Build your own server

fmriguy 8th June 2007, 18:37

Quote:

Originally Posted by pendragon
nice article.. i'm curious though, has anyone used/setup FreeNX or NoMachine's NXSever ? I hear it's faster than VNC.. but I've been having a bear of a time trying to set the darn thing up :(

Subjectively it feels a bit faster, but I went with NX just because ssh encryption was built in. No need to first fire up an ssh tunnel and then vnc (lazy, i know).

As far as setting it up, i just used the instructions here:

http://www.nomachine.com/select-package.php?os=linux&id=1

and be sure that you install the NX Client and NX Node packages before installing the NX server.

Great article by the way!

Glider 8th June 2007, 18:46

If lazyness is the problem, x11vnc has the solution

jezmck 9th June 2007, 02:05

is this the most dugg bit-tech article so far?

W1ckeD 11th June 2007, 11:39

Hey Thanks for the Article. :)

But i got a problem.

I downloaded Virtual Box and Xubuntu to try this out.

I started Xubuntu in Virtual Box,after a couple of minutes i get a login screen.
But here is the thing,i don't have a Username/Password.

I didn't saw a installation either,so i'm a bit confused.

I tried:
Username: Xubunu/Unbunu
Password: Nothing/ oem/ unbuntu/xubuntu,

But nothing happens.

I downloaden the same version that is used in the article.

Please help me because i want to learn this. :D

DougEdey 11th June 2007, 11:53

It'll be the lived CD having a hissy fit.

Re-download from a different server. Sometimes the ISOs get changed.

skanlessflipboy 12th June 2007, 18:10

I'm having a problem. Before I elaborate, I'd like to mention that I have follwed the guide verbatim. VERBATIM! I accomplished each step as asked but for some reason, I mange to run into trouble. Any help would be appreciated. I've ran into other problems, but google managed to fix those. I try my best to look up problems on my own, I generally learn things faster that way. But as of now, I'm stumped.

I have 2 problems total. The first has to do with the FTP server. After replacing the contents of proftpd.conf with the one suggested, I attempt to restart the server. The problem though, it fails. Here is the screenshot:
http://aycu28.webshots.com/image/19707/2004487178519734102_rs.jpg

Here is what the proftpd.log says:

Code:

Jun 11 02:17:18 alastaire-ubuntu proftpd[5641] alastaire-ubuntu: error setting IPV6_V6ONLY: Protocol not available
Jun 11 02:17:18 alastaire-ubuntu proftpd[5641] alastaire-ubuntu: ProFTPD 1.3.0 (stable) (built Thu Mar 8 03:01:15 UTC 2007) standalone mode STARTUP
Jun 11 02:20:26 alastaire-ubuntu proftpd[5641] alastaire-ubuntu: ProFTPD killed (signal 15)
Jun 11 02:20:26 alastaire-ubuntu proftpd[5641] alastaire-ubuntu: ProFTPD 1.3.0 standalone mode SHUTDOWN

The next issue begins when I try to create a torrentflux database user, here's the screenshot:
http://aycu03.webshots.com/image/19122/2001094485592521616_rs.jpg

Glider 12th June 2007, 20:57

2 problems, lets get into fixing mode.

For the Proftpd config. Seems there is a problem with the parsing of the config. It has to end with

Code:

</Anonymous>

Try (I put a known working config online):

Code:

cd /etc/proftpd
rm proftpd.conf
wget http://glider.sin.khk.be/linux_guide/bit-article/proftpd.conf
/etc/init.d/proftpd restart

If that fails, delete everything that is related to the anonymous user (so everything between <Anonymous ~ftp> and </Anonymous>, and also those 2 lines) and try to restart

For reference, this is the full config

Code:

ServerName			"FTP Server"
Serverident                     on "FTP"
ServerType			standalone
DeferWelcome			off
TimesGMT                        off


MultilineRFC2228		on
#DefaultServer			on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                	"-l"

DenyFilter			\*.*/

AllowForeignAddress             on
AllowRetrieveRestart            on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd		off

# Uncomment this if you would use TLS module:
#TLSEngine 			on

# Uncomment this if you would use quota module:
#Quotas				on

# Uncomment this if you would use ratio module:
#Ratios				on

# Port 21 is the standard FTP port.
Port				21
SocketBindTight                 on

PassivePorts                    11000 20000


# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

# Set the user and group that the server normally runs at.
User				nobody
Group				nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022  022
# Normally, we want files to be overwriteable.
AllowOverwrite			on

AllowForeignAddress             on
AllowRetrieveRestart            on
AllowStoreRestart on

# Speed up the server, no DNS lookups, just plain ip's. Turn off when being hax0r3d.
UseReverseDNS off
IdentLookups off

DefaultRoot                     ~
ExtendedLog                     /var/log/proftpd.all ALL


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default. 
DelayEngine 			off

<Anonymous ~ftp>
  User                          ftp
  Group                         nogroup
  UserAlias                     anonymous ftp
  DirFakeUser                   on ftp
  DirFakeGroup                  on ftp
  RequireValidShell             off
  MaxClients                    10
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message
  AccessGrantMsg                "Anonymous access granted for user %u connecting."

  MaxClientsPerHost             1

  <Directory *>
    #DenyAll
    TransferRate        RETR 50
    <Limit WRITE>
      DenyAll
    </Limit>
  </Directory>
</Anonymous>

For the DB user, try doing it as root, so

Code:

sudo su
mysqladmin -u root -p create torrentflux

Hope that helps...

Bulb66 13th June 2007, 10:50

Hi Glider,

i had the same problem with regards to the FTP server, i replaced the conf with the text you provided which stoped the first error now i get this

Quote:

- IPv6 getaddrinfo 'Linux-box' error: No address associated with hostname

when i restart.

any ideas, i'm a noob when it comes to linux but thought i would give the a go as i had some hardware laying around.

Thanks

Bulb66

Glider 13th June 2007, 11:01

Don't worry about that, that's a DNS warning. Your FTP server should work perfectly.

EDIT: for the picky ones, that's because there isn't any IPv6 address associated with the hostname. Not sure if it's a fix, but it might help to add the IPv6 address & hostname in /etc/hosts. Or just ignore this warning and use IPv4 adresses ;)

Bulb66 13th June 2007, 11:20

Ok,

this might be a silly question but how do i connect to it?

i've tried a ftp prog and internet explorer but they don't connect?

Bulb66

TheEclypse 13th June 2007, 12:10

Quote:

Originally Posted by Bulb66
Ok,

this might be a silly question but how do i connect to it?

i've tried a ftp prog and internet explorer but they don't connect?

Bulb66

Are you trying with the local LAN IP adderss/name? If your using the external one you have to make sure your router is setup properly.

Glider 13th June 2007, 12:29

Download a FTP client (like SmartFTP), install it and make a connection to your server's IP (SmartFTP has great howtos).

In case you don't know your servers IP adress, issue

Code:

sudo ifconfig

in a terminal, or look up in this thread for a more in depth explanation about that, and setting static IP's.

Bulb66 13th June 2007, 13:25

Ok, i think i am using the local ip which is given out by my router. when i issue

Code:

sudo ifconfig

i get

Quote:

eth0 Link encap:Ethernet HWaddr 00:40:95:30:71:0D
inet addr:192.168.1.68 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::240:95ff:fe30:710d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1636 errors:0 dropped:0 overruns:0 frame:0
TX packets:1438 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:168639 (164.6 KiB) TX bytes:614265 (599.8 KiB)
Interrupt:11 Base address:0x6000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2427 errors:0 dropped:0 overruns:0 frame:0
TX packets:2427 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:651725 (636.4 KiB) TX bytes:651725 (636.4 KiB)

i am using the linux username and password is that correct (i have tried other password i made during the guide)

Thanx

Bulb66

DougEdey 13th June 2007, 13:31

So you're using 192.168.1.68?

Can you goto another machine and run "ping 192.168.1.68"

Bulb66 13th June 2007, 13:35

yeah i can ping it.

bulb66

DougEdey 13th June 2007, 13:37

Try connecting from the local machine by using the IP address 127.0.0.1

That will tell you if it's running or not

Bulb66 13th June 2007, 13:41

ok, i can ping 127.0.0.1 but when i try and connect to it with smartFTP i get this,

[13:39:44] SmartFTP v2.5.1006.4
[13:39:44] Resolving host name "127.0.0.1"
[13:39:44] Connecting to 127.0.0.1 Port: 21
[13:39:45] No connection could be made because the target machine actively refused it.
[13:39:45] Cannot login waiting to retry (30s)...
[13:39:45] Client closed the connection.

bulb66

Glider 13th June 2007, 13:42

Also, post the output of

Code:

sudo netstat -taunp

TheEclypse 13th June 2007, 13:44

I got that error when I used the config on here, in the end I used this as my config:

Code:

ServerName			"Deep Thought"
ServerType			standalone
ServerIdent			on		"DeepThought"
DeferWelcome			on
DefaultServer			on

DisplayLogin			.welcome	# Textfile to display on login
DisplayConnect			.connect	# Textfile to display on connection
DisplayFirstChdir               .firstchdir	# Textfile to display on first changedir

