Switch to a Linux Terminal Server Project network environment

Posted on April 27th, 2009

Get your old computers working as UNIX terminals! Setup a Linux Terminal Server with LTSP on Ubuntu, and use it from a remote workstation!

Im sick of losing machines, and having to reinstall from scratch, so if all goes well on this project, I will be able to run my blade server without even thinkiing about how to set each one up, beyond configuring each blade to boot from the Lan instead of the local hard drive, and instead concentrate on maintaining just the one central server.

Before you cry Single Point Of Failure – and it is, my comeback is that instead of having to make each server resilient, I only have to harden the one, saving time effort, and computer resources. Backups are essential, so I will have a remote machine rsync essential data on a CRON schedule. I will also improve the resilience of the server itself. This can be accomplished by having a couple of spare ethernet interfaces, a bit of software RAID (mirroring the partitions) and optionally a redundant hot/warm spare or even offline server knocking about will do for my purposes =)

To get an LTSP server running on an existing system running Ubuntu, Kubuntu, Xubuntu (which has an LTSP install option) or even Edubuntu, which sets up LTSP by default, you will need to set up a static Ethernet interface where you will attach the thin clients, install two packages and run a single command.

On the server (it can be a desktop, but for this scenario lets call it the server) configure your static / spare interface for the thin clients to have
the IP 192.168.1.1, then follow the instructions below.

sudo apt-get install ltsp-server-standalone openssh-server

Create your Thin Client environment on the server with.

sudo ltsp-build-client

After that, you will be able to boot your first thin client. Note that
if you want to use another IP than the above, you need to edit the
/etc/ltsp/dhcpd.conf

file to match the IP values and restart the dhcp server. If the IP changes (shame on you for not using IP aliases with IP/MAC address takeover tut tut) after you have done the initial setup, run
sudo ltsp-update-sshkeys

to make the ssh server aware of the change.

nb The ltsp-utils package from universe (for dapper) is for a different ltsp version, installing them together will break, so I gather. Maybe worth avoiding that, unless you have a test machine you can experiment on.

Vyatta – open source router and firewall.

Posted on April 27th, 2009

The Vyatta open-source router firewall – Welcome to the Dawn of Open-Source Networking!

http://www.vyatta.com

If your network is growing, and you need to improve your networking skills, so you can convince your boss to commit sums of money on an expensive hardware solution – e.g. Cisco gear – try installing Vyatta linux natively onto a spare old pc with some network cards in, or use a vmware image.

Then you can practice setting up your network, however you please, all day long! =)

Apple OSX admin tips, running webmin, usermin and openSSL

Posted on April 27th, 2009

These are some notes I took whilst enabling remote https:// administration of my Mac running OSX. Webmin provides a nice web gui for administration of your server, but you would probably want to restrict access to localhost, a few known and trusted hosts, or IPs on the local lan subnet for security. In addition, using OpenSSL makes this a better solution, if you prefer a gui console or do not have access to ssh / command line. Newer versions will always come out, please check – and note that this information can only serve as a ‘rough guide’.

Some things you might find useful before we begin:
—-
Use NetInfo manager, authenticate and enable root user
http://forums.ionmac.com/lofiversion/index.php/t309.html

use
$ defaults write com.apple.finder ShowAllFiles -boolean YES
(instead of $ defaults write com.apple.finder ShowAllFiles True )

this is also cool
$ defaults write “Apple Global Domain” AppleScrollBarVariant DoubleBoth

—-
installing perl / Net_SSLeay for SSL access is easy – just visit http://www.webmin.com/osx.html and follow directions

These instructions, contributed by Kevin Capwell, will allow you to install webmin on any Apple Macintosh OS X server. The version that I was using is as follows:
Server: 10.3
Perl: 5.8.1-RC3 to see version open terminal,
$ cd /usr/bin, then type
$ perl –version
OpenSSL: 0.9.7b to see version open terminal,
$ cd /usr/bin, then type
$OpenSSL version

INSTALL DEVELOPER TOOLS (i.e. use OS X 10.3 XCode CD and update!)
1. Go to https://connect.apple.com/ and become a member of ADC – it’s free!
2. Click on ‘Download Software’.
3. Click on ‘Developer Tools’.
4. Download the Xcode Tools v1.0 and 1.0.1 update. As
of this writing download the Xcode CD is in 20 parts,
however, Xcode should come with your box copy of 10.3.
5. Click twice on the Xcode.dmg icon.
6. Click twice on the ‘Developer’ package.
7. Enter your administrator password when you are
prompted.
8. After selecting the drive to install the developer
tools, then click the ‘Customize’ button. Make sure
the check the BSD SDK option.
9. Perform the install.

