc. Therefore, feel free to skip to any section most appropriate to your configuration requirement.
Read more ...
Introduction and concepts
Every system administrator I know develops in time the habit of putting together a toolbox where, as time passes, many useful pieces of software get added up, as the recurrent need arises. Please do not imagine this in the most classical of the sense, as this is not about a carpenter's toolkit, nor a mechanic's toolbox. It usually is a CD portfolio with live CDs, installable most-used distributions, vendor-specific tools and whatever not. Of the (indispensable) live CDs, one usually sees in the aforementioned toolbox a disk cloning item. What does it do? It helps a tremendous amount when you need to save and restore a hard disk, operating system included, and by save I mean 1/1 copy with the possibility of restoring in a few minutes, despite the ever-increasing size of the hard drives offered by the market today, where the terabyte becomes more and more common.
Such software exists, and indeed it makes the lives of admins and users alike much easier and efficient. Unfortunately, companies tried to impose their own proprietary disk image formats, so that restoring could be possible only by using their tools. Fortunately, there is a FOSS solution that deals with this, offering a very efficient live CD and server for download, and that is Clonezilla, which we'll talk about today. You are expected to have some knowledge on how disks work, networking and system administration. We will treat more advanced subjects a bit later on, but all you need to know if you are a beginner in those matters is right here.
Read more ...
As a Linux system administrator you will be required to manage user accounts. This can be done by adding or removing user logins or simply by temporarily or permanently disabling an entire account while leaving the user's profile and files intact. This article describes a few ways on how to disable the user account in the Linux operating system.
Shadow file modification
The easiest way to disable the user account is to modify a /etc/shadow file, which is responsible for holding encrypted passwords for users listed /etc/passwd. Here is a typical user entry found in the /etc/shadow file:
Read more ...
Any decent Linux distribution comes with an installation option to automatically encrypt user's home directory. In case you do not wish to encrypt the entire home directory or perhaps you wish to encrypt some random directories on your Linux system you can use EncFS the FUSE-based cryptographic filesystem. EncFS will allow you to encrypt and decrypt any directory in a matter of seconds. It will reside on top of your current filesytem and provide access to any EncFS encrypted directory only upon entering a correct predefined password. This short tutorial will show you how to encrypt and decrypt your directories with the EncFS cryptographic filesystem.
Let's assume that you are a heavy Laptop user traveling from one place to another. You also use ssh quite often and so you have generated ssh keypair. For your convenience you even generated a private key without using a pass-phrase ( never good idea ). Furthermore, you have copied you public ssh key to multiple servers for an easy access. The problem with this scenario is that once someone gets hold of your Laptop s/he gets instantly access to all servers using you private ssh key. In this article we will show you how to encrypt your .ssh directory and avoid such problem.
Read more ...
If you've ever been in charge of a network you've definitely had the need for a secure remote connection. Maybe you just need to keep an eye on employees or kids. Doing so can be a hassle to some while crossing networks and subnets. On top of that, many businesses may have Internet but no DHCP to more protected machines. Many do this to network machines while keeping employees from surfing the Web. Whatever the case, Linux has many great tools to enable remote encrypted GUI administration. Even better, we will get everything we need for free for accessing a Linux or Windows client.
You should have root privileges on the machine you wish to monitor from as well as on the clients. You are not required to have administrator rights on a Windows client if you can at least enable remote desktop. To follow this tutorial you can use virtual machines if you do not have physical clients to test on. As long as you have the rights above and an IP address you should be fine.
While I've already mentioned legitimate purposes for this tutorial, it can be abused. The purpose of this writing is to help people network their own machines. Please use this information for legal monitoring of clients only!
Setting up our host
The first thing you should do is download the necessary packages with apt-get, if you're on Debian or derivatives:
# apt-get install xrdp openssh-server
After that we need to do some configuration to make sure our ssh server runs correctly. In a terminal type "ssh-keygen" to create the rsa keys for encryption. You will see some ascii art go by and then it's done. Most likely your rsa keys will be stored in /home//username/.ssh/ if you ever need to find them.
Read more ...