Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject:
PostPosted: Wed Feb 16, 2011 3:31 am 
Offline
Senior Member

Joined: Fri Dec 10, 2010 6:45 pm
Posts: 63
Interesting... did you try to ssh into the new port as well? Confirm that sshd_config still includes the change and isn't commented out or something.

FYI, When you change a config file it is not necessary (practically ever) to reboot the whole server, just restart the daemon with service restart sshd or /etc/init.d/ssh restart.


Top
   
 Post subject:
PostPosted: Thu Feb 17, 2011 5:18 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Cheers IML,

I am now getting to the point of just wanting to pay someone to sort this thing out for me...

Anyone interested drop me a line. Cheers

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject: Webmin and virtualmin
PostPosted: Thu Feb 17, 2011 5:58 pm 
Offline
Junior Member

Joined: Tue May 05, 2009 8:22 am
Posts: 26
Website: http://khobbits.co.uk
Location: England
I have a different approach for you.

Throw up a blank copy of either CentOS 5 or Ubuntu 10.04.

Code:
wget http://software.virtualmin.com/gpl/scripts/install.sh
chmod +x install.sh
./install.sh


That should set webmin/apache/mysql and such up for you automatically.


Top
   
 Post subject:
PostPosted: Sat Feb 19, 2011 5:19 pm 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Hi KHobbits,

Thanks for taking the time to suggest this, I appreciate it.

I have laboured to achieve a pretty simple task, viz close down root access, and close down easy port access.

To the best of my knowledge I have achieved this...

Now I am slightly confused though...

How do I do a Yum Update if I can't access root?

Do I do a sudo command?

--------

Regarding the coding you have given me, is this a safe way to proceed?
(Sorry, I am a security retentive.)

I am not quite sure what "throwing up a blank copy of Centos" means...
(sorry, this is all new territory to me)

Once I do what you suggest, will I be working in a GUI for any further tasks?

Thanks
Marcus

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Sat Feb 19, 2011 5:58 pm 
Offline
Junior Member

Joined: Tue May 05, 2009 8:22 am
Posts: 26
Website: http://khobbits.co.uk
Location: England
The method I explained works best on a blank install of an os. IE it is best you run it on a system before doing any further configuration.

Depending on the scale of a web panel and how much functionality you want available, it is usually best to be cautious with how you configure a system. Most web panels will begin to fall over if you change settings which they rely on. In fact it could become a security concern if the webpanel makes changes to one config file that would usually be fine but because you modified another, it ends up creating hole.

Webmin is a free control panel that was designed to provide easy administration of services and config files. On its own webmin isn't very useful to anyone other than the server maintainers. Virtualmin GPL is the free version of a commercial product developed by the same guy who maintains webmin. It is a alongside product which extends the interface to allow people to maintain domain settings. It is useful in a shared user or multiple domain environment because it draws walls between virtual hosts. It makes it possible for users to edit their own apache configs, and for domains to stand separate and more secure from cross site attacks.

The install script steps I posted earlier are that of the recommended method to install both virtualmin and webmin. The script installs these packages along with everything needed to create this type of service.

Personally I still use the CLI quite often when working on a virtualmin machine, I just generally avoid editing files I know virtualmin edits itself.



If you disable root, you will need to do most commands through sudo, there are usually a few tricks to get back to root even if its disabled by using "sudo su" or "sudo -i".


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 9:21 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Cheers KH,

I will run with it....


Incidentally, since installing my Linode, (and doing nothing on it), I have 1 surge and 1 block in the top and bottom graphs, and the middle Graph is a green and blue forest -

Is that normal?

Cheers

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 10:26 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Btw,

I have done what you say..I type in <sudo su> and get a message about
great power and great responsiblity.

I then put in my root password....but it won't give me access.....

is this normal?

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 10:53 am 
Offline
Senior Member
User avatar

Joined: Fri Oct 24, 2003 3:51 pm
Posts: 965
Location: Netherlands
HerbertMouse wrote:
I then put in my root password....but it won't give me access.....

is this normal?


sudo requires the password of the user who is executing it, not the password for root. You can configure sudo to assign different powers to different users and nobody needs to become root.

_________________
/ Peter


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 12:43 pm 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
thanks Peter...

all help greatly appreciated!

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 5:01 pm 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
[*****@li888-88 ~]$ sudo su
[sudo] password for *****:
***** is not in the sudoers file. This incident will be reported.
[*****@li888-88 ~]$


I am wondering what stupidity have I committed here.......

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 5:51 pm 
Offline
Senior Member
User avatar

Joined: Fri Oct 24, 2003 3:51 pm
Posts: 965
Location: Netherlands
You need to add a line like this to the /etc/sudoers file:
Code:
yourusername ALL=(ALL) ALL

This example enables the user 'yourusername' to execute all commands as any user. You need to edit the file as root using the visudo command. Check the sudoers man page for more control options.

_________________
/ Peter


Top
   
 Post subject:
PostPosted: Sun Feb 20, 2011 8:59 pm 
Offline
Junior Member

Joined: Tue May 05, 2009 8:22 am
Posts: 26
Website: http://khobbits.co.uk
Location: England
Unless you give a user sudo access, you will have quite a hard time doing anything without a root user!

Assuming you haven't locked yourself out of the root account completely, you could use 'su' on its own to try switching to it.
Failing that, you could try logging into your linode using lish (the ssh console in the account panel). Even if you disabled root for ssh, console usually still has access.
If you still can't get anywhere, the linode panel lets you reset your root password through its web panel.
And finally, linode has a recovery image you can mount which lets you modify the linode from it, without actually booting it, although by this point its usually easier to start from scratch :P.


Edit: about the spikes...
The linode graphs try to use the best scale to represent the amount of data/cpu/io your using. Your linode can use up to 400% cpu (4 cores), yet if you never go above 5% you will generally get a graph showing quite a bit of fluctuation between 2-4%. So seeing alot of spikes or large blocks isn't bad. As long as your not constantly burning through resources at a rate that would pass your cap or be unfair it isn't a problem.

(A Linode 512 host has at most 40 other hosts. A linode host has 8 cores. 800/40 = 20. If your averaging over 20% CPU usage your eating up more than your fair share :p)


Top
   
 Post subject:
PostPosted: Tue Feb 22, 2011 8:27 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Hey Pclissold,

I tried visudo /etc/sudoers and it drew a blank (bash command not found)

so I went in with Nano,
and stuck the code you suggest in the file, (at the end)

Cheers

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Tue Feb 22, 2011 8:38 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Otherwise...KH.. I did the Virtualmin, with some success, except:


|WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.96.5 Recommended version: 0.97
/WARNING: getfile: daily-12341.cdiff not found on remote server (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-12341.cdiff from database.clamav.net
WARNING: getfile: daily-12341.cdiff not found on remote server (IP: 163.1.3.8)
WARNING: getpatch: Can't download daily-12341.cdiff from database.clamav.net
WARNING: getfile: daily-12341.cdiff not found on remote server (IP: 217.135.32.99)
WARNING: getpatch: Can't download daily-12341.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
\WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 58, recommended = 60
\Enabling quotas on filesystem for /home

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
 Post subject:
PostPosted: Tue Feb 22, 2011 8:52 am 
Offline
Junior Member

Joined: Mon Jan 24, 2011 12:03 pm
Posts: 27
Website: http://www.themarcuswest.com/seo-consultancy
Location: wiltshire, uk
Re the Virtualmin install.

KH,

Now I have completed the install, I go to

https://***.**.***.**:10000

and get a red warning page telling me not to proceed because of a possible interception.

Alternatively if I try
https://***.**.***.**: port number>

I get 'this webpage is not available'.

er......lost as usual :)





P.s. what is Cloudmin....is it relevant?

_________________
enjoying meeting interesting people, completely abjectly ignorant about coding, but still loving Linux


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group