INSTALL THE NET_SSLEAY.PM
1. Download and install the Perl Mod “Net::SSLeay”
2. Go to the web page
http://www.cpan.org/modules/by-module/Net/
3. Download the ‘Net_SSLeay.pm-1.25.tar.gz’. This version was tested with the perl and openssh that are installed with 10.3. In my case this is Perl 5.8.1 and
OpenSSL 0.9.7b (to see your versions look at the commands above)
4. I copied the Net_SSLeay.pm-1.25.tar.gz to /usr/local
5. tar -zxvf Net_ssleay.pm-1.25.tar.gz
6. cd Net_ssleay.pm-1.25
7. type ‘perl Makefile.PL -t’ (without the quotes builds and tests) You should see a successful install message
8. Issue the ‘sudo -s’ command (without the quotes) – enter your admin password. You should now see a root# prompt at the beginning of each line you type.
9. Type ‘make install’ (without the quotes).
10. If the command “perl -e ‘use Net::ssleay'” (without the “” quotes) doesn’t output any error message, then the ssl support that webmin needs is
properly installed.

INSTALL THE AUTHEN_PAM.PM
1. Download and install the Perl Mod “Authen::PAM”
2. Go to the web page
http://www.cpan.org/modules/by-module/Authen/
3. Download the ‘Authen-PAM-0.15.tar.gz’ file
4. I copied the Authen-PAM-0.15.tar.gz to /usr/local
5. tar -zxvf Authen-PAM-0.15.tar.gz
6. cd Authen-PAM-0.15
7. type ‘perl Makefile.PL -t’ (without the quotes builds and tests) You should see a successful install message
8. Issue the ‘sudo -s’ command (without the quotes) – enter your admin password. You should now see a root# prompt at the beginning of each line you type.
9. Type ‘make install’ (without the quotes).

INSTALL WEBMIN
1. Go to http://www.webmin.com/download.html
download the current Unix tar/gzip version.
2. I copied the webmin-1.340.tar.gz to /usr/local
3. tar -zxvf webmin-1.340.tar.gz
4. cd webmin-1.340
5. type ‘./setup.sh’ (without the quotes).
6. Accept defaults for config and log file directory (one return for each will do)..
7. Accept the default path to perl (it should test ok).
8. Accept the default port for webmin (port 10000).
9. Login name can be anything you want (the default is admin).
10. Login password can be anything you want. Then you will be asked to verify the password.
11. If you followed the instructions above correctly you will be prompted with ‘Use SSL (y/n):’ you can now answer Y. This will encrypt your connections with the Xserve.
12. Answer Y to Start Webmin at boot time.
13. After the install is complete, copy the file
pam-webmin to /etc/pam.d/webmin and re-start Webmin with /etc/webmin/stop ; /etc/webmin/start. This will enable PAM authentication, if you need it.
If everything installs correctly you will see ‘Webmin has been installed and started successfully. Use your web browser to go to:
https://:10000
and login with the name and password that you entered
previously.

INSTALL USERMIN
1. Go to http://www.webmin.com/udownload.html
download
the current Unix tar/gzip version.
2. I copied the usermin-1.270.tar.gz to /usr/local
3. tar -zxvf usermin-1.270.tar.gz
4. cd usermin-1.270
5. type ‘./setup.sh’ (without the quotes).
6. Accept defaults for config and log file directory (one return for each will do).
7. Accept the default path to perl (it should test ok).
8. Accept the default port for webmin (port 20000).
9. If you followed the instructions above correctly you will be prompted with ‘Use SSL (y/n):’ you can now answer Y. This will encrypt your connections with the Xserve.
10. After the install is complete, copy the file pam-usermin to /etc/pam.d/usermin and re-start Usermin with /etc/webmin/stop ; /etc/webmin/start. This will enable PAM authentication for all users who login.
Usermin is useful for changing passwords and (optionally) reading mail. It is a terrific user tool with security built in. I highly recommend that you
experiment with it for ease of use with your users.

