How to configure ssh server in RHEL,Centos,Fedora ?

How to configure ssh server in RHEL,Centos,Fedora?

Step 1:-  First Install openssh client and server In RHEL,Centos,Fedora via yum .Run below command in terminal .

yum -y install openssh-server openssh-clients

Step 2:-  Now verify openssh rpm installed successfully or not .Run below command in terminal .

rpm -qa openssh*


Step3:-  Now go to /etc/ssh directory and edit sshd_config.

vi /etc/ssh/sshd_config

By Default root login enable in ssh.

PermitRootLogin yes 

Change it like below

PermitRootLogin no


 AllowUsers rahul pooja

Uncommet port 22  like below

 port 22

save and exit Press Esc key and type below command

:wq!

Step4:-  Create two users rahul and pooja.

              useradd rahul
              useradd pooja

              Set password of rahul and pooja.
              Run below command

              passwd rahul

enter password of rahul then Press enter and again type same password and press enter

same as follow for pooja user.
passwd pooja

Step5:- now restart ssh service .Run below command in terminal.

                service sshd restart

configure ssh service to start automatically during the system startup on runlevel 3 and 5 .Run below command in terminal.
 
chkconfig --level 35 sshd on


Step 6:-  Open 22 port for ssh server via iptables.Run below command in terminal.

  /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

To save rule in iptables permanently.Run below command in terminal.

service iptables save


Step 7:-  Login via users rahul and pooja.Run below command in terminal.

               ssh rahul@ip of your ssh server

               ssh -l pooja ip of your ssh server.




 

               

The exportfs Command in NFS Server.

The Main Advantage of exportfs commands the /usr/sbin/exportfs command allows the root user to selectively export or unexport directories without restarting the NFS service.
The following is a list of commonly used options available for exportfs command-
-r — Causes all directories listed in /etc/exports to be exported by constructing a new export list in /etc/lib/nfs/xtab. This option effectively refreshes the export list with any changes that have been made to /etc/exports.
-a — Causes all directories to be exported or unexported, depending on what other options are passed to /usr/sbin/exportfs. If no other options are specified, /usr/sbin/exportfs exports all file systems specified in /etc/exports.
-i — Ignores /etc/exports; only options given from the command line are used to define exported file systems.
-u — Unexports all shared directories. The command /usr/sbin/exportfs -ua suspends NFS file sharing while keeping all NFS daemons up. To reenable NFS sharing, type exportfs -r.

-v — Verbose operation, where the file systems being exported or unexported are displayed in greater detail when the exportfs command is executed.
eg.
exportfs -rav

Note:-When the nfs service starts or stop, the /usr/sbin/exportfs command launches and reads this file, and passes to rpc.mountd and rpc.nfsd the file systems available to remote users.

Soft vs. Hard Mounting in NFS Server.

Soft Mounting-
If a file request fails, the NFS client will report an error to the process on the client machine requesting the file access. Some programs can handle this with composure, most won't. We do not recommend using this setting; it is a recipe for corrupted files and lost data. You should especially not use this for Mail Server.
If you want to use soft mounting.use timeo option with it.,the timeo option to set a timeout interval, in tenths of a second.
e.g.
mount -o soft,timeo=300 rahul:/home /mnt/rahulhome

Hard Mounting-

The program accessing a file on a NFS mounted file system will hang when the server crashes. The process cannot be interrupted or killed (except by a "sure kill") unless you also specify intr. When the NFS server is back online the program will continue undisturbed from where it was. We recommend using hard,intr on all NFS mounted file systems.

Picking up the from previous example, the fstab entry would now look like:
# device mountpoint fs-type options dump fsckord

rahul.pooja.com:/home /mnt/rahulhome nfs rw,hard,intr 0 0

NFS (Network File System) Server Configuration.

Step 1:- Make a Directory which you want to share by NFS Server.
e.g. i want to share a directory who's name is mydata which is on / .

mkdir /mydata
mkdir /rahul
mkdir /sale

Step2:- NFS server configuration

vi /etc/exports

/mydata *.rahul.com(ro,sync)
or
/rahul 192.168.0.0/255.255.255.0(rw,async)
or
/sale *(rw)


Press ESC key

:wq!

