Tuesday, June 4, 2013

Linux Terminal Service on CentOS 6.4 Script




Part 1 TigerVNC Setup
l  Chapter 1  Linux Terminal Server
l  Chapter 2  TigerVNC packages
l  Chapter 3  Using TigerVNC on Clients
Part 2 NX/FreeNX Setup
l  Chapter 4 FreeNX  Program
l  Chapter 5 NX Serer
l  Chapter 6 NX Clients

Chapter 1 Linux Terminal Server
1. What is Terminal Sever (X Server)?
l  used to display an X windows session running on another computer.
l  Xserver is running on the remote computer, not on your local
workstation.
l  workstation ( Linux or Windows ) is only displaying a copy of
the display ( real or virtual ) that is running on the remote machine.
2. Testing Environment
a. Linux terminal server
      server.chul.com – 192.168.80.5 (CentOS 6.4)
b. Linux terminal client
      client.chul.com – 192.168.80.6 (CentOS 6.4)
c. Windows terminal client – Windows 7 (64bit) , DHCP

Chapter 2 TigerVNC packages
1.TigerVNC packages
# rpm –qa | grep tigervnc
# yum install tigervnc tigervnc-server -y
# yum update libXfont pixman pixman-devel -y
2. TigerVNC Configuration
a. /etc/sysconfig/vncservers
VNCSERVERS="1:tland 2:linux"
 VNCSERVERARGS[1]="-geometry 1024x768"
 VNCSERVERARGS[2]="-geometry 1024x768“
b. User and password for VNC client
# su – tland ; vncpasswd
# su – linux ; vncpasswd
c. VNC Server startup
# service vncserver start
# ps –ef | grep vnc ; netstat –nat | grep 5901

Chapter 3 Using TigerVNC on Clients
1. Access VNCServer  on Client
a. On Linux system
# yum install tigervnc -y
# vncviewer 192.168.80.5:1
b. On Windows 7 Using TigerVNC Viewer
Download:  sourceforge.net/projects/tigervnc/files/
Server: 192.168.80.5:5901 or 192.168.80.5:1
Encryption: always off
2. Encrypted VNC through SSH tunnel
a. In VNC server
# vi /etc/ssh/sshd_config
PasswordAuthentication yes
# service sshd restart
# vi /etc/sysconfig/vncservers
VNCSERVERARGS[1]="-geometry 1024x768 -localhost
# service vncserver restart
b. In VNC Client
# vncviewer –via tland@192.168.80.5 localhost:1

Chapter 4 FreeNX Program
1.Introduction of NX/FreeNX
l  a Terminal Server and Remote Access solution
l  based on enterprise class open source technologies by NoMachine (nomachine.com)
l  session resilience and resource management developed on top of the X-Window system,
l  the integration of powerful resource sharing capabilities, printing and audio of the Linux/Unix world
l  makes it possible to run any graphical application across any network connection
2. Testing environment
a. NX server
    server.chul.com – 192.168.80.5 / NX/FreeNX
b. NX clients
   1. Linux – client.chul.com – 192.168.80.6  / OpenNX
   2. Windows 7 – DHCP  / NXclient-3.5.0-9.exe  (nomachine.com)

Chapter 5 NX Server
1. Installing and Configuration of NX packages on Server
a. Install and configure FreeNX packages
# yum install nx freenx –y
# rpm –qa | grep nx
# vi /etc/nxserver/node.conf
ENABLE_PASSDB_AUTHENTICATION="1"
b. Creating users
# nxserver –adduser tland
# nxserver –passwd tland; ls –l /home/tland/.ssh/
# chkconfig freenx-server on
# service freenx-server start
2. SSH server configuration
# vi /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys2
# service sshd restart

Chapter 6 NX Clients
1. NX client on Linux
a.# yum install opennx
b. Application -> Opennx Client -> Opennx Connection Wizard
Key Import from NX server
c.Try to Login to NX server using Opennx
2. NX client on Windows 7
a. Download NXclient-3.5.0-9.exe  (nomachine.com)
b. Start configuration: Key Import
c. Try to login to NX server using NXclient

