Tag Archives: Ubuntu

Networking Setup on Debian Based Systems

Setting up network on linux machine can be a little challenging if you want to do static ip address.

First you need to be familiar with networking files and commands in linux.

Briefly ifconfig is the command you will use oftenly.

ifconfig will list network interfaces with their IP, and broadcast, netmask.
To see your gateway use route -n

Where is your dns servers?
Well check /etc/resolv.conf

If you want to use dhcp (which is by default on all Debian based systems) you should not touch any of these.

However what if you need to use static configuration?

Then lets take a look at our interfaces file /etc/network/interfaces

Typical static logical device configuration

# The primary network interface
auto eth1
iface eth1 inet static
address 192.10.119.240
netmask 255.255.255.224
network 192.10.119.224
broadcast 192.10.119.255
gateway 192.10.119.241
dns-nameservers 192.10.119.241
# The secondary network interface
auto eth0
iface eth0 inet dhcp

Here eth1 was configured to use a static IP: 192.10.119.240
netmask, network, broadcast and gateway ips are also defined here as well as dns-nameservers.

auto means interface will automatically be up after boot.
as you see eth0 use dhcp configuration.

If you want to just change the gateway i then

ifconfig eth1 down
route add default gw 192.1o.119.254
ifconfig eth1 up

For more info you can check this document: http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch03_:_Linux_Networking#How_to_Change_Your_Default_Gateway

Recent Open SSH Rumor + How to fix it

I love being in the  IT industry. You never get bored and you learn new stuff everyday. Recently there is a rumor for a possible vulnerability of OpenSSH. I was really interested, so I made a small research. It turns out just a rumor, but if you want to be really sure that your machine is safe, then I recommend you to upgrade openSSH package.

How to fix it?

In your Linux box ( I used Ubuntu in this example), type ssh- v to learn the version you have.  The latest stable version is 5.2 which is publicly available since february 09.  If your distro doesn’t provide this version, then you need to download it from source code, and compile it on your own.

Lets get our hand dirty and install it from source.

First let’s remove openssh from our linux box.

$apt-get remove openssh-client openssh-server

I didn’t use –purge option and remove my config files, since I want to keep them. (But I installed openssh with default option (ah!), then I need to figure out where new config files are, where  new sshd executable is etc, and do some tricks; however you can backup your config files and use –purge option and remove them completely, then paste your files in their new location which is /usr/local/bin, usr/local/sbin)

First go to their website and use wget to download the source (I choosed closest server for me):

$wget http://mirror.mcs.anl.gov/openssh/portable/openssh-5.2p1.tar.gz

Let’s now let’s install Zlib and OpenSSL which are prequisetes, (Probably you already have openssl so you can skip this step)

I installed zlib from it source.

$wget http://www.zlib.net/zlib-1.2.3.tar.gz

$tar xvfz zlib-1.2.3.tar.gz

$cd zlib-1.2.3.tar.gz

$./configure

$make install

And apt-get for openssl

$apt-get install openssl

Now we can tar our openssh package.

$tar xvfz openssh-5.2p1.tar.gz

Then go to inside of openssh-5.2p1 and run

$cd openssh-5.2p1

$./configure

Ahh, you should get some error, why?

You can check log file config.log in the directory. I found that we also need to install libcurl4-openssl-dev

After you install that package, then run

$./configure

$make

$make install ssh -v

Remember that this will install openssh with default option.

Now type $ssh -v, You should see OpenSSH 5.2p1 if you install it correctly. Since I installed openSSH with default option I need to make some changes to get ssh server is running. First, I see that my sshd executable is in /usr/local/sbin; however /etc/init.d/ssh script is looking for it in /sbin directory; so I copy sshd into that directory. Then I see that sshd check /usr/local/etc/sshd_config file not /etc/ssh/sshd_config file, so then I need to copy my previous sshd_config to /usr/local/etc/sshd_config

Finally it works! Even tough my new config files in the /usr/local/etc I am happy with that.

I hope this helps for ones who concern about their ssh server security.