| January 2006 » |
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | | | 13 | 14 |
| | 17 | 18 | | | |
| | 24 | | | | |
| | | | | | |
| | | | | | | |
| Today |
Blogs to Gander At
Navigation
Editing
AllMarks
Referers
South Park as I was 10 years ago
South Park today
I have more hair and it isn't so grey. :->
10 years ago, really
Today, literally
Site notes
Sunday January 29, 2006
Configuring apache The next service I want to migrate from Linux to (Open)Solaris is my web server. Note that I've pushed my web content back and forth from FreeBSD to Linux boxes. The content stays the same, you just have to figure out where the server config files are stored and where to plop the main content page.
Okay, under Linux, the default configration file lives as /etc/httpd/conf/httpd.conf. Now, what changes did I make to get apache up and running?
[tdh@adept conf]> diff httpd.conf httpd.conf.STOCK
235c235
< ServerAdmin root@excfb.com
---
> ServerAdmin root@localhost
249c249
< ServerName www.excfb.com:80
---
> #ServerName www.example.com:80
339c339
< #UserDir disable
---
> UserDir disable
346c346
< UserDir public_html
---
> #UserDir public_html
Very minor changes are necessary to get this up and running. Okay, where am I stashing the main content?
[tdh@adept html]> pwd
/var/www/html
I actually don't care about the /var/www/html part, it is everything below it which is important. Time to go to sandman and configure it.
Okay, where is the configuration file?
[tdh@sandman ~]> cd /etc/html
/etc/html: No such file or directory.
[tdh@sandman ~]> cd /etc/apache2
[tdh@sandman apache2]> ls -la httpd.conf
-rw-r--r-- 1 root root 37672 Jan 15 17:40 httpd.conf
I don't care about what is in /etc/apache, I'm going to use apache2. Touch up the configuration file.
[tdh@sandman apache2]> diff httpd.conf httpd.conf-example
325c325
< ServerAdmin root@excfb.com
---
> ServerAdmin you@yourhost.com
339c339
< ServerName www.excfb.com:80
---
> ServerName 127.0.0.1
415c415
< UserDir public_html
---
> User webservd
Okay, where does the content live? Lets try under /var:
[tdh@sandman htdocs]> pwd
/var/apache2/htdocs
Copy your content over here, and also into the user directories if they are enabled. Flip the service on and start serving up content!
# svcadm enable apache2
And here is a screenshot of the server running:
Technorati Tags:
Sun OpenSolaris Solaris
Configuring sshd Okay, in my quest to replace Linux in my data center, I want to have a ssh gateway from the Internet into my boxes. Hmm, I also want to make sure my work gear is safe as well. To do so, I only allow ssh to go through a non-default port on my firewall. So, I want to configure sshd on my gateway box to respond to respond to ssh traffic from the default port 22 from my internal network and from port X from the outside.
Hmm, I really should restrict the system such that it only accepts port X from the firewall and not from any other client. I don't have to worry about port 22, the firewall already takes care of that.
Basically, the only configuration I need to do on the sshd server is to add a port listener.
Under Linux, the default location for the configuration file is /etc/ssh/sshd_config. Amazingly enough, it is at the same location for (Open)Solaris.
The change needed is:
[tdh@sandman ssh]> diff sshd_config sshd_config.STOCK
34d33
< Port X
To test it, we restart sshd and have some fun:
[tdh@sandman ssh]> sudo svcadm restart sshd
svcadm: Pattern 'sshd' doesn't match any instances
[tdh@sandman ssh]> sudo svcadm restart ssh
Notice that we restart the ssh service and not just the server aspect.
[tdh@adept web]> ssh -p 22 sandman
Password:
Last login: Sun Jan 29 17:27:20 2006 from adept.internal.
Sun Microsystems Inc. SunOS 5.11 snv_27 October 2007
You have mail.
[tdh@sandman ~]> exit
logout
Connection to sandman closed.
[tdh@adept web]> ssh -p X sandman
Password:
Last login: Sun Jan 29 17:30:36 2006 from adept.internal.
Sun Microsystems Inc. SunOS 5.11 snv_27 October 2007
You have mail.
[tdh@sandman ~]> exit
logout
Connection to sandman closed.
In case it is not clear, 'X' is a port number greater than 1024. You might want to check /etc/services to make sure you do not pick a duplicate port number for some other service. Also, you might want to go ahead and register your port in that file - that provides some documentation that you are using an additional port resource.
The final consideration is whether we really want external ssh access to be as lax as internal ssh access. We might want to force the external traffic to use an identity file, i.e., a private key. If we open up root logins for the internal network, we might not want to allow external logins to gain root access. We also might want to force our users to have different, and more stringent, passwords for external logins.
Once I've got all of the services migrated to the new gateway machine, I'll add a couple of zones to allow us to have a virtual gateway. Instead of burning a physical machine to task, we will carve out a very specific virtual server for remote ssh access.
Technorati Tags:
Sun OpenSolaris Solaris
Devo 2.0
While watching The Fairly OddParents this morning, an ad for Devo 2.0 came on. The correct spelling appears to be Dev2.0. The funniest part was at the end, when the girl singer said "We are all Devo!" My son replied, "I'm not, Daddy isn't, and Mama isn't."
I had to tell him I was so Devo and so was he. I asked him if he knew why I called him "Spud" half the time and why his mother didn't like it.
Okay, I tracked them down to www.devo2-0.com which in turn becomes http://disney.go.com/disneyrecords/Song-Albums/devo20/.
Uggh, they put out the content on flash, so no copying it over. The CD retails for $18.95 with like $4.95 for shipping. The kids are not related to the original cast.
Looks like Disney is basically doing a remake the band project and next up is the Go-Gos.
Technorati Tag: Devo