Summary
1. Linux Terminal Service
2. How to setup TigerVNC server and client
3. How to setup Freenx /NX on Server
4. How to setup Opennx and NX client on Client

Posted by at No comments:

Mail Server Setup using Postfix on CentOS 6.4 - 1



Mail ServerSetup using Postfix on CentOS 6.4


Part 1 MTA Postfix
§  Chapter 1  Email Service
§  Chapter 2  Mail Transfer Agents
§  Chapter 3  Installation and Startup
§  Chapter 4  Postfix Configuration
Part 2 IMAP & POP3 Server
§  Chapter 5 IMAP and POP3 on Dovecot
§  Chapter 6 MUA Configuration
Part 3 Postfix aliases & access control
§  Chapter 7 Postfix Aliases
§  Chapter 8 Postfix Access Control
§  Chapter 9 Postfix Mailing List using Mailman
Part 4 Postfix Authentication
§  Chapter 10   Postfix Authentication using SASL
§  Chapter 11  Postfix Mail Encryption using SSL/TLS
Part 5 Postfix security
§  Chapter 12 Postfix Antispam
§  Chapter 13 Postfix Antivirus
Part 6 Postfix Extended Features
§  Chapter 14 Postfix Backup mail server (Queuing Server)
§  Chapter 15 Squirrelmail as a webmail
§  Chapter 16 Postfix Admin with MySQL

Mail Server Testing Environment
 1.sever.chul.com: 192.168.80.5
l  Postfix Mail  server (ms1.chul.com)
l  MUA - Evolution
 2.client.chul.com: 192.168.80.6
l  Linux mail client
l  MUA - Thunderbird
l  Postfix Backup Mail server (ms2.chul.com)
3. Windows 7
l  Mail client using MS Outlook 2010

Chapter 1 Email Service
E-mail System Components
1.Mail User Agent (MUA):
A client used to compose and read e-mail (Outlook, Evolution, Thunderbird, Mutt)
2.Mail Transfer Agent (MTA):
An SMTP server used to relay or accept e-mail for delivery (Postfix, Sendmail, Exim, Qmail, Exchange server)
3.Mail Delivery Agent (MDA):
A program used by the final MTA to deliver e-mail to the message store
May be included with the MTA or a separate program such as procmail
4.Mail Access Agent (MAA):
An IMAP/POP3 server used by an MUA to access the message store (Dovecot, Cyrus IMAP)

Chapter 2 Mail Transfer Agents
Agent
Description
Sendmail
Sendmail mail transfer agent, popular but insecure, complicated to configure
www.sendmail.com
Postfix
Fast, easy to configure, and secure mail transfer agent compatible with Sendmail and designed to replace it
www.postfix.org
Qmail
Fast, flexible, and secure MTA with its own implementation and competitive with Postfix
www.qmail.org
Exim
MTA based on smail3
www.exim.org

Chapter 3  Installation and startup
1. Package installation
l  postfix-2.6.6-2.2.el6_1.i686
2. Service startup and main directory
# service sendmail stop
# service postfix start
# ls –l /etc/postfix
3. Service startup checking
# ps –ef | grep postfix
# netstat –nat | grep 25
4. Runlevel registration
# chkconfig  postfix on
# chkconfig –list postfix
5. Testing on command
# telnet localhost 25
# mail –v –s ‘testing mail’  linux@chul.com < /etc/passwd

Chapter 4  Postfix Configuration
1. How to use postconf
a. postconf can display or edit /etc/postifx/main.cf settings
b. postconf :  Display all settings including defaults:
c. postconf –n : Display changes from default settings:
d. Modify current main.cf: postconf -e 'parameter=value‘
    # postconf -e mynetworks_style=subnet
e. Much simpler than editing /etc/mail/sendmail.cf
2. Postfix Daemons - /etc/postfix/master.cf
a. master: postfix master process, runs Postfix daemons on demand
b. smtpd: postfix smtp server, accepts network connection requests and performs zero or more SMTP  transactions  per  connection
c. pickup: Postfix local mail pickup, waits for hints that new mail has been
 dropped into the ‘maildrop’ directory, and  feeds  it  into  the ‘cleanup’  daemon.
d. qmgr: postfix queue manager, awaits  the arrival of incoming mail and
    arranges for its delivery via Postfix delivery processes.
3. Postfix: Accepting Inbound E-mail
a. listen on port 25/tcp on all IP addresses
   inet_interfaces = all
b. include all domains/hosts for which we accept local delivery
   myhostname = server.chul.com
   mydomain = chul.com
   mydestination = $myhostname, $mydomain, jeong.com, localhost
4. Postfix: Outbound SMTP Relay
a. To relay e-mail sent by hosts on your internal network to the Internet:
     inet_interfaces = all
b. To include all internal nets or hosts for which it will relay
     mynetworks = 127.0.0.0/8  192.168.80.0/24
     mynetworks_style = subnet
5. Postfix: Masquerading
a. Causes MTA to modify the envelope & headers of an outbound e-mail message
b. Reduces the number of MX records and hosts/domains to be listed in mydestination
        myorigin = chul.com
        masquerade_exceptions = root
6. Postfix Operation
a. always_bcc = address : Writes all messages
b. postqueue –p  : Displays status of the mail queues
c. postqueue –f  : Attempts to immediately deliver all queued mail
d. tail -f /var/log/maillog : Watch the mail log update in real time
7. Testing mail sending and receiving using domains

Chapter 5 IMAP and POP3 on Dovecot
1.Dovecot supports POP3, POP3s, IMAP, and IMAPs
# yum -y install dovecot
a. # vi /etc/dovecot/dovecot.conf
      protocols = imap pop3
      listen = *
b. # vi /etc/dovecot/conf.d/10-auth.conf
      disable_plaintext_auth = no
      auth_mechanisms = plain login
c. # vi /etc/dovecot/conf.d/10-mail.conf
      mail_location = maildir:~/Maildir
d. # vi /etc/dovecot/conf.d/10-master.conf
       unix_listener auth-userdb {
            mode = 0600
            user = postfix
            group = postfix
          }
# service dovecot start
# chkconfig dovecot on
2. Testing dovecot
# telnet localhost 110
# telnet localhost 143

Chapter 6 MUA Configuration
1.Graphical:
l  Evolution on Server system of Linux for POP3
      # yum install evolution
      user is tland@chul.com
l  Thunderbird on Client system of Linux for IMAP
      # yum install thunderbird
      user is admin@chul.com
l  Outlook 2010 on Client system of Windows 7 for IMAP
       user is jeong@chul.com
2.Text-mode: Mutt and Fetchmail
# mutt -f pop://user@server
# mutt -f pops://user@server

