File Server

Ubuntu 12.04 Samba Standalone Server With tdbsam Backend

The installation of a Samba fileserver on Ubuntu 12.04 and how to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. not issue any guarantee that this will work for you.

1 Preliminary Note

an Ubuntu 12.04 system here with the hostname server1.example.com and the IP address 192.168.0.100

running all the steps in this tutorial with root privileges, so make sure you’re logged in as root

sudo su

2 Installing Samba

Connect the server on the shell and install the Samba packages

apt-get install libcups2 samba samba-common

Edit the smb.conf file

vi /etc/samba/smb.conf

remove the “#” at the beginning of the line security = user in the below

[...]
# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
# in the samba-doc package for details.

 Continue reading “Ubuntu 12.04 Samba Standalone Server With tdbsam Backend” »

Be the first to comment - What do you think?  Posted by Aniruddh - August 9, 2012 at 12:01 am

Categories: File Server, Ubuntu   Tags:

Fedora 17 Samba Standalone Server With tdbsam Backend

This guide  explains the installation of a Samba fileserver on Fedora 17 and  to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. In the resulting setup, every user has his own home directory accessible via the SMB protocol and all users have a shared directory with read-/write access.

1 Preliminary Note

a Fedora 17 system here with the hostname server1.example.com and the IP address 192.168.0.100

SELinux should be  disabled

Edit /etc/selinux/config and set SELINUX=disabled
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
must reboot the system
reboot

2 Installing Samba

Connect server on the shell and install the Samba packages

yum install cups-libs samba samba-common

Edit the smb.conf file

vi /etc/samba/smb.conf

see the following lines in the [global] section

[...]
# ----------------------- Standalone Server Options ------------------------
#
# security = the mode Samba runs in. This can be set to user, share
# (deprecated), or server (deprecated).
#
# passdb backend = the backend used to store user information in. New
# installations should use either tdbsam or ldapsam. No additional configuration
# is required for tdbsam. The "smbpasswd" utility is available for backwards
# compatibility.
#

        security = user
        passdb backend = tdbsam


 Continue reading “Fedora 17 Samba Standalone Server With tdbsam Backend” »

Be the first to comment - What do you think?  Posted by Aniruddh - August 8, 2012 at 11:31 pm

Categories: Fedora, File Server   Tags:

How To Configure PureFTPd To Accept TLS Sessions On Debian Lenny

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to configure PureFTPd to accept TLS sessions on a Debian Lenny server.

1 Preliminary Note

a working PureFTPd setup on your Debian Lenny server, e.g. as shown in this tutorial: Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On Debian Lenny.

2 Installing OpenSSL
OpenSSL is needed by TLS; to install OpenSSL

aptitude install openssl

3 Configuring PureFTPd

If you want to allow FTP and TLS sessions, run

[ccINb_bash width="700"]
echo 1 > /etc/pure-ftpd/conf/TLS

If you want to accept TLS sessions only (no FTP), run

echo 2 > /etc/pure-ftpd/conf/TLS

To not allow TLS at all (only FTP), either delete /etc/pure-ftpd/conf/TLS or run

echo 0 > /etc/pure-ftpd/conf/TLS

4 Creating The SSL Certificate For TLS

In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first

mkdir -p /etc/ssl/private/

Continue reading “How To Configure PureFTPd To Accept TLS Sessions On Debian Lenny” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 30, 2011 at 8:17 pm

Categories: Debian, File Server   Tags:

Ubuntu 11.04 Samba Standalone Server With tdbsam Backend

The installation of a Samba fileserver on Ubuntu 11.04 and how to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. In the resulting setup, every user has his own home directory accessible via the SMB protocol and all users have a shared directory with read-/write access.

1 Preliminary Note

an Ubuntu 11.04 system here with the hostname server1.example.com and the IP address 192.168.0.100

logged in as root

sudo su

2 Installing Samba

Connect to your server on the shell and install the Samba

apt-get install libcups2 samba samba-common

Edit the smb.conf file

vi /etc/samba/smb.conf

Close the file and restart Samba

/etc/init.d/smbd restart

3 Adding Samba Shares
dd a share that is accessible by all users

Continue reading “Ubuntu 11.04 Samba Standalone Server With tdbsam Backend” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 18, 2011 at 1:44 pm

Categories: File Server, Ubuntu, Web Server   Tags:

Setting Up ProFTPd + TLS On Debian Squeeze

The whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on a Debian Squeeze server. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS

1 Preliminary Note
use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

2 Installing ProFTPd And OpenSSL
to install ProFTPd and OpenSSL

apt-get install proftpd openssl

For security reasons

vi /etc/proftpd/proftpd.conf

3 Creating The SSL Certificate For TLS

mkdir /etc/proftpd/ssl

generate the SSL certificate

Continue reading “Setting Up ProFTPd + TLS On Debian Squeeze” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 17, 2011 at 1:29 pm

Categories: Debian, File Server   Tags:

Restricting Users To SFTP Plus Setting Up Chrooted SSH/SFTP (Debian Squeeze)

how to give users chrooted SSH and/or chrooted SFTP access on Debian Squeeze. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to restrict users to SFTP so that they cannot use SSH.

1 Preliminary Note
use the user falko here with the home directory /home/falko. The user falko belongs to the group users. I want to chroot the user to the /home directory.

2 Installing OpenSSH

apt-get install ssh openssh-server

3 Enabling Chrooted SFTP

vi /etc/ssh/sshd_config

root-owned directories that are not writable by any other user or group

man 5 sshd_config

Restart OpenSSH

/etc/init.d/ssh restart

change the permissions of each home directory

chmod 700 /home/falko

4 Enabling Chrooted SSH

find out what libraries a tool needs by using the ldd command

ldd /bin/bash

to install some prerequisites

apt-get install sudo debianutils coreutils

Continue reading “Restricting Users To SFTP Plus Setting Up Chrooted SSH/SFTP (Debian Squeeze)” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 14, 2011 at 2:26 am

Categories: Debian, File Server   Tags:

Setting Up ProFTPd + TLS On Ubuntu 11.04 (Natty Narwhal)

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on an Ubuntu 11.04 server.

1 Preliminary Note
run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su

2 Installing ProFTPd And OpenSSL
to install ProFTPd and OpenSSL

apt-get install proftpd openssl

For security reasons

vi /etc/proftpd/proftpd.conf

3 Creating The SSL Certificate For TLS
to use TLS

mkdir /etc/proftpd/ssl

generate the SSL certificate

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem
Country Name (2 letter code) [AU]: < -- Enter your Country Name (e.g., "DE").
State or Province Name (full name) [Some-State]: <-- Enter your State or Province Name.
Locality Name (eg, city) []: <-- Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []: <-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, YOUR name) []: <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []: <-- Enter your Email Address.

Continue reading “Setting Up ProFTPd + TLS On Ubuntu 11.04 (Natty Narwhal)” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 10, 2011 at 9:52 pm

Categories: File Server, Ubuntu   Tags:

Setting Up vsftpd + TLS On Debian Squeeze

This article explains how to set up vsftpd with TLS on a Debian Squeeze server. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure

1 Preliminary Note

The hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

2 Installing vsftpd And OpenSSL

OpenSSL is needed by TLS; to install vsftpd and OpenSSL

apt-get install vsftpd openssl

3 Creating The SSL Certificate For TLS

I create it in /etc/ssl/private – if the directory doesn’t exist

mkdir -p /etc/ssl/private chmod 700 /etc/ssl/private

generate the SSL certificate

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout

/etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

Country Name (2 letter code) [AU]: <– Enter your Country Name (e.g., “DE”).
State or Province Name (full name) [Some-State]: <– Enter your State or Province Name.
Locality Name (eg, city) []: <– Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <– Enter your Organization Name (e.g., the name of your company).

Continue reading “Setting Up vsftpd + TLS On Debian Squeeze” »

Be the first to comment - What do you think?  Posted by Aniruddh - November 2, 2011 at 12:21 am

Categories: Debian, File Server   Tags:

NFS Server Setup on CentOS

NFS (Network File System) server allows to share local disk with other computers in the network, wherein a specific directory is exported from the server and any client who has access to the server (NFS access control list) can mount the exported directory and work as if it were local disk.

This requires at least 2 machines with CentOS install in order to configure NFS server and Client.

1. This document will use following server and client machines

NFS Server: srv.yourdomain.com

IP Address: 10.0.1.1

NFS Client: clnt.yourdomain.com

IP Address: 10.0.1.2

Continue reading “NFS Server Setup on CentOS” »

Be the first to comment - What do you think?  Posted by Aniruddh - February 24, 2009 at 7:16 am

Categories: CentOS, File Server, Linux   Tags: