[an error occurred while processing this directive]

Setting up Linux

@stud.ies.auc.dk

This page requires you to have been registered at the student network. If you're not, then click here.

Contents:


Installation of Linux via the student network (PC version)

You can install Linux directly via the student network, once you have been registered. The server SUNsite Denmark is connected directly to the student network and is a mirrorsite for the Red Hat Linux distribution. The first step in the installation proces is to obtain a boot disk. A few copies of these are available at the KOM student helpers office for you to borrow. Alternatively (and better for us), you can produce them yourself using the "rawrite" program, that comes with the distribution - the procedure for doing this should be well documented IN the distribution itself.

Before you start, you should find all available technical data about your PC and the hardware fitted in it, as it can be neccesary to supply some informations to the installation program. These informations could be: The type and ressources of your SCSI controller (if any), your network interface type and ressources, the partitioning of your harddrive(s), mouse type - in short: ALL you can find out.

The next step is to start the installation (boot up from the boot-floppy) and follow the instructions on screen. After some time, you will be prompted to select the preferred installation method (CD-ROM, HDD, NFS, FTP). Here you should select FTP, proceed and again follow instructions for a while. Eventually you will be prompted for the TCP/IP setup of your network interface card. Here you must insert the data you received, when you were registered at the student network:


           Configure TCP/IP

 [ ] Configure device with bootp

 IP address:                10.x.x.x     (Your IP adress - get it here)
 Netmask:                   255.0.0.0
 Default gateway (IP):      (enter nothing here, configure it later)                        
 Primary nameserver:        10.225.50.3

And the next form should be filled out like this:


           Configure Network

 Domain name:               stud.ies.auc.dk
 Host name:                 (your username).stud.ies.auc.dk      
 Secondary nameserver (IP): 10.225.51.16
 Tertiary nameserver (IP):  10.225.51.19

Now the installation program will prompt you for the server containing the Red Hat install files, and for the directory which contains them. Here you must type (important!):


             FTP Setup

 Please enter the following information:

     * the name or IP number of your FTP server
     * the directory on that server containing
       Red Hat Linux for your architechture

 FTP site name      : sunsite.stud.ies.auc.dk (NOT sunsite.auc.dk!!!)
 Red Hat directory  : /pub/os/linux/redhat/redhat-6.0/i386/   

Please note that you should type the path (directory) absolutely correct, or the installation program will come up with an error. If you want to install another version than 6.0, the path should of course be different. If the nameserver setup for some reason doesn't work, the installation won't recognize the server "sunsite.stud.ies.auc.dk". In this case, you should substitute "sunsite.stud.ies.auc.dk" with the IP adress "10.225.51.30", but please note that this address could theoretically change without notice.

At this point, the installation program should begin to transfer data from the server, and you can now to continue the installation process. If the installation program for some reason can't detect your network interface card, you can install Red Hat Linux from a CDROM instead. Such a CDROM can be borrowed for a short time from the KOM student helpers in room A3-101.

Last but not least, you should set up some static routes, please check the procedure in the next part.

If you can't make the procedure above work, you can wait until the next RedHat Install Party, that is held once every year at the institute. Find more information about this activity on the homepage of Danish RedHat User Group

Additional documentation regarding (installation of) Linux, can be found a lot of places on the internet, try sunsite.auc.dk/ldp or www.redhat.com.


Setup of already installed Linux

After you have fitted your network interface card in your computer, you should make sure, that you're using a linux kernel that has support for your network interface card (NIC). If you haven't, setting up TCP/IP network won't help you a bit. A way to check whether your kernel supports your NIC is to issue the command cat /proc/net/dev, which could (should!) result in an output like this:

# cat /proc/net/dev 
Inter-|   Receive                  |  Transmit
 face |packets errs drop fifo frame|packets errs drop fifo colls carrier
    lo:    185    0    0    0    0      185    0    0    0     0    0
  eth0:  18046    0    0    0    0    17482    0    0    0    58    0

The important part here is to determine whether an interface named eth0 shows up. If this is the case, you're ready for the next step. If NOT, you should probably recompile your kernel to make it support your NIC. Instructions for compiling new kernels can be found in your linux directory structure (if you haven't moved files too much about since you installed linux) in /usr/src/linux/README.

Setting up TCP/IP

You must now edit the file /etc/sysconfig/network-scripts/ifcfg-eth0 (note: you'll have to login as root to do this). Here you should correct the assignments for IPADDR, NETMASK, NETWORK og BROADCAST. To setup linux for the student network, these fields should contain:

DEVICE="eth0"
IPADDR="10.x.x.x"  (Get this number here)
NETMASK="255.0.0.0"
NETWORK="10.0.0.0"
BROADCAST="10.255.255.255" 
ONBOOT="yes

IPADDR is the IP adress, that was assigned to you by the "KOM Dataværksted". After having filled in this information, try issuing the command /etc/rc.d/init.d/network restart from a shell - this should start the network. To check it, you can ping your own IP address: ping 10.x.x.x. If the response is "alive" or something like "64 bytes from 10.x.x.x: icmp_seq=0 ttl=255 time=1.1 ms, the setup is succesful. The next step is to setup nameservers.

Name-server (DNS)

A nameserver holds the relationship between IP adresses and hostnames. At the present moment, you would have to use the IP adress to connect to a server, but if you setup nameservers, you can connect to the hostname instead, which is a lot easier to remember. You'll have to correct two files:

  1. /etc/host.conf should contain:
    order hosts, bind
    multi on
    
  2. /etc/resolv.conf should contain:
    domain       stud.ies.auc.dk
    nameserver   10.225.50.3
    

Now you should be up'n'running - try rebooting your linux box. To check, issue the ping command again, this time with a hostname:

If these two gives a positive result, everything is working so far, and we can proceed to the next setup issue..

