OpenSSH Server

Introduction

This section of the Ubuntu Server Guide introduces a powerful collection of tools for the remote control of networked computers and transfer of data between networked computers, called OpenSSH. You will also learn about some of the configuration settings possible with the OpenSSH server application and how to change them on your Ubuntu system.

OpenSSH is a freely available version of the Secure Shell (SSH) protocol family of tools for remotely controlling a computer or transferring files between computers. Traditional tools used to accomplish these functions, such as telnet or rcp, are insecure and transmit the user's password in cleartext when used. OpenSSH provides a server daemon and client tools to facilitate secure, encrypted remote control and file transfer operations, effectively replacing the legacy tools.

The OpenSSH server component, sshd, listens continuously for client connections from any of the client tools. When a connection request occurs, sshd sets up the correct connection depending on the type of client tool connecting. For example, if the remote computer is connecting with the ssh client application, the OpenSSH server sets up a remote control session after authentication. If a remote user connects to an OpenSSH server with scp, the OpenSSH server daemon initiates a secure copy of files between the server and client after authentication. OpenSSH can use many authentication methods, including plain password, public key, and Kerberos tickets.

Installation

Installation of the OpenSSH client and server applications is simple. To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt:

sudo apt-get install openssh-client 

To install the OpenSSH server application, and related support files, use this command at a terminal prompt:

sudo apt-get install openssh-server 

The openssh-server package can also be selected to install during the Server Edition installation process.

Configuration

You may configure the default behavior of the OpenSSH server application, sshd, by editing the file /etc/ssh/sshd_config. For information about the configuration directives used in this file, you may view the appropriate manual page with the following command, issued at a terminal prompt:

man sshd_config 

There are many directives in the sshd configuration file controlling such things as communications settings and authentication modes. The following are examples of configuration directives that can be changed by editing the /etc/ssh/ssh_config file.

	Prior to editing the configuration file, you should make a copy of the original file and protect it from writing so you will have the original settings as a reference and to reuse as necessary. Copy the /etc/ssh/sshd_config file and protect it from writing with the following commands, issued at a terminal prompt:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original

sudo chmod a-w /etc/ssh/sshd_config.original 

The following are examples of configuration directives you may change:

• To set your OpenSSH to listen on TCP port 2222 instead of the default TCP port 22, change the Port directive as such:

  Port 2222

• To have sshd allow public key-based login credentials, simply add or modify the line:

  PubkeyAuthentication yes

  In the /etc/ssh/sshd_config file, or if already present, ensure the line is not commented out.

• To make your OpenSSH server display the contents of the /etc/issue.net file as a pre-login banner, simply add or modify the line:

  Banner /etc/issue.net

  In the /etc/ssh/sshd_config file.

After making changes to the /etc/ssh/sshd_config file, save the file, and restart the sshd server application to effect the changes using the following command at a terminal prompt:

sudo /etc/init.d/ssh restart 

Many other configuration directives for sshd are available for changing the server application's behavior to fit your needs. Be advised, however, if your only method of access to a server is ssh, and you make a mistake in configuring sshd via the /etc/ssh/sshd_config file, you may find you are locked out of the server upon restarting it, or that the sshd server refuses to start due to an incorrect configuration directive, so be extra careful when editing this file on a remote server.

SSH Keys

SSH keys allow authentication between two hosts without the need of a password. SSH key authentication uses two keys a private key and a public key.

To generate the keys, from a terminal prompt enter:

ssh-keygen -t dsa 

This will generate the keys using a DSA authentication identity of the user. During the process you will be prompted for a password. Simply hit Enter when prompted to create the key.

By default the public key is saved in the file ~/.ssh/id_dsa.pub, while ~/.ssh/id_dsa is the private key. Now copy the id_dsa.pub file to the remote host and appended it to ~/.ssh/authorized_keys2:

cat id_dsa.pub >> .ssh/authorized_keys2 

Finally, double check the permissions on the authorized_keys2 file, only the authenticated user should have read and write permissions. If the permissions are not correct change them by:

chmod 644 .ssh/authorized_keys2 

You should now be able to SSH to the host without being prompted for a password.

