Linux-Setup Digest #971, Volume #20 Mon, 2 Apr 01 18:13:09 EDT
Contents:
Passwd encryption (Bahman Motamed)
Re: this is Bellsouth policy. (John M.)
Re: Anybody tried various 2.4 kernel based distributions? Opinions? ("KW")
Re: Help with configuring squid (aka proxy server) in transparent caching mode ("KW")
Re: REDHAT LIUNX 7.0 - SERVER INSTALLATION - GRPHICAL LOGIN - HOW? ("KW")
Re: file association ("KW")
Re: ADSL - Connect to BTopenworld BUSINESS service ethernet router. ("colin
griffiths")
Re: RPM Update (Luke Vogel)
Re: RPM Update (Luke Vogel)
Re: Passwd encryption (Craig Kelley)
Re: Considering Linux implementation instead of HPUX -- Advice needed (Juha Laiho)
Re: Passwd encryption (H.Bruijn)
----------------------------------------------------------------------------
From: Bahman Motamed <[EMAIL PROTECTED]>
Subject: Passwd encryption
Date: Mon, 02 Apr 2001 17:18:39 -0400
Hello all,
I am using .htacces which is the passwd protection for dir's that my
hosting company uses. When a user is asked to type the passwd from there
on anyone can snoop the passwd, I'd like to know if there is an
encrypter out there that I can use with .htaccess or some other PERL of
CGI programs that encrypts the passwd over internet.
Any input is appriciated.
[EMAIL PROTECTED]
------------------------------
From: John M. <[EMAIL PROTECTED]>
Crossposted-To:
ahn.tech.linux,alt.os.linux.mandrake,bellsouth.net.support.adsl,bellsouth.net.support.linux
Subject: Re: this is Bellsouth policy.
Date: Mon, 02 Apr 2001 17:25:02 -0400
A happy Bellsouth customer without a decent news server?
On Mon, 2 Apr 2001 16:27:38 -0700, "gosh" <[EMAIL PROTECTED]>
wrote:
>of course it is a possible I suppose that you could find a router similar to
>the Caymen 3220
>to connect to Bell South DSL using linux if you are on a network...
>I suppose it is also possible that if you search you may find a compatible
>pci modem---
>heck for all I know drivers for the 3com are floating around some where the
>modem is known as and can be identified
>at 3com by it's name the 3com HomeConnect pci
>
>I've had my DSL with Bellsouth for a while now and I love it I get a good
>stable connection at
>around 800 kb down not bad considering I'm about 18,000 feet from the
>central office...
>the only problem I've had is on a rare occasion usualy after a bad storm...
>I have to shut down and
>unplug my modem for a minute than boot back up and I'm back on... no big
>deal...
>
>a happy BellSouth customer,
>Gosh
>
>
>gosh <[EMAIL PROTECTED]> wrote in message
>news:R85y6.698$[EMAIL PROTECTED]...
>> unfortunately I do believe you will have to get an ethernet modem
>> no choice here, the modem that BS supports and provides is the
>> Alcatel Speed Touch Home The unfortunate part is that BS only
>> gives these modems out on Pro-installs. THEY DO NOT SHIP
>> ETHERNET MODEMS period no exceptions.... It can also be a frustrating
>> experience just getting bell south to ship a different modem... The
>reason
>> that
>> you will have to go with the ethernet modem is that the only software
>> bellsouth has for
>> linux is NTS Ethernet 300 a third party dialer... so you can authenticate
>> one way with
>> ethernet 300 download it from ftp.bellsouth.net.. call the help desk
>> at 888-321-2375 or it might be 877 I forget option 2 to get the password
>to
>> DOWNLOAD the SOFTWARE...
>> or you might say for the SOFTWARE DOWNLOAD. Since a pro install costs
>$150
>> if it were me
>> I would buy a modem off the internet for cheaper if i could find it. Bell
>> south does not want you to do that of course and they will not support a
>> modem bought elsewere but then that's not a big deal since we don't
>support
>> linux anyway
>> Be careful of one thing if you do buy a modem on your own since modems
>that
>> are like the Alcatel 1000 and
>> the alcatel speed touch home (the 2 modems supported by BS) are hard
>coded
>> no drivers to load you must be
>> carefull that the vpi vci for bellsouth is set to 8:35 many isp's use
>0:35
>> and there for many modems are set
>> to this.... of you have any other questions about using bellsouth dsl post
>> them i'll answer them a better place to post for dsl specific q's is the
>> tech support news group fr bell south that you can get to on your bell
>south
>> news server...
>> side note:
>> no difference exsists AT ALL between pppoe and pppoa on the host side....
>> the only difference is in the manner inwhich
>> a node authenticates-- ppoe=thernet300 .... pppoa=Dial up Networking or
>RAS
>> dialer or I forget what the mac dialer is
>> called..... any linux customer is going to be pppoe it does not matter
>what
>> it sys you are in the bell south data base
>>
>>
>> gosh
>>
>>
>>
>>
>> News Mail <[EMAIL PROTECTED]> wrote in message
>> news:6uDw6.2219$[EMAIL PROTECTED]...
>> > Help!!!
>> >
>> > We just got this ADSL and set up Linux Mandrake 7.2 but we can't get it
>> > connected. I did the "adsl-setup". Then "adsl-start" and get a
>"time-out"
>> > message. We are not sure but we may have an IRQ problem. What command
>can
>> we
>> > use to see the list of IRQs?
>> >
>> >
>> > meesh32
>> >
>> >
>>
>>
>
------------------------------
From: "KW" <[EMAIL PROTECTED]>
Subject: Re: Anybody tried various 2.4 kernel based distributions? Opinions?
Date: Mon, 02 Apr 2001 16:33:16 -0500
It's always been my understanding that an X.1 or any odd numbered distro
was a development version... (7.1, 7.3, whatever ) and even #'s were
production releases.. I also understand thats unwritten programmer
stuff... ;) Does SuSe run their stuff different from the "norm" ?
In article <[EMAIL PROTECTED]>, "Rod Smith"
<[EMAIL PROTECTED]> wrote:
> [Posted and mailed]
>
> In article <0BTx6.126573$[EMAIL PROTECTED]>,
> "Warren Postma" <[EMAIL PROTECTED]> writes:
>> I installed Traktopels (Mandrake 8.0 beta 2). Way too unstable. The
>> Installer kept crashing and there were lots of error messages from the
>> newly upgrade RPM 4.0 package manager, and the KDE and GNOME
>> installation failed, leaving me in a Circa-1983 version of X, with an
>> xterm, and xclock, and nothing else. Nice.
>>
>> I'm going to have a spin around the block with the new RedHat
>> "Wolverine" beta, which apparently supercedes the previous "Fisher"
>> beta, If I've understood the dates/times on the ISO files correctly.
>> <grin>
>
> Keep in mind that both of these are *BETA* distributions. They're
> *EXPECTED* to have problems. You could always wait for the release
> versions of these distributions.
>
>> Also, it appears that SuSE has a 2.4 based distribution out there, but
>> there's NO way to evaluate it without first buying it. If I tried it,
>> and it was stable, I would certainly pay $29 or $49 or whatever, but
>> I'm not going to Buy Before Try, how bass-ackwards is that, in the Open
>> Source world.
>
> Actually, there is a boot-from-CD version of SuSE. Check
> http://www.linuxiso.org. You'll need a CD-R burner to use this, though,
> and I don't know how much you can customize it (I'd guess not a lot).
> The SuSE 7.1 with 2.4.x kernel is *NOT* beta software.
>
> You could also try running a 2.4 kernel on an earlier distribution
> (Mandrake 7.2, Red Hat 7.0, whatever). This isn't without its problems,
> but it can be made to work. In my experience, the worst problem is that
> kernel modules may not load correctly unless you give the complete path
> to them, because their locations have changed. There are also occasional
> program-specific problems. The last I checked, for instance, there were
> no Win4Lin drivers for the 2.4 kernel, although their Web page said
> they're working on it. You'd have that problem even with distributions
> that use 2.4 from the start, though.
>
------------------------------
From: "KW" <[EMAIL PROTECTED]>
Subject: Re: Help with configuring squid (aka proxy server) in transparent caching mode
Date: Mon, 02 Apr 2001 16:45:46 -0500
>From what I understand, you have 2 linux boxes, we'll call them A and B.
Box A has eth1 (public) and eth0 (Private). Box B has eth0 which is
private and running squid...
Now you've got this script running on box A that grabs port 443 and 80 and
redirects them to the squid server on B. It looks like to me the packets
are going to go from the private net on A, get redirected back to the squid
server on B, then go back to A again on port 80, which is going to again
loop back to Box B?? Someone jump in here if that sounds wrong...
You may want to add on the box A to forward all
packets FROM box B's IP on port 80 through to eth1 as a regular masq.
and see if this helps cause it looks like box A is grabbing all request
for 80 and sending them back to squid which needs to be able to ge out
w/o interference....
> #Accept port 3128 for squid
> $IPT -A INPUT -p tcp --destination-port 3128 -j ACCEPT $IPT -t nat -A
> PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to 172.16.1.253:3128
> $IPT -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to
> 172.16.1.253:3128 $IPT -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT
> --to 172.16.1.253:3128
------------------------------
From: "KW" <[EMAIL PROTECTED]>
Subject: Re: REDHAT LIUNX 7.0 - SERVER INSTALLATION - GRPHICAL LOGIN - HOW?
Date: Mon, 02 Apr 2001 16:46:53 -0500
I don't think the server install loads X. Do a custom and pick the
packages you want.....
In article <[EMAIL PROTECTED]>, "CHNg" <[EMAIL PROTECTED]>
wrote:
> well, not sure what u mean by 'u cant make it in the server
> installation', but anyway, during installation, it should ask you to
> give the initial passowrd for the root, and this is the password u'll
> use to login to ur machine.
>
> if you prefer the console to go into command line (text mode) instead of
> graphical mode upon booting up, edit /etc/inittab file and look at the
> content in there and set to text mode. then, when u want to go into
> graphical mode, at the command prompt, just type 'startx'. hope this
> helps.
>
>
> Ferdinand Rey wrote:
>
>> I'm reallyl new to this stuff... I tried installing the RH7 Workstation
>> and it works in graphical login but I can't make it in the Server
>> Installation. On the startup it asked me for login and password...
>> WHAT'S NEXT? lols... How can I go to graphic/Genome/KDE mode? Please
>> let me know what command am I gonna use.
>>
>> Thanks,
>> Ferdz
>
------------------------------
From: "KW" <[EMAIL PROTECTED]>
Subject: Re: file association
Date: Mon, 02 Apr 2001 16:49:46 -0500
you want the entire path to the acrobat executable followed by %f
/usr/bin/acrobat %f
or something like that...
You'll probably have to log out and log back in... sometimes gnome is
strange like that....
In article <3ac59158$0$25505$[EMAIL PROTECTED]>, "Ron
Nicholls" <[EMAIL PROTECTED]> wrote:
> RH 7.0 enlightenment and gnome
> I have installed Acrobat and need to associate pdf files with the
> reader.
> I've tried the mime thing in control centre and entered the acrobat path
> in "open, view and edit" to no avail.
>
> Any takers :-)
>
> --
> -
> -
> Regards
> RonN
>
>
------------------------------
Reply-To: "colin griffiths" <[EMAIL PROTECTED]>
From: "colin griffiths" <[EMAIL PROTECTED]>
Subject: Re: ADSL - Connect to BTopenworld BUSINESS service ethernet router.
Date: Mon, 2 Apr 2001 22:43:58 +0100
Thanks for your reply, sorry to confuse the issue but what I was after is
something along these lines. When you set up the router with a windows
machine tcp settings are roughly - dynamic ip, no wins, no dns server, and
no gateway. You then check that you can ping the outside world. Continue
by running a browser and connect to 192.168.254.254 which is the router
gateway. The user is then prompted to enter a username and password.
After connection you can browse the web.
If I leave the router turned on and connect it to eth1, in my Linux server
which is setup to use dhcp and reboot, the server can ping the outside
world, eth0 is setup to access my internal lan. However I would assume that
if the router is powered off then I would need to re-logon after powering
up. I could perhaps use netscape from x-windows or is there a text based
browser included with Rehat 7.0?
What I am asking is has anyone documented the correct procedure to configure
a Linux machine and the BT router. Starting from the basic steps of
configuring the nic's , DNS cacheing etc. Hence the post to a Linux
newsgroup, it's the Linux setup I'm after.
I have discovered the above by trial and error I would prefer to follow more
precise steps.
Again thanks for your patience.
urban junkie <[EMAIL PROTECTED]> wrote in message
news:ip0y6.3590$[EMAIL PROTECTED]...
>
> "Colin Griffiths" <[EMAIL PROTECTED]> wrote in message
> news:3ac889ba$0$12242$[EMAIL PROTECTED]...
> > Does anyone know how to connect to the BTopenworld business router and
> logon
> > to allow IP masquerading? All the info I have read describes the setup
for
> > the usb modem. Could you please give simple instructions or advise
where
> a
> > HOWTO could be obtained.
> > Cheers
> > Colin.
