ssh

SSH-Login to my server

Whenever I ssh to my server, I get this boring standard Ubuntu message…. and in addition, my prompt is not as colorful as I want it to be….

To get rid of the latter problem, I just changed a line in my ~/.bashrc file:

force_color_prompt=yes;;

(I hade to uncomment it)

To fix the first problem, I first installed fortune and cowsay (this post helped):

apt-get fortunes
apt-get fortunes-off
apt-get cowsay

And then, I added this line at the very top of my .bashrc:

cowsay -f dragon "$(fortune)"

This is more like my style…

After having experimented with VNC and no luck on this (I still do not have X on the server – at least, no running desktop), I finally managed to at least have a conky on the server that displays on my client.

Here’s how I did it:

First, I had to emerge conky on the server, naturally. For this to work, I added this line to /etc/portage/package.use:

app-admin/conky X -ipv6

After the emerge, I created a .conkyrc in my user’s home-dir; I have uploaded it here in order not to paste its content entirely…

The only thing that then needed to be done is ssh X-forwarding conky from the server to the client; for this to work, I had to turn on X11-forwarding in /etc/ssh/sshd_config, restart the ssh-server and then issue the following command on the client:

ssh -Y thomas@server "conky"

(Note that I put a small executable file in ~/.kde/Autostart, containing this line, to have conky to be started whenever I log in to KDE).

Voila – I now have a good stats summary of my server box and of my client box on my desktop all the time…

Goal for today is two things: First, adjust portage to our needs (i. e. tweak some of make.conf); and then, get syslog-ng and vixie cron up and running.

For make.conf, main thing is to add ELOG settings. It’s basically two lines. So, here is now the full /etc/make.conf, including the already promised USE flags:
CHOST="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -fomit-frame-pointer -pipe"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j2"
PORTAGE_NICENESS=3
AUTOCLEAN="yes"
FEATURES="distlocks parallel-fetch"
PORTAGE_ELOG_CLASSES="warn error log"
PORTAGE_ELOG_SYSTEM="save"
GENTOO_MIRRORS="http://mirror.switch.ch/ftp/mirror/gentoo/ ftp://mirror.switch.ch/mirror/gentoo/ ftp://ftp.solnet.ch/mirror/Gentoo http://gentoo.mirror.solnet.ch"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE_GENERAL="nptl bash-completion spell unicode vim-syntax"
USE_LIBS="bzip2 curl curlwrappers gd gif graphviz iconv imagemagick imlib jpeg jpeg2k libwww mime mng ncurses pdf png readline slang svga tiff xpm zlib"
USE_HARDWARE="acpi apm cdr dvd dvdr dvdread foomaticdb gpm iee1394 lm_sensors mmx ppds sse"
USE_SERVER="apache apache2 cups ftp imap maildir -mbox mysql samba usb xinetd"
USE_SECURITY="clamav cracklib crypt sasl ssl"
USE_X="-gnome -kde -X"
USE_LANG="ocaml perl php python ruby tetex tidy xml xmlrpc xsl"
USE="${USE_GENERAL} ${USE_LIBS} ${USE_HARDWARE} ${USE_SERVER} ${USE_SECURITY} ${USE_X} ${USE_LANG}"

And now, we set the locale for the system – basically creating a file /etc/conf.d/02locale:
de_CH.utf8

With everything out of the way, we can start to configure syslog-ng. There is a part within the Gentoo Linux security guide about syslog-ng – which we use as a basis to create the syslog-ng.conf file, and we emerge logsentry (which includes altering something in /etc/cron.hourly, as suggested by portage).

Now, we configure cron. There is a good entry in the wiki about cron. So, we emerge logwatch and configure it as indicated; then, we emerge and configure logrotate, and we add a cronjob for portage. That’s it – cron is up and running and we have a feasible log maintenance!

Last daemon to configure is ntp – to keep the system’s time in sync. These servers are added to /etc/ntp.conf:
server bernina.ethz.ch
server ntp.univ-lyon1.fr
server tick.keso.fi
server fartein.ifi.uio.no
server ntp2a.mcc.ac.uk
server ntp2b.mcc.ac.uk

We also make sure that the time can be synced by uncommenting the very last line of ntp.conf. That’s it – we have configured the most important system tools!

Now, the only thing to find out is the funny drop-outs that I encounter when connected via ssh – the connection just drops from time to time…

One thing to do – passwordless login via ssh! There is a Gentoo wiki entry on this which we follow.

The server can now boot. The next step is a simple update of everything – but before that, we create /etc/portage/package.use with this line:
sys-libs/glibc userlocales

After that, the next step is to install vi and to adapt the EDITOR variable in rc.conf. Then, using visudo, make sure that the normal user can sudo. Then, we install OpenSSH to remote control the box. In /etc/ssh/sshd_config, we configure the following:

• change ListenAddress to 10.10.10.20
• set PermitRootLogin to no
• add a line “AllowGroups wheel”
• start sshd and add it to the default runlevel

Then, install these tools: syslog-ng, vixie-cron, ntp, sysfsutils, gentoolkit and esearch. Configuration of these tools will happen the next time.