Myspace Messenger Installation on Linux

Myspace Messenger Installation on Ubuntu :

Here are instructions about how to easily install msimprpl on Ubuntu:
apt-get install pidgin-dev
apt-get source pidgin
tar zxvf pidgin_2.0.2.orig.tar.gz
mkdir msimprl-0.12

cd msimprl-0.12
tar zxvf ../msimprpl-0.12.tar.gz
cd libpurple/protocols/myspace

gcc `pkg-config --cflags pidgin ` -D PURPLE_PLUGINS -c message.c myspace.c -I../../../../pidgin-2.0.2/libpurple/ -I.
gcc -shared -`pkg-config --libs pidgin` message.o myspace.o -o libmyspace.so

sudo mv libmyspace.so /usr/lib/purple-2/

# the images would go in /usr/share/pixmaps/pidgin/protocols/

Build Instructions (Win32,Unix or Linux)

The first thing to do is download the latest source code release from http://msimprpl.darkthoughts.net/. You can also check out work-in-progress source code as described in UsingPidginMonotone, but it may not work as well as the current release.

Next, change to the directory you extracted Pidgin in, such as (on Unix):

$ cd /usr/src

On Windows, setup your build environment as described on BuildingWinPidgin and enter the Cygwin Bash Shell.

Then, change to the root directory in the Pidgin source:

$ cd pidgin-2.0.2

There, extract the snapshot, using a command such as:

$ tar zxvf ~/Downloads/msimprpl-0.11.tar.gz

where you replace ~/Downloads with where you downloaded it and with your version number. This extracts a new configure.ac and autogen.sh into the Pidgin root directory, along with the MySpaceIM protocol plugin itself into libpurple/protocols/myspace.

On Unix, you need to regenerate the configure script by running ./autogen.sh. Note that you may need additional tools to do this. Once configure completes, it should output all the settings that the environment was configured with, including this line:

Protocols to build dynamically : gg irc jabber msn '''myspace''' novell oscar qq sametime simple yahoo zephyr

The myspace Makefile was now generated, so you can change directory to the myspace protocol directory:

$ cd libpurple/protocols/myspace

After that, build the prpl with make. On Unix:

$ make

$ su

# make install

On Windows, build as follows:

make -f Makefile.mingw

make -f Makefile.mingw install

Copy the resulting libmyspace.dll to C:\Program Files\Pidgin\plugins.

Icon Files

After that, we have to put the icon files in. Download myspace_16.png, myspace_22.png, and myspace_48.png files. Then, simply copy these files to the appropriate location. On Unix:

# cp ~/Downloads/myspace_16.png /usr/local/share/pixmaps/pidgin/protocols/16/myspace.png

# cp ~/Downloads/myspace_22.png /usr/local/share/pixmaps/pidgin/protocols/22/myspace.png

# cp ~/Downloads/myspace_48.png /usr/local/share/pixmaps/pidgin/protocols/48/myspace.png

If you're installing manually on Windows, copy the image files to the appropriate locations in C:\Program Files\pixmaps\pidgin\protocols\16, 22, and 48.

Finally, start Pidgin. You'll notice you now have MySpaceIM as a new protocol!

missing glibconfig.h?

NOTE: When I was compiling, I found my system (running slamd64 11) did not have glibconfig.h, which this requires. If you find make failing because of this, I recommend following this:

$ cd /usr/src

$ wget ftp://ftp.gtk.org/pub/glib/2.12/glib-2.12.9.tar.gz

$ tar zxvf glib-2.12.9.tar.gz

$ cd glib-2.12.9

$ su

# cp /usr/src/glib-2.12.9/glibconfig.h /usr/include/glib-2.0/glib/glibconfig.h

# exit

$ cd ..

$ rm -rf glib-2.12.9

$ rm glib-2.12.9.tar.gz

and then trying the recompile. YMMV, but this worked for me. --rational_thinker

Screen capturing or desktop session recording in Ubuntu Linux

recordMyDesktop is a desktop session recorder for GNU / linux. Follow these instructions to install this.Installation process is pretty straight forward but yet times tricky ( because of the dependencies )don't i will walk you through this process.

STEP 1: Download the Source Code.

The current version is: Only recordMyDesktop is neccessary. gtk-recordMyDesktop and qt-recordMyDesktop are just frontends, meant to make usage easier. Also make sure you get the latest versions!

Source Code

recordMyDesktop (command-line only) Download from SF.net. (Optional if you need a GUI . following source code is just the Frontend. dont worry about it at this point.)

gtk-recordMyDesktop (frontend, needs recordMyDesktop package) Download from SF.net.

qt-recordMyDesktop (frontend, needs recordMyDesktop package) Download from SF.net.

