Have you ever thought to restrict login access to a linux server for security reasons?
One way is to delete any accounts who do not require. But for some reason we can not delete the accounts, because it needed for authentication such as POP3/IMAP.
Well, there's one more way to limit logins without the need to remove users from the system, namely restricting ssh access. How do we do?. We need to edit the OpenSSH configuration file.
[root@snowy ~]# vim /etc/ssh/sshd_config
to allow only user1 and user2, add the the directive 'AllowUser', example
AllowUsers user1 user2
or allow group1 and group2:
AllowGroups group1 group2
to block user user1 and user2, use 'DenyUsers'L
DenyUsers user1 user2
or deny group1 and group2
DenyGroups group1 group2
Save the file and restart the SSHD, assuming we use RHEL or Fedora:
[root@snowy ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
Try login after that.
Tuesday, November 4, 2008
Monday, November 3, 2008
Argument list too long
Pernahkah mengalami hal seperti di bawah ini?:
[root@snowy clientmqueue]# rm -f *
-bash: /bin/rm: Argument list too long
Argument apa yg dimaksud?... oh ternyata perintah rm, mv ... dan lainnya (blum coba) punya batasan jumlah file yang bisa di handle. Perkiraan saya adalah 65535 (perlu dibuktikan).
Well, lupakan dulu itu, saya sedang diburu waktu karena file file ngga penting di /var/spool/clientmqueue ternyata menghabiskan space di /var dan bikin aplikasi laen tidak bisa nulis ke direktori itu misalkan syslog, php session etc.
Apa yang harus saya lakukan?. Insting saya mengatakan kita harus baca filenya satu persatu lalu menghapusnya. Ok let's do it (carefully!).
Ok kita coba testing dulu tanpa melakukan delete
cd /var/spool/clientmqueue/
ls -1|while read myfile; do echo $myfile; done
hasilnya:
[root@snowy clientmqueue]# ls -1|while read myfile; do echo $myfile; done
dfk21NE7J8006097
dfk22L2M7P012934
dfk23L27p3009736
dfk24L2KuP029846
dfk25L2Btp009903
dfk26L25hh025984
dfk27L27bF007017
dfk28L2633019792
^C
Sukses!!!.
ok kita tambahkan rm -f di perintah tadi:
[root@snowy clientmqueue]# ls -1|while read myfile;do echo $myfile;rm -f $myfile;done
Selesai!.
[root@snowy clientmqueue]# rm -f *
-bash: /bin/rm: Argument list too long
Argument apa yg dimaksud?... oh ternyata perintah rm, mv ... dan lainnya (blum coba) punya batasan jumlah file yang bisa di handle. Perkiraan saya adalah 65535 (perlu dibuktikan).
Well, lupakan dulu itu, saya sedang diburu waktu karena file file ngga penting di /var/spool/clientmqueue ternyata menghabiskan space di /var dan bikin aplikasi laen tidak bisa nulis ke direktori itu misalkan syslog, php session etc.
Apa yang harus saya lakukan?. Insting saya mengatakan kita harus baca filenya satu persatu lalu menghapusnya. Ok let's do it (carefully!).
Ok kita coba testing dulu tanpa melakukan delete
cd /var/spool/clientmqueue/
ls -1|while read myfile; do echo $myfile; done
hasilnya:
[root@snowy clientmqueue]# ls -1|while read myfile; do echo $myfile; done
dfk21NE7J8006097
dfk22L2M7P012934
dfk23L27p3009736
dfk24L2KuP029846
dfk25L2Btp009903
dfk26L25hh025984
dfk27L27bF007017
dfk28L2633019792
^C
Sukses!!!.
ok kita tambahkan rm -f di perintah tadi:
[root@snowy clientmqueue]# ls -1|while read myfile;do echo $myfile;rm -f $myfile;done
Selesai!.
Tuesday, October 28, 2008
Create Yum Repositories
YUM stands for Yellow Dog Updater, Modified is a tool used to handle package management linux distribution.
You may never have dependencies on other packages when you want to install an rpm package. You then have to install one by one package which may also have individual dependencies on other packages again. Well, here's where you need yum to work for you, simply type:
yum install
Voila, all dependencies resolved. Installation went smoothly with only a single command.
Well, suppose you have just installed a linux system with a minimalist package because of limited space or you want a slim server. Say you as a developer so you simply install the development packages, editor and http packets, and then decides to make Yum repositories at one another webserver to be able to add the package at a later time using Yum.
Langkah-langkah yang bisa anda lakukan untuk membuat Yum repositories:
- make a directory where the files will be saved rpm distribution. For example your web server's document root is / var / www / html:
- copy the contents of the CD RHEL5 rpm
- download source application createrepo from http://createrepo.baseurl.org/download/, direct install:
- enter the directory / var/www/html/rhel5/Server and run createrepo
- Yum repositories ready
Return to your new Linux system pre-installed, create the file /etc/yum.repos.d/RHEL-os.repo. Example configuration (adjust to your conditions):
[rhel-os]
name=Red Hat Enterprise Linux OS
baseurl=http://10.10.10.10/rhel5/Server/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Good luck
You may never have dependencies on other packages when you want to install an rpm package. You then have to install one by one package which may also have individual dependencies on other packages again. Well, here's where you need yum to work for you, simply type:
yum install
Voila, all dependencies resolved. Installation went smoothly with only a single command.
Well, suppose you have just installed a linux system with a minimalist package because of limited space or you want a slim server. Say you as a developer so you simply install the development packages, editor and http packets, and then decides to make Yum repositories at one another webserver to be able to add the package at a later time using Yum.
Langkah-langkah yang bisa anda lakukan untuk membuat Yum repositories:
- make a directory where the files will be saved rpm distribution. For example your web server's document root is / var / www / html:
- cd /var/www/html
- mkdir -p rhel5/Server
- copy the contents of the CD RHEL5 rpm
- cp /mnt/cdrom/Server/*.rpm rhel5/Server
- download source application createrepo from http://createrepo.baseurl.org/download/, direct install:
- rpm --rebuild createrepo-0.4.11-1.src.rpm
- rpm -ivh /usr/src/redhat/RPMS/noarch/createrepo-0.4.11-1.noarch.rpm
- enter the directory / var/www/html/rhel5/Server and run createrepo
- cd /var/www/html/rhel5/Server
- createrepo .
- Yum repositories ready
Return to your new Linux system pre-installed, create the file /etc/yum.repos.d/RHEL-os.repo. Example configuration (adjust to your conditions):
[rhel-os]
name=Red Hat Enterprise Linux OS
baseurl=http://10.10.10.10/rhel5/Server/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Good luck
Subscribe to:
Posts (Atom)