> >
>
> Hi, if I understand you correctly, you want to telnet into your BT
openworld
> supplied ADSL router and change some settings ?
>
> If that's the case, then you'll have to talk to BT Openworld, as you're
not
> allowed to access the router yourself. ISTR some instructions for gaining
> access to the BT supplied router, quickly followed by warnings that BT
would
> terminate your service if you do.
>
> Again, I think BT charge �50 to make the change, but I could be wrong !
>
> You'll get better answers by posting the question to uk.telecom.broadband
>
> HTH
>
>
------------------------------
From: Luke Vogel <[EMAIL PROTECTED]>
Subject: Re: RPM Update
Date: Tue, 03 Apr 2001 07:48:07 +1000
"ne..." wrote:
> >Where the hell do I get libdb-3.1.so from? ... and ...
> >Do I need to upgrade another package(s) before I do these?
> http://www.redhat.com/support/errata/rh62-errata-updates.html
Thanks ... that did it! 4.0.2 now installed. :)
--
Regards
Luke
======
On the requirements it said: Windows 98 or better - so I installed Linux
======
http://www.bell-bird.com.au
PLEASE NOTE: Spamgard (tm) installed.
mailto:[EMAIL PROTECTED]
======
------------------------------
From: Luke Vogel <[EMAIL PROTECTED]>
Subject: Re: RPM Update
Date: Tue, 03 Apr 2001 07:50:32 +1000
Chris Coyle wrote:
> Luke,
> yes rpm 4.0.2 requires the db3 packages (containing the libdb
> referenced in the error messages). Its possible these may
> require other packages. I didn't have much trouble because
> as I said I have been staying reasonably up-to-date with the
> updates from redhat. If you have not, then you may have to
> install a few others before the rpm packages. Be patient,
> and get to know rpm: read the man page carefully, and read
> the rpm howto (see http://www.kernel.org/LDP/index.html).
Thanks for your help Chris!
Once I downloaded the db3 package from a redhat mirror, I was right!
Previously, I obtained the db3 package from www.rpm.org it self, and it
flatly told me that db3 "could not be installed" ... end of message.
anyway got it all working fine now.
:)
--
Regards
Luke
======
On the requirements it said: Windows 98 or better - so I installed Linux
======
http://www.bell-bird.com.au
PLEASE NOTE: Spamgard (tm) installed.
mailto:[EMAIL PROTECTED]
======
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Subject: Re: Passwd encryption
Date: 02 Apr 2001 15:57:46 -0600
Bahman Motamed <[EMAIL PROTECTED]> writes:
> Hello all,
>
> I am using .htacces which is the passwd protection for dir's that my
> hosting company uses. When a user is asked to type the passwd from there
>
> on anyone can snoop the passwd, I'd like to know if there is an
> encrypter out there that I can use with .htaccess or some other PERL of
> CGI programs that encrypts the passwd over internet.
htpasswd ships with apache and it will DES-hash the passwords for
you. You can do it with Perl by using the built-in crypt() command
plus some salt.
--
It won't be long before the CPU is a card in a slot on your ATX videoboard
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: Juha Laiho <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: Re: Considering Linux implementation instead of HPUX -- Advice needed
Date: 2 Apr 2001 18:14:43 GMT
"Greg Francis" <[EMAIL PROTECTED]> said:
>I'm considering migrating an HPUX server to a Linux implementation and would
>like some advice concerning the feasibility of this. The server provides
>mail, web storage space, and document storage (via Samba and FTP) for around
>4000 students and faculty.
Greg,
while I don't have that size of an environment to run, I'd still be
interested in what kind of solution you end up.
>There are some applications such as SAS, SPSS, and compilers also run
>on this server. Mail access is via Pine and IMAP/POP3 with the bulk
>being POP3/IMAP. I have been very pleased with HPUX but the support
>costs are getting very high on this five year old server (4-way K220
>with 1.75GB RAM and 120GB of disk) so I'm looking at alternatives.
One more choice might be to use some hardware classified as workstations;
J6000 or so. You perhaps don't get all the low-level hardware diagnostics
features you have with the K-class, but you'll end up with a lot smaller
overall system (smaller power consumption, smaller cooling requirements).
And at least my memory is that workstation support costs are a lot less
than server -- even when you use the workstation as a server.
>What I'm considering doing is replacing the one large HPUX server with a
>smaller HPUX server for telnet/Pine access and application support and a
>Linux server for the POP3/IMAP and web support.