STEP 2 : installation.

Unpack the tar.gz file.

$ tar -xvzf recordmydesktop-0.3.7.3.tar.gz ( make sure you have right vertion number )

Change to recordmydesktop-0.3.7.3 directory.

$ ./configure

This command checks for all the dependencies install all the required libraries. please write a comment if have any problem. I have all the required libraries.

$ make

this would run fine if all the dependencies are resolved.

$ make install

This completes the installation.

STEP 3: HOW TO USE RECORDMYDESKTOP :

As this is a Command line interface tool here are some information how to use the tool .

syntax:

$ recordmydesktop [ Options ]^ filename

Examples:

A typical scenario of recording can be a command as simple as:
~$ recordmydesktop
which will produce a fullscreen recording named out.ogv
while a command like:
~$ recordmydesktop foo.ogv
will write output to foo.ogv
Since version 0.3, encoding will happen right after the recording fin‐
ishes.
While this behavior saves a lot of CPU, you can revert to the old one
by entering the --on-the-fly-encoding switch.
To specify a region for recording you can type this:
~$ recordmydesktop -x X_pos -y Y_pos -width WIDTH -height HEIGHT -o
foo.ogv
where X_pos and Y_pos specify the offset in pixels from the upper left
corner of your screen and WIDTH and HEIGHT the size of the window to be
recorded(again in pixels).
If the area extends beyond your current resolution, you will be noti‐
fied appropriately and nothing will happen.
Notice also, that if any option is entered you have to specify the out‐
put file with the -o switch.
If you try to save under a filename that already exists, the name will
be post-fixed with a number (incremented if that name exists already)
To normally end a recording you can press ctl-c.
(which will send a SIGINT to the program).
For further manipulation of the end result look at the OPTIONS and
NOTES sections.

Feel free to post a comment if needed help.

How to install RubyOnRails on Ubuntu ( Linux )

To install RubyOnRails on Ubuntu ( Linux )

you need

• Apache or lighttpd

Apache Installation

sudo apt-get install ruby-full build-essential apache2 apache2-mpm-prefork apache2-prefork-dev

The link below is to a specific version of rubygems. You can get a later version from http://rubyforge.org/frs/?group_id=126, but it's not really necessary because we ask rubygems to update itself at the end.

I've encountered a problem with RubyGems 1.1 that was only resolved by following the link above and installing 1.2 version. sudo gem update --system did not solve it prior to that. I'd recommend to follow the link above for a smoother installation.

wget http://rubyforge.org/frs/download.php/34638/rubygems-1.1.0.tgz
tar xzvf rubygems-1.1.0.tgz
cd rubygems-1.1.0
sudo ruby setup.rb
sudo ln -s /usr/bin/gem1.8 /usr/bin/gem
sudo gem update --system

sudo gem install rails
sudo gem install passenger
sudo passenger-install-apache2-module

Add these lines to /etc/apache2/apache2.conf (Actually, you should probably put them in /etc/apache2/httpd.conf ... that's meant for overriding the apache2.conf file and is automatically included by the default apache2.conf):

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-1.0.3/ext/apache2/mod_passenger.so
RailsSpawnServer /usr/lib/ruby/gems/1.8/gems/passenger-1.0.3/bin/passenger-spawn-server
RailsRuby /usr/bin/ruby1.8

Create something like this in /etc/apache2/sites-available/ror.myhost.com

ServerName ror.myhost.com
DocumentRoot /home/myuser/www/mynewapp/public

sudo a2enmod rewrite
sudo a2ensite ror.myhost.com
sudo /etc/init.d/apache2 restart

maybe also do..

rails mynewapp

Lighttpd Installation

Preparing the house:

sudo apt-get install ruby-full build-essential lighttpd libfcgi-ruby1.8

just after everything is done:

sudo gem install rails

and now... lets get hacking, prepare your favorite editor (i'll use kate... but you can choose gedit, kate, nano, use vi or some other only if you know how to use them...)

open a shell, and browse to the directory you want to use (i am using /home/santiago/proyectos/, for your application, i will name it beholder and write the following:

rails beholder

you will see a bunch of stuff on the shell... that should be fine (unless you see a error message). that created the rails folder with all the stuff, so now i have: /home/santiago/proyectos/beholder/public/beholder

now you need to tell lighttpd _how_ to handle that, so you can work with rails, now do this:

sudo kate /etc/lighttpd/lighttpd.conf

and here starts the tricky part, paste at the end of the file:

server.modules   += ( "mod_fastcgi", "mod_rewrite" )


$HTTP["host"] == "localhost" {
   server.document-root = "/home/santiago/proyectos/beholder/public/"

   server.error-handler-404 = "/dispatch.fcgi"

   fastcgi.server      = ( ".fcgi" => ( "localhost" => (
           "min-procs"       => 1,
           "max-procs"       => 1,
           "socket" => "/tmp/ruby-beholder.socket",
           "bin-path" => "/home/santiago/proyectos/beholder/public/dispatch.fcgi",
           "bin-environment" => ( "RAILS_ENV" => "development" )
   ) ) )

}

now run

sudo /etc/init.d/lighttpd restart

and you're set, go to http://localhost and you should see the rails index... click on the link "About your rails enviroment" and if you dont see a 404 o 500 error... then your're set (you should see either a rails error, or a rails message or something like that)

How to install Eclipse on Ubuntu ( Linux )

Ubuntu does come with many eclipse packages in the universal repositories. I don't use them as they rely on GCJ compiler, and not the genuine Sun one. Sun licenses is not compatible with Ubuntu's repositories and therefore have to separately downloaded. This how to creates a .deb package from this download.

Downloading software

Download the latest JDK from Sun, currenly Tiger, 1.5.
Choose the latest jdk update, and then choose the self extracting non rpm file, eg. jdk-1_5_0_06-linux-i586.bin

Download the latest release of web tools from eclipse.
I use the full package of release 1. E.g. wtp-all-in-one-sdk-1.0.2-linux-gtk.tar.gz.
(Ps. its about 170Mb so might take awhile depending of bandwidth.)

Fetch the latest apache tomcat binary, currently 5.5.15.
Choose the core tar.gz file.

Install packages

First Sun's Java JDK:

Install fakeroot and java-package to be able to repackage the jdk as a .deb Make sure you have enabled the universe repositories.

sudo apt-get install fakeroot java-package

Once that is done we create the .deb jdk package.

fakeroot make-jpkg jdk-1_5_xxxx-linux-i586.bin

Some interaction is required, and there will be the odd permission error etc, but should be fine.

Then we install this new package

sudo dpkg -i sun-j2sdk1.5xxxx+updatexxx_i386.deb

Make Sun's Java your java...

sudo update-alternatives --config java

Choose the Sun JDK

Then Tomcat:

Untar download and copy to /opt

tar xzf apache-tomcat-5.5.15.tar.gz
sudo mv apache-tomcat-5.5.15 /opt/
cd /opt
sudo chown -R root:root apache-tomcat-5.5.15
sudo chmod -R +r apache-tomcat-5.5.15
sudo chmod +x `sudo find apache-tomcat-5.5.15 -type d`
sudo ln -s apache-tomcat-5.5.15 tomcat

Edit tomcat users

sudoedit /opt/tomcat/conf/tomcat-users.xml

And add an admin and your own?


yourname" password="blah" roles="manager,admin">

Then Eclipse:

Extract the eclipse download and move to opt.

tar xzf wtp-all-in-one-sdk-1.0-linux-gtk.tar.gz
sudo mv eclipse /opt/eclipse cd /opt sudo chown -R root:root eclipse
sudo chmod -R +r eclipse
sudo chmod +x `sudo find eclipse -type d`


Then create an eclipse executable in your path

sudo touch /usr/bin/eclipse
sudo chmod 755 /usr/bin/eclipse
sudoedit /usr/bin/eclipse

With this contents

#!/bin/sh
#export MOZILLA_FIVE_HOME="/usr/lib/mozilla/"
export ECLIPSE_HOME="/opt/eclipse"

$ECLIPSE_HOME/eclipse $*

Then create a gnome menu item

sudoedit /usr/share/applications/eclipse.desktop

With this contents

[Desktop Entry]
Encoding=UTF-8
Name=Eclipse
Comment=Eclipse IDE
Exec=eclipse
Icon=/opt/eclipse/icon.xpm
Terminal=false
Type=Application
Categories=GNOME;Application;Development;
StartupNotify=true

Configure

You now have a working eclipse. But run this command first to initialise the set up.

/opt/eclipse/eclipse -clean

Then from here on you can run from the menu item applications/programming/eclipse

*** Enjoy Eclipse on Ubuntu ***