twitter
    Find out what I'm doing, Follow Me :)

Wednesday, April 20, 2011

NTP SERVER AND CLIENT CONFIGURATION

====================================================================
Configure NTP Server
====================================================================
Note: NTP server IP:192.168.2.40
         NTP client2 IP: 192.168.2.2
         NTP client2 IP: 192.168.2.2

# Make sure to install ntp

** Step To create NTP server

# chkconfig ntpd on

# edit /etc/ntp.conf

    --> add this line :

                             peer 192.168.2.2
                             peer 192.168.2.3

# edit /etc/sysconfig/iptables

    --> please enable port 123

# restart ntpd

    --> /etc/init.d/ntpd restart

# restart firewall

    --> /etc/init.d/iptables restart
=======================================================================
** To configure NTP client to syn with NTP server
=======================================================================
# edit /etc/ntp.conf

    --> add this line :

                        restrict 192.168.2.40 mask 255.255.255.0 nomodify notrap noquery
  
                        server 192.168.2.40

                        ** comment out others restrict ..... mask 255.255.255.0 nomodify notrap noquery

# edit /etc/ntp/ntpservers

    --> add this line :

                        192.168.2.40

                        ** comment out others server IP/url

# edit /etc/ntp/step-tickers

    --> add this line :

                        192.168.2.40


# edit /etc/sysconfig/iptables

     --> please enable port 123

# restart ntpd

      --> /etc/init.d/ntpd restart

# restart firewall

      --> /etc/init.d/iptables restart

# fire this command to set the local date and time:

                       ntpdate -u server_IP

# fire this command to query the NTP server-client synchronisation:

                       ntpq -pn

****************************************************************************
****************************************************************************
TESTING

SERVER
# update the time and date

CLIENT
# fire command : ntpdate -u 192.168.2.40
# fire comamnd : ntpq -pn

Creadit to chikaro Natrah

Posted by at No comments:

Friday, April 15, 2011

SSL LDAP how to in Centos

1.Install LDAP
# yum install openldap-servers openldap-clients nss_ldap

2.Copy DB_CONFIG
#cp DB_CONFIG.example /var/lib/ldap/DB_CONFIG

3.Created encrypted password for slapd
# slappasswd
{SSHA}372BLnDbuRFpPdQpKi2SRISPaoQEcQW9

4.copy and pasted above encrypted password into slapd.conf
# rootpw                {crypt}ijFYNcSNctBYg    <--------------replace here

5.Change rootDN and suffix accordingly like below example
suffix          "dc=ezmcom,dc=com"
rootdn        "cn=Administrator,dc=ezmcom,dc=com"
6.uncomment below parts
#vi /etc/openldap/slapd.conf
TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
TLSCertificateFile /etc/pki/tls/certs/slapd.pem
TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem

7.edit ldap.conf file and change to
#vi /etc/openldap/ldap.conf
base dc=ezmcom,dc=com
uri ldap://127.0.0.1:636
TLS_CACERTDIR /etc/openldap/cacerts   
ssl start_tls

8.Generate an RSA key using below command.
#openssl genrsa -out cert.key 1024
#openssl req -new -key cert.key -out cert.csr
Note:common name should match with ur suffix dc (ezmcom)

9.Generate self-signing certificate using below command
#openssl x509 -req -in cert.csr -days 365 -signkey cert.key -out cert.crt

10.restart ldap
#/etc/init.d/ldap restart

Credit to chikaro Natrah. ehehe
Posted by at No comments:

Wednesday, February 23, 2011

How to Configure VPN (PPTP) Server on CentOS

In this document you will find the steps on how to build a Linux Point to Point Tunneling Protocol (PPTP) server using Poptop.
This allows roaming users to connect to their corporate network from anywhere on the Internet securely and inexpensively.
It supports Windows 95/98/Me/NT/2000/XP PPTP clients and Linux PPTP clients.
Requirements: -
Server: CentOS 5.3
kernel-2.6.18-128.el5
ppp-2.4.4-2.el5
pptpd-1.3.4-1.rhel5

Kernel version 2.6.15 or above has MPPE built-in which is required for MSCHAPv2. CentOS 5 kernel version is 2.6.18 that means you do not need to install the MPPE module. CentOS 5comes with ppp-2.4.4-1.el5 and it is MPPE support enabled.

Step-1: Install ppp if already not installed and Check if kernel supports MPPE
#yum install ppp
Run the command below to test if your kernel supports MPPE and you should get a return an “ok”: -
#modprobe ppp-compress-18 && echo ok

Step-2: Install PPTPD
You cannot install the pptpd using yum utility because it’s not in yum repo. Download the RPM file pptpd-1.3.4-1.rhel5.1.i386.rpm from http://poptop.sourceforge.net/yum/stable/packages/

#wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm
Install the RPM by running this command: -
#rpm -ivh pptpd-1.3.4-2.rhel5.x86_64.rpm

Step-3: Configuration
Change the /etc/ppp/options.pptpd as below: -
#vi /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

Change the following file /etc/pptpd.conf
#vi /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.2.1
remoteip 192.168.2.11-15

Add the following username (johndie) and password (passwrd) in /etc/ppp/chap-secrets as below: -
# Secrets for authentication using CHAP
# client server secret IP addresses

shamsul pptpd passwrd *

Step-4: Run the following command to enable the pptpd to start automatically in runlevel 3 and 5 as below: -
#chkconfig --level 35 pptpd on
Now, you can start the pptpd service as below: -
#service pptpd start

Step-5: For pptpd to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf and change the line to below: -
#vi /etc/sysctl.conf
net.ipv4.ip_forward = 1

To enable it immediately, run following command: -
#sysctl -p
Now test your setup by creating a vpn connection from any windows or linux pc.

credit to: http://almamunbd.blogspot.com/2009/06/how-to-configure-vpn-pptp-server-on.html
Posted by at 2 comments:

Thursday, February 10, 2011

Setup VNC Server on CentOS


  1. yum install vncserver 
  2. vi /etc/sysconfig/vncservers
    3. VNCSERVERS="1:tiger 2:albatros 3:leopard"                                      VNCSERVERARGS[1]="-geometry 1024x768 -depth 16"                                      VNCSERVERARGS[2]="-geometry 800x600 -depth 8"                                      VNCSERVERARGS[3]="-geometry 1024x768 -depth 16"
    3.  vncpasswd tiger
    4.  vi /home/tiger/.vnc/xstartup (uncomment below line)
         unset SESSION_MANAGER
         exec /etc/X11/xinit/xinitrc
    5. /etc/init.d/vncserver start

    Posted by at No comments:
    Subscribe to: Posts (Atom)