2013年12月10日 星期二

enable sftp transfer to instead of the ftp protocol

1. add these lines to /etc/ssh/sshd_config

Subsystem sftp internal-sftp

Match Group sftpusers
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no

2. add one group name sftpuser
#groupadd sftpusers

2. add one user for testing
useradd -g sftpusers -d /home/sftp/user1 -m user1
usermod -s /bin/false

3. add /bin/false to /etc/shells 

4. change permission for the user
# chown root:root /home/sftp/user1
# chmod 755 /home/sftp/user1

5. restart the ssh service
# /etc/inti.d/ssh restart

6. create another folder to writable and mount it to the subfolder
# mkdir -p /home/sftp-write/user1
# mkdir /home/sftp/incoming
# mount --bind /home/sftp-write/user1/ /home/sftp/user/incoming

7. testing for the sftp  
#sftp user1@xxxx.xxxx.xxxx.xxxx

2013年11月13日 星期三

ssh autologin to multi server

situation:
         three server with ip 10.10.10.1, 10.10.10.2, 10.10.10,3

1. install all open ssh package on these servers
# apt-get install ssh

2. create the same user account on these servers
# useradd -d /home/user1 -m user1
# passwd user1

3. on one of these three server , generate the public key
# ssh-keygen -t rsa

4. copy public key to the others
#ssh-copy-id -i user1@10.10.10.2
#ssh-copy-id -i user1@10.10.10.3

5. testing the autologin function
#ssh 10.10.10.2

2013年11月9日 星期六

how to install mongoDB

1. insert into key from url to get mongDB key
#sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10

2.modify the apt source.ist
#echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list

3. update the repository
#sudo apt-get update

4. install mongoDB
#sudo apt-get install mongodb-10gen

5.testing the mongoDB
#mongo


2013年9月1日 星期日

nfs disk

1.modify /etc/exportfs
/disk1      10.x.x.x(ro,async,no_root_squash,no_subtree_check)

2. export setting
# exportfs

3. restart nfs service
#/etc/init.d/nfs-kernel-server restart

4.if some client just support nfs 3 like vmware
run this command to use version 3
#rpc.mount --nfs-version 3

2013年8月14日 星期三

ubuntu 12.04 install vsphere sdk for perl

1. install required component
#sudo apt-get install ia32-libs build-essential gcc uuid uuid-dev perl libssl-dev perl-doc liburi-perl libxml-libxml-perl libcrypt-ssleay-perl

2.download vshpere sdk api

3.modify vmware-install.pl
comment out proxy setting

4.install vsphere sdk and required perl module

5.ignore verify server ssl certificate
export PERL_LWP_SSL_VERIFY_HOSTNAME=0

2013年6月27日 星期四

eclipse develop google app engine

1.download eclipse and etract it to one folder
# tar zxvf eclipse-reporting-juno-SR2-linux-gtk-x86_64.tar.gz

2.install google app engine plugin
click help menu and under install new software subitem
add new websit
name: googleAppEngine
url: http://dl.google.com/eclipse/plugin/4.2

3. install packages for gwt designer
#sudo apt-get install libwebkitgtk-1.0.0

2013年6月14日 星期五

ubuntu 12.04 install tomcat7 and eclipse

1.install tomcat 7
#apt-get install tomcat7 tomcat7-admin tomcat7-docs tomcat7-examples tomcat7-user

2. download eclipse and install it to system

3. remove the file in eclipse project  workspace/.metadata/.plugins/org.eclipse.core.runtime/.settings
#cd /home/myproject/workspace/.metadata/.plugins/org.eclipse.core.runtime/.settings
# rm org.eclipse.jst.server.tomcat.core.prefs

4. ensure eclipse can access tomcat file
#cd /usr/share/tomcat7
#sudo ln -s /var/lib/tomcat7/conf conf
#sudo ln -s /etc/tomcat7/policy.d/03catalina.policy conf/catalina.policy
#sudo ln -s /var/log/tomcat7 log
#sudo chmod -R 777 /usr/share/tomcat7/conf

5.make user /usr/share/tomcat7 had read permission by all user
#cd /usr/share/tomcat7/conf
#sudo chmod 644 tomcat-users.xml

6.on eclipse create runtime-environment
Window->Preferences->Server->RunTime Environment

7.create new run server 
windows->show view->servers

2013年3月14日 星期四

how to update old repository

1. remove /etc/apt/source.list

2. add lines as follows into source.list and change version
#vim /etc/apt/source.list

# Required
deb http://old-releases.ubuntu.com/ubuntu/ maverick main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ maverick-updates main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ maverick-security main restricted universe multiverse

# Optional
#deb http://old-releases.ubuntu.com/ubuntu/ karmic-backports main restricted universe multiverse


3.update the repositoroy
#apt-get update

2013年3月12日 星期二

OPENSWAN WITH ASA5510

1. install openswan package
#apt-get install openswan

2. modify ipsec.conf setting
#vim /etc/ipsec.conf

version 2.0
config setup
           dumpdir = /var/run/pluto
           nat_traversal = yes
           oe = off
           protostack = auto
           interfaces = %defaultroute
           klipsdebug = none
           plutodebug = none

conn asa
           type = tunnel
           authby = secret
           left = 10.10.22.33
           leftsubnet = 172.16.22.0/24
           leftnexthop = 172.16.22.1
           
           right = 10.1.22.28
           rightsubnet = 192.168.100.0/24
           rightnexthop = 192.168.100.1

           esp= 3des-md5-96
           keyexchange = ike
           pfs = no
           auto = add

3. modify ipsec.secrets
# vim /etc/ipsec.secrets
10.1.22.28 10.10.22.33: PSK "asopfjas@owewfspfjowp@ksloj"
include /var/lib/openswan/ipsec.secrets.inc