Chapter 7 Postfix Aliases
1. Postfix Aliases
1) Local Aliases –  mail forwarding
2) Virtual Aliases – Incoming and Outgoing Aliases
2.1) Incoming Aliases for Multiple domains (jeong.com, linux.com)
  a. Virtual Alias Domains – Virtual domains using Linux system accounts
  b. Virtual Mailbox Domains – Virtual domains using non-Linux accounts
  c. Virtual Mailbox Domains using Database such as MySQL and LDAP
      - Virtual domains and user mapping using Database
2.2) Outgoing Aliases – change sender’s mail address to receiver (Masquerading)
2. Postfix Local Aliases (/etc/aliases)
a. /etc/aliases contains alias maps
    postmaster:            root
    admin:               tland@chul.com
    alist:               kim,itc,dara,tland
    tland:             linux,jeong
b. Using aliases
# vi /etc/postfix/main.cf
alias_maps = hash:/etc/aliases
# newaliases    or    service postfix restart
# ls –l /etc/aliases*
3.Incoming Virtual Aliases
3.1 Virtual Alias Domains – multiple domains using system accounts
a. Check /etc/postfix/master.cf
   virtual   unix  -       n       n       -       -       virtual
b. Add two alias domains to  /etc/postfix/main.cf
     virtual_alias_domains = jeong.com, linux.com
     virtual_alias_maps = hash:/etc/postfix/virtual
c. Create virtual mapping to /etc/postfix/virtual
admin@jeong.com       admin
info@jeong.com                  jeong
admin@linux.com                  linux
info@linux.com                          itc
@jeong.com                   catchall              //user unknown
@linux.com                   catchall              //user unknown
d. File hash
# postmap /etc/postfix/virtual; ls –l /etc/postfix/virtual*
# service postfix restart
3.2 Virtual Mailbox Domains – multiple domains with non-Linux accounts
a. Check /etc/postfix/master.cf
   virtual   unix  -       n       n       -       -       virtual
b. Add two alias domains to  /etc/postfix/main.cf
     virtual_mailbox_domains = jeong.com, linux.com
     virtual_mailbox_base = /var/spool/mailbox
     virtual_mailbox_maps = hash:/etc/postfix/vmailbox
     virtual_uid_maps = static:1000
     virtual_gid_maps = static:1000
c. Create virtual mapping to /etc/postfix/vmailbox
admin@jeong.com                    jeong.com/admin
info@jeong.com                  jeong.com/info
admin@linux.com                  linux.com/admin
info@linux.com                          linux.com/info
@jeong.com                                jeong.com/catchall
@linux.com                                linux.com/catchall
d. Create User and Directory and File hashing
# useradd –u 1000 vuser
# mkdir –p /var/spool/vmailbox/jeong.com    linux.com
# chown vuser.vuser /var/spool/vmailbox; chmod 700 /var/spool/vmailbox
# postmap /etc/postfix/vmailbox; ls –l /etc/postfix/vmailbox*
# service postfix restart
3.3 Virtual Mailbox Domains using Database like MySQL
a. Checking Postfix for MySQL Map Support
# postconf –m
b. Configuring Database
Create db, table and users on MySQL
c. Configuring Postfix to Use the Database
# vi /etc/postfix/main.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/virtual_mailbox_domains.cf
virtual_uid_maps = mysql:/etc/postfix/sql/virtual_uid_maps.cf
virtual_gid_maps = mysql:/etc/postfix/sql/virtual_gid_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/virtual_mailbox_recipients.cf
virtual_alias_maps = mysql:/etc/postfix/sql/virtual_alias_maps.cf
# mkdir /etc/postfix/sql
# service postfix restart
4. Postfix Outgoing Aliases (/etc/postfix/generic)
a.  Activate outgoing aliases in /etc/postfix/main.cf
 smtp_generic_maps = hash:/etc/postfix/generic
b. Creating table in /etc/postfix/generic
root@server.chul.com                 admin@chul.com
linux@chul.com                                       linux@jeong.com
c. Save and close the file. Create or update generic postfix table
# postmap /etc/postfix/generic
d. Restart postfix
# service postfix restart
5. Alias Testing
a. Local aliases
b. Incoming virtual alias testing – virtual domains and virtual box
c. Outgoing virtual alias testing using MTA such as gmail, naver and yahoo

Chapter 8  Postfix Access Control
1. Activate access control in /etc/postfix/main.cf
smtpd_client_restrictions =
     check_client_access hash:/etc/postfix/access
2. Creating access file format in /etc/postfix/access
1.2.3                                                      REJECT
192.168.80.0                              OK
admin@spammer.com                 OK
server.spammer.com                    REJECT
chul.com                                      OK
3. Creating Hash file
# postmap  /etc/postfix/access
# service postfix restart

Posted by at 1 comment:
Subscribe to: Posts (Atom)