Routing

In order to access the mailservers (and other backbone hosts) it is neccesary to add some static routes to your linux box. You can do this by adding the following lines to your "/etc/sysconfig/static-routes" file (if it doesn't exist, create it):

eth0 net 130.225.49.0 netmask 255.255.255.0 gw 10.225.49.1
eth0 net 130.225.51.0 netmask 255.255.255.0 gw 10.225.51.1
eth0 net 130.225.50.0 netmask 255.255.255.0 gw 10.225.50.1

Restart your network with "/etc/rc.d/init.d/network stop" and "/etc/rc.d/init.d/network start", and test the routes with some ping's:

If these result in a reply, everything is working, and you can begin setting up mail, www, ftp and so on. Visit the FAQ - Frequently Asked Questions for further instructions.

Happy networking!


Installation of SSH - Secure Shell

Why install SSH?
SSH is basically a program, that allows you to login to other computers on the nnetwork in the same way as you would use for example telnet. One of the advantages of SSH is that all communication is encrypted, as opposed to telnet. When you use telnet, everything is sent over the network as cleartext, including your password. If you're unlucky that someone is "listening" to the traffic on the net (even though this is forbidden in the rules for using the student network), this person will be able to obtain your password and start abusing your access to the system. SSH uses a very strong crypting code, which makes it literally impossible for anybody (except yourself) to decode your network traffic.

Another important advantage of SSH is, that X-windows informations are transported over your login. This means that you will be able to start for example emacs on one of the servers and see the program window pop up on your own screen, although the program itself is really running on the server. VOILA! You now have your own terminal to work at when the terminal rooms are filled up.

Downloading and installing of the needed files
SSH can be obtained from SUNsite Denmark via FTP. The easiest procedure is to download RPM-files, which can be installed directly into your linux-box. The files are located in:

ftp://sunsite.auc.dk/pub/os/linux/redhat-crypto/i386/

There are three SSH archives (version numbers may differ):

The first and the last is the most interesting at the present moment, but you can install all three right away without getting into any problems. Download the newest version into a directory on your linux box. Now type (logged in as root!):

rpm -Uvh ssh-*

If no errors occurred during the installation, SSH has now been installed. To make the cryptography part work, ssh will now have to generate some large primes, that are a central part of the cryptography algorithm (litterature about PGP cryptography can be borrowed at the KOM student helpers office in room A3-101). To generate the primes, issue the command:

ssh-keygen

and follow the instructions. The cryptographic code for the user who issued the command har now been generated, and you should be able to login to one of the servers by typing:

ssh -l (username) (server)

After which you will be asked (the first time only):

Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)?

Answer "yes", and you will be prompted for your password for the server. If a prompt shows up (just like the one you get when using telnet), everything went well. If your'e running X-windows on your linux box, try starting a program with a graphical user interface, for example emacs or xv. Then the window of that program should pop up on your screen.

Setting up SSH deamon is not documented further here, but a lot of help should be availabe via the WWW and by using the commands:

man ssh
man sshd

Further information about SSH kan be found at www.cs.hut.fi/ssh, which is the official homepage for SSH. Here you can find the source code too, if you wish to compile it by yourself.

NOTE! At the present moment, only ssh-1.x is supported at the institute. If you install ssh-2.x you must configure it to fall back to ssh-1.x in case the other end doesn't support 2.x!


NFS mount of Linux-box

What does NFS do?
NFS (Network File System) gives several computers the possibility to use the same computer for mounting for example /home. It also gives you the possibility for the opposite, that is mounting several harddisks located on your Linux box in your home directory.

Why is this smart?
Students are allowed to store a maximum of 50 megabytes on the server. If you need more space, you either violate this maximum and the server disk will eventually run out of space, or else you can mount some storage space from a Linux-box. If you do so, the maximum allowed storage space is only limited by your own harddisk capacity.

Setting up NFS shares
The file /etc/exports defines the NFS shares. Here you can specify what you want to share and with which permissions, see man exports for further documentation. In the example below /home is shared to the computer TRABANT. This means that the home directories contained in /home on your linux box will be accessible on TRABANT only.

Example of an NFS share:
In /etc/exports the following lines should be added:

/home      trabant.kom.auc.dk(rw)        # apply this if you
                                         # are on the kom network

/home      flovmand.control.auc.dk(rw)   # apply this if you
                                         # are on the control network
                                         

/home      aegir.vision.auc.dk(rw)       # apply this if you
                                         # are on the vision network

To start the share, the NFS deamon (nfsd) has to read the new share definitions. This is accomplished by issuing the following command (this is done automatically during a boot):

exportfs

Your new share should now be accessible on TRABANT (or any other host you setup above) under /net/HOSTNAME.stud.ies.auc.dk. If you study at the MIBA department, the path is /network/HOSTNAME.stud.ies.auc.dk instead!

In order to make file permissions work correctly, the UID's and GID's of the two machines should be exactly the same. As we don't have the permissions to modify these values on TRABANT , we have to modify the ones on our Linux box. One way to find your UID and GID on TRABANT is by issuing the following commands:

ypcat passwd | grep USERNAME
ypcat group | grep GROUPNAME

The output from the first command gives you a line, that you should add to your own /etc/passwd file, and the second command gives you a line, that should be added to your own /etc/group file.

You should notice, that by sharing your diskdrives this way, you will enable everybody on TRABANT to access them, unless you set the permission bits correctly. That is, if you only want yourself to be able to read and write to your disks, you should protect /home/USERNAME with:

chmod 700 /home/USERNAME 

Please note that if you decide to share your drives with NFS, it is at your own risk!

[an error occurred while processing this directive]