Where ro — Mounts of the exported file system are read-only.
rw — Mounts of the exported file system are read-write.
async-Allows the server to write data at non-regular intervals. This setting works best if the exported file system is read-only. If the exported file system is read/write and hosts are making changes to the file system when the server crashes, data can be lost.
sync-option, all file writes are committed to the disk before the write request by the client is completed.

*.rahul.com- This is called wildcard option.It allow to access allow /mydata to it.rahul.com and sale.rahul.com or anything before rahul.com.

192.168.0.0/255.255.255.0- It share /rahul for entire subnet of 192.168.0.
/sale *(rw)- It share /sale directory for any type of domain,subnet or ip address.




Step2:- Now start NFS services

1. service portmap start
2. service nfs start

For permanent start NFS services
3. chkconfig --level 35 portmap on

4. chkconfig --level 35 nfs on

Step3 :- showmout
To Verify NFS server directories has been shares successful or not .
showmout -e rahul
OR

showmout -e ip address of nfs server.


Step 4:- Temporary Mouting share at client
Create a directory for access NFS server's data.
e.g. /nfsdata

mkdir -p /mnt/nfsdata

mount 192.168.0.120:/mydata /mnt/nfsdata

OR

mount -t nfs 192.168.0.120:/mydata /mnt/nfsdata

Where 192.168.0.120 is my NFS Server's Ip address .my data is my NFS server's directory and nfsdata is directory at client in /mnt .


Step 5:- For Permanent Mounting at client.

vi /etc/fstab

mount -t nfs 192.168.0.120:/mydata /mnt/nfsdata nfs defaults 0 0

Press ECS key

:wq!

Step 5a:- Hot initialize fstab (without restart client) .
mount -a


Step 5b:- To access NFS server's data at NFS Client.

cd /mnt/nfsdata

Some useful common yum commands .

Some YUM Commands Explanations
1. yum list List all available packages
2. yum list http* List all packages starting with "http"
3. yum check-update Check for available updates
4. yum update Update all available packages
5. yum update samba* Update only the samba packages
6. yum install httpd Install the httpd package
7. yum install xmms wine Install both the xmms and wine packages
8. yum -y install httpd Install package (answering yes to all questions)
9. yum provides httpd.conf List package name that provides the "httpd.conf" file
10. yum clean all Removes cached packages and RPM headers from system
11.yum remove http* Uninstalls all packages starting with "http"
12. /etc/init.d/yum start Start the nightly updating service
13. chkconfig yum on Enabling yum service on runlevels
14. yum list >> yumlist.txt Save List of all available packages into yum.txt
15. kill -9 pid of yum server Stop yum Server.
16. man yum Man page for more information about yum server
17.yum whatprovides /etc/passwd Find out what provides the /etc/passwd file.
18.yum yum grouplist Display list of group software.
19.yum groupinstall "Development Tools" Install all 'Development Tools'group packages
20.yum groupremove "Development Tools" Remove all 'Development Tools' group packages

Yum online Package Installation.

Dear ! All,
You can install other Repositories for e.g. if u r using Fedore core 8 open terminal give ip add & Dns, gateway according ur ISP then type below command. To Install & use livna server's Rpm's
To Install Livna's Repositories
rpm -ivh http://rpm.livna.org/livna-release-8.rpm
Now u r ready to install any rpm which are availabe on livna server.
e.g. u want to install xmms and samba from yum server
open terminal then type
1. yum install xmms*
2. yum install samba*
It will take few time to search & install.To installation Press Y
You can also rpmfusion Repositories for install rpmfusion's RPMs.
For Fedora 8, 9 or 10
rpm -ivh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm
For RHEL5 or CentOS
rpm -ivh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-nonfree-release-5-0.1.noarch.rpm

For Fedora Alpha, Beta, Preview, Rawhide, RC, Snapshot aka. Fedora 11:-
rpm -ivh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-rawhide.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-rawhide.noarch.rpm

To Save Yum Package in your PC/Server:-
Step1:-
vi /etc/yum.conf

replace in /etc/yum.conf

keepcache=1



save and exit



Step2:-

Now you can get your packages from /var/cache/yum/







Default Sample file of /etc/yum.conf

[main]

cachedir=/var/cache/yum

keepcache=0

debuglevel=2

logfile=/var/log/yum.log

pkgpolicy=newest

distroverpkg=redhat-release

tolerant=1

exactarch=1

obsoletes=1

# Don't check keys for localinstall

gpgcheck=0

plugins=1

metadata_expire=1800

# Changed this because some mirrors go down and then

# re-trying takes forever.

timeout=7





Note:-Where meaning of above options in yum.conf

cachedir

Directory where yum should store its cache and db files packages. The default is '/var/cache/yum'.

keepcache

Either '1' or '0'. Determines whether or not yum keeps the cache of headers and packages after succesful installation. Default is '1' (keep files)

/var/cache/yum/

By default, Yum stores temporary files under the directory

debuglevel

debug level. valid numbers are 0-10. default is 2.

logfile

Full directory and file name for where yum should write its log file.

errorlevel
another debug level. valid numbers are 0-2. default is 2

logfile
Full directory and file name for where yum should write its log file.

pkgpolicy

newest or last - Package sorting order. When a package is available from multiple servers, newest will install the most recent version of the package found. last will sort the servers alphabetically by serverid and install the version of the package found on the last server in the resulting list. If you don't understand the above then you're best left not including this option at all and letting the default (newest) occur

distroverpkg

The package used by yum to determine the "version" of the distribution. This can be any installed package. Default is 'redhat-release'.

tolerant

Either '1' or '0'. If enabled, then yum will be tolerant of errors on the command line with regard to packages. For example: if you request to install foo, bar and baz and baz is installed; yum won't error out complaining that baz is already installed. Default to '0' (not tolerant).
Commmand-line option: -t

exactarch

1 or 0 - set to 1 to make yum update only update the architectures of packages that you have installed. i.e.-- with this enabled yum will not install an i686 package to update an i386 package.

obsoletes
This option only has affect during an update. It enables yum's obsoletes processing logic. Useful when doing distribution level upgrades. See also the yum upgrade command documentation for more details (yum(8)).

Commmand-line option: --obsoletes

gpgcheck

Either '1' or '0'. This tells yum whether or not it should perform a GPG signature check on the packages gotten from this repository.

plugins

Either '0' or '1'. Global switch to enable or disable yum plugins. Default is '0' (plugins disabled). See the PLUGINS section of the yum(8) man for more information on installing yum plugins.

metadata_expire

Time (in seconds) after which the metadata will expire. So that if the current metadata downloaded is less than this many seconds old then yum will not update the metadata against the repository. If you find that yum is not downloading information on updates as often as you would like lower the value of this option

timeout

Overrides the timeout option from the [main] section for this repository.

Enjoy!
Regards,
Rahul Kumar

Forgotten root Password of RHEL,Fedora Core and CentOS.

If you want to reset or forgot root password.You will have to boot your linux in single user mode.If you are using Grub boot loader follow below steps.

Step 1:- At the boot loader menu, Press arrow keys to highlight the installation you want to edit and type A to enter into append mode.

Step2:- You are presented with a prompt that looks similar to the following:

grub append> ro root=LABEL=/

Step 3:- Press the Spacebar once to add a blank space, then add the word single to tell GRUB to boot into single-user Linux mode. The result should look like the following:

ro root=LABEL=/ single
or

ro root=LABEL=/ 1

Step 4:- Press [Enter] and Press b GRUB will boot single-user Linux mode. After it finishes loading, you will be presented with a shell prompt similar to the following:

sh-2.05b#

Step5:- You can now change the root password by typing

passwd root

It will be asked to re-type the password. Once you are finished, the password will be changed. You can then reboot by typing reboot at the prompt. Then you can log in to root as you normally would.
Enjoy!