Fujitsu SPARC servers

Posted on April 27th, 2009

If you a meaty Unix Server to run Solaris on have a look at Fujitsu SPARC Unix Servers – enterprise class!!

Of course, It probably wont be long until we are seeing Oracle branded servers…
(I, for one, welcome the new corporate overlords)

Solaris 10 developers edition

Posted on April 27th, 2009

If you want to try OpenSolaris out, download OpenSolaris and see this link about VMware tools for Solaris

old cpu’s

Posted on April 27th, 2009

Im still in the middle of restoring an old UNIX computer – for reasons most people cannot comprehend. I mean, what good can an old UNIX terminal be? What could you do with a 33MHz cpu, 96MB of ram, 500MB of hard drive and a full 24bit 3D graphics subsystem (apart from spin polygons and play dogfight long before PCs even knew what 2D graphics were…?)

Well, just to remind ourselves, these are the pc processors which we all thought were really up to date at the time =)

The Red Hill CPU guide
http://redhill.net.au/c/c-4.html

How to install a Linux virus – 7 steps

Posted on April 27th, 2009

Basic Installation
==================

Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to `allow everything’..

1. Put the attachment into the appropriate directory eg. /usr/src
2. Type `tar xvzf evilmalware.tar.gz’ to extract the source files for this virus.
3. `cd’ to the directory containing the virus’s source code and type`./configure’ to configure the virus for your system.If you’re using `csh’ on an old version of System V, you might need to type `sh ./configure’ instead to prevent `csh’ from trying to execute `configure’ itself.
4. Type `make’ to compile the package. You may need to be logged in as root to do this.
5. Optionally, type `make check_payable’ to run any self-tests that come with the virus, and send a large donation to an unnumbered Swiss bank account.
6. Type `make install’ to install the virus and any spyware, trojans pornography, penis enlargement adverts and DDoS attacks that come with it.
7. You may now configure your preferred malware behaviour in /etc/evilmalware.conf .

(Cheers to Mike Walker for sending me this humorous article!)

Obtaining, Trying and Installing Linux

Posted on April 27th, 2009

You can purchase Linux CD’s from the internet if you have a slow connection, have trouble downloading your fave distro or dont want to mess about burning install CD’s yourself.

Buy Linux CD’s

Note that buying a CD does not mean that you are supporting that particular distribution, as the proceeds will likely go to the vendor who creates the CDs for their materials and labour. If you want to support a distribution financially, visit their website and look to see if there is a donate / merchandise store link. =)

However, you might want to reconsider downloading the distribution as you will get a more upto date revision, and you may find that some flavours of linux e.g. Ubuntu, Slax and Gentoo for starters allow you to run or install linux from a USB memory stick.

Other flavours may even allow you to download linux via bittorrent, such as BlueOnyx. You may wish to try several flavours before you select a particular one, as for example BlueOnyx is a great Server appliance distribution, but people who want to use linux on a single machine may well find that a Desktop edition is more tailored to their needs, e.g. Ubuntu, Kubuntu, Suse

Windows XP on a USB Flash drive

Posted on April 27th, 2009

Before you install Win7, why not get a USB flash memory device, and make it a Windows XP bootable stick? (and an external USB hard drive to backup your data whilst at it?)

That way, if you have any trouble at all running a new installation of Windows 7 – you can always start the machine up and access your stuff?

Howto make a Windows XP bootable usb flash memory drive – c/o Tom’s Harware

Its also a good way to play with other OS’es, such as Linux

Take a look at http://www.pendrivelinux.com/

Disk drive partitioning tools

Posted on April 27th, 2009

If you are looking for a modern replacement for PowerQuest’s Partition Magic (which I once used religiously from version 3.0 upwards) then checkout gparted.

Screenies on there as well :o)