This wouldn't be a bad solution either -- typically software like
Apache (and related tools: OpenSSH, OpenSSL, perl, mod_perl, ...) are
a lot easier to compile on Linux than on HP-UX.
>The Linux server would house all of the user storage space (around
>300GB) with the HPUX box accessing it with NFS.
This is where I'd be a bit suspicious -- but on the other hand don't
have any hard evidence against. That is, what is the current state of
Linux NFS support (and this is not to say that NFS -esp. automount- on
HP-UX would be trouble-free, either).
>The Linux box would also run Samba to give the Windows NT/2000
>workstations in the computer labs access. Ideally, the accounts would be
>authenticated using Kerberos through Active Directory with NIS or LDAP being
>alternatives in the event Active Directory isn't feasible for us by then.
It looks like this would be possible (i.e. using the w2k AD/kerberos as
the primary authentication source). Unfortunately I don't have details
on this, but rumours indicate so.
>I currently run a combination of HPUX, Linux, and Windows NT servers.
... so, by choosing Linux you're not even growing your OS variation,
which makes sense.
>A couple of questions about using Linux for what I'm doing:
>
>1) How well does Linux do multiple processors?
Dual CPU should be ok, and Linux should also scale somewhat well to
four CPUs. Eight apparently starts to be a bit too much, from what
I've read. The performance still is over what you get with four, but
the scaling isn't linear any more -- and apparently os is the bottleneck.
I'm not sure if 2.4 helps in this regard.
>5) How is Linux's reliability and performance under high loads?
Extremely high memory and network loads apparently could be handled
better, but saturating CPUs or disks shouldn't be a big problem.
2.4 should bring enhancements on the memory side, but the netowrk
side isn't changing that dramatically.
>3) How well does Linux handle hundreds of Samba connections?
Mostly problems might appear if you heavily overload your network
bandwidth -- I don't see other problems.
>2) How well does Linux handle RAID? How about the Dell RAID controllers
>(Quad PERC 2)?
>4) How is Dell's commitment to Linux? How about their driver support?
>6) I've seen info on LVM for Linux. Is it viable at this time?
Hardware RAID somewhat reduces your need for LVM. Splitting the space
at the RAID controller level isn't as flexible as with LVM, but can be
done. I'd put Linux LVM still into the "semi-experimental, not much
used" -category. About Dell's commitment and quality of their RAID
solution I cannot comment -- but if it's ok, then you can use it to
avoid LVM.
>7) What are the limitations on the size of mount points or hard disks
>under Linux?
Hmm.. I've seen something over a 100G, so it's quite big. How big,
I don't exactly know.
I hope this was of any help,
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ UH++++$ UL++++ P++@ L+++ E(-) W+$@ N++ !K w !O
!M V PS(+) PE Y+ PGP(+) t- 5 !X R tv--- b+ !DI D G e+ h--- r+++ y+++
"...cancel my subscription to the resurrection!" (Jim Morrison)
------------------------------
From: [EMAIL PROTECTED] (H.Bruijn)
Subject: Re: Passwd encryption
Date: 2 Apr 2001 22:10:31 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 02 Apr 2001 17:18:39 -0400, Bahman Motamed allegedly wrote:
>Hello all,
>
>I am using .htacces which is the passwd protection for dir's that my
>hosting company uses. When a user is asked to type the passwd from there
>
>on anyone can snoop the passwd, I'd like to know if there is an
>encrypter out there that I can use with .htaccess or some other PERL of
>CGI programs that encrypts the passwd over internet.
>
>Any input is appriciated.
No. If you would use java script applet to encrypt the password on the
client-side, and then use that to send an encrypted password, someone
would simply snatch the encrypted password, and use that to gain access.
For cgi scripts holds of course that they too reside on the server and
need the plain password before it can be encrypted.
The only way AFAIK, short of programming a public_key java applett, is
to use https (aka SSL) instead of http. That will encrypt all
communications between the client and your webserver, including the login
name and passwords. There are modules to enable apache to handle SSL/https
and patched versions of apache that use SSL as well.
http://www.apache-ssl.org resp. http://www.modssl.org
You'll need to buy/lease a certificate from fi verisign (or one of their
competitors) which isn't cheap, or you can generate your own, but that
means your clients will get a security warning, that it is an unsigned
certificate, are they sure they wish to continue? Not the end of the
world but quite annoying even for those who know it isn't that serious a
warning.
--
If a trainstation is the place where trains stop, what is a workstation?
========================================================================
Herman Bruijn website: http://hermanbruijn.com
The Netherlands
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.setup.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