UseReverseDNS       		off
IdentLookups        		off

Port				21
Umask				022
MaxInstances                    15
MaxClientsPerHost               3 		"Only %m connections per host allowed"
MaxClients                      10 		"Only %m total simultanious logins allowed"
MaxHostsPerUser                 1

User				nobody
Group				nogroup

ScoreboardFile 			/var/log/scoreboard

# Some logging formats
LogFormat            		default 	"%h %l %u %t \"%r\" %s %b"
LogFormat            		auth    	"%v [%P] %h %t \"%r\" %s"
LogFormat            		write   	"%h %l %u %t \"%r\" %s %b"

# Define log-files to use
TransferLog          		/var/log/proftpd.xferlog
ExtendedLog         		/var/log/proftpd.access_log    WRITE,READ write
ExtendedLog          		/var/log/proftpd.auth_log      AUTH auth
ExtendedLog          		/var/log/proftpd.paranoid_log  ALL default


AllowStoreRestart 		on
AllowRetrieveRestart		on
RequireValidShell               off
PathDenyFilter                  "\\.ftp)|\\.ht)[a-z]+$"
DefaultRoot 			/
DenyFilter 			\*.*/

ListOptions			"" strict

I cant vouch for how secure it is though.

Bulb66 13th June 2007, 13:46

output as requested:

Quote:

james@Linux-box:~$ sudo netstat -taunp
Password:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 4736/hpiod
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:36842 0.0.0.0:* LISTEN 5184/rpc.statd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 4880/mysqld
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 5114/smbd
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 5314/x11vnc
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 3935/portmap
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5318/apache2
tcp 0 0 0.0.0.0:1008 0.0.0.0:* LISTEN 5069/rpc.mountd
tcp 0 0 0.0.0.0:52756 0.0.0.0:* LISTEN -
tcp 0 0 127.0.1.1:21 0.0.0.0:* LISTEN 5228/proftpd: (acce
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 4712/cupsd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 5114/smbd
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 4748/python
tcp 8 0 127.0.0.1:5900 127.0.0.1:34579 ESTABLISHED5314/x11vnc
tcp 0 0 127.0.0.1:34579 127.0.0.1:5900 ESTABLISHED6969/0
tcp6 0 0 :::22 :::* LISTEN 5139/sshd
tcp6 0 0 ::ffff:192.168.1.68:22 ::ffff:192.168.1.6:2094 ESTABLISHED6967/sshd: james [p
udp 0 0 0.0.0.0:32768 0.0.0.0:* 4573/avahi-daemon:
udp 0 0 0.0.0.0:2049 0.0.0.0:* -
udp 0 0 0.0.0.0:32770 0.0.0.0:* -
udp 0 0 0.0.0.0:32771 0.0.0.0:* 5184/rpc.statd
udp 0 0 192.168.1.68:137 0.0.0.0:* 5110/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 5110/nmbd
udp 0 0 192.168.1.68:138 0.0.0.0:* 5110/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 5110/nmbd
udp 0 0 0.0.0.0:696 0.0.0.0:* 5184/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 3661/dhclient3
udp 0 0 0.0.0.0:5353 0.0.0.0:* 4573/avahi-daemon:
udp 0 0 0.0.0.0:1005 0.0.0.0:* 5069/rpc.mountd
udp 0 0 0.0.0.0:111 0.0.0.0:* 3935/portmap

Bulb66

Glider 13th June 2007, 13:47

Quote:

Originally Posted by TheEclypse
I got that error when I used the config on here, in the end I used this as my config

It's as safe... and logs a lot more :) But it doesn't allow anonymous FTP. Not that that would be a problem.

EDIT:

Code:

tcp 0 0 127.0.1.1:21 0.0.0.0:* LISTEN 5228/proftpd: (acce

Proftpd is only listening on the localhost. I'm not 100% sure, but taking

Code:

SocketBindTight                 on

out of the config (/etc/proftpd/proftpd.conf and restarting proftpd (/etc/init.d/proftpd restart) should fix it

DougEdey 13th June 2007, 13:50

Quote:

tcp 0 0 127.0.1.1:21 0.0.0.0:* LISTEN 5228/proftpd: (acce

There's your problem, it's listening on 127.0.1.1

check the config and change it to 127.0.0.1

TheEclypse 13th June 2007, 13:51

Quote:

Originally Posted by Glider
It's as safe... and logs a lot more :) But it doesn't allow anonymous FTP. Not that that would be a problem.

Good to know :D

Bulb66 13th June 2007, 14:02

Hey,

i have to admit i don't understand anything you put their, lol

i tried your code TheEclypse and i connect right away using the 192 address, so thanks.

so would i be able to connect to this ftp server over the internet?

Bulb66

TheEclypse 13th June 2007, 14:04

Quote: