Änderungen
LQPP/installation-betriebssystem-hornigold (Quelltext anzeigen)
Version vom 5. Januar 2011, 12:30 Uhr
, 12:30, 5. Jan. 2011→SSH-Config
=Configuration of hornigold.lqfb.piratenpartei.de=
==RAID==
*2x36,4GB (ID3,ID4), RAID 1+0
**Maximum boot partition disabled
*2x28,2GB (ID0,ID1), RAID 1+0 plus 1x28,2GB (ID2) as spare
==Installation debian==
-> Install
-> English
-> other
-> Europe
-> Gemarny
-> German
-> Primary network interface eth0
-> Hostname: rogers
-> Domain Name: lqfb.piratenpartei.de
-> Manual
-> cciss/c0d0
-> Create a new partition
-> 12GB, primary, beginning, ext3 at /, Bootable flag ON
-> create new partition
-> REST, primary, beginning,
-> use as: physical volume for encryption
-> AES/256/cbc-essiv:sha256/Random key/no/off
-> cciss/c0d1
-> create new partition
-> 20GB, primary, beginning,
-> use as: physical volume for encrypti-> cciss/c0d1/c0d1on
-> AES,256,cbc-essiv:sha256,passphrase,yes,off
-> create new partition
-> 5,0GB, primary, beginning, ext3 on /var/log
-> configure encrypted volumes
-> yes
-> yes again
-> passphrase c0d1p2 according to security manifest
-> Select c0d1p2
-> Ext3, mount_point /var/lib
-> Done setting ...
-> select c0d0p2, swap
-> Done setting
-> Finish partitioning and write changes to disk
-> YES
-> (watch the progress bar or do something else)
-> root passwort according to security manifest
-> system user mpd
-> mpd passwort
-> Germany
-> mirror: ftp.de.debian.org
-> no
-> no
-> deselect standard system
-> grub YES
-> Continue
==Configuration==
Update packages
apt-get update
apt-get upgrade
===LF-Dependencies===
apt-get install lighttpd postgresql libpq-dev lua5.1 liblua5.1-0-dev build-essential ghc libghc6-parsec-dev imagemagick tig
vim /etc/apt/sources.list
Add deb http://www.backports.org/debian etch-backports main contrib non-free to
apt-get install etckeeper git-core metastore -t etch-backports
cd /etc
etckeeper init
git add .
etckeeper commit 'Initial commit'
git gc
ssh-install
apt-get install openssh-server
===Komfort===
aptitude install screen
apt-get install bash-completion less
bash-completion einkommentieren
vi /etc/bash.bashrc
# enable bash completion in interactive shells
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
apt-get install vim-nox
update-alternatives --config editor
selection number 4
===Nutzer registrieren und ssh-key-login===
adduser alx
adduser ibo
Keys eintragen
su - alx
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
su - mpd
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
su - ibo
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
exit
===sudo installieren===
apt-get install sudo
visudo
Einkommentieren: %sudo ALL=NOPASSWD: ALL
vi /etc/group
-> sudo:x:27:alx,ibo,mpd
===SSH-Config===
vi /etc/ssh/sshd_config
Kein direkter root-Login
PermitRootLogin no
Kein Kennwort-basierender Login
PasswordAuthentication no
SSH-Daemon neustarten
/etc/init.d/ssh restart
===RAID-Controler===
apt-get install arrayprobe
wget "http://switch.dl.sourceforge.net/project/cciss/cciss_vol_status/cciss_vol_status-1.06.tar.gz"
tar xvfz cciss_vol_status-1.06.tar.gz
aptitude install build-essential
cd cciss_vol_status-1.06
./configure
make
make install
cd ..
===array-configuration-utility===
wget ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p414707558/v59422/hpacucli-8.50-6.0.noarch.rpm
apt-get install alien
alien hpacucli-8.50-6.0.noarch.rpm
dpkg -i hpacucli_8.50-7_i386.deb
==== array config ====
gib mir sparedrives
status:
hpacucli controller slot=0 physicaldrive all show
add all unassigned drives as spares
hpacucli controller slot=0 array A add spares=allunassigned
status again:
hpacucli controller slot=0 physicaldrive all show
===MTA===
apt-get install postfix
-> Internet Site
-> lqfb.piratenpartei.de
vim /etc/postfix/main.cf
-> mydomain = lqfb.piratenpartei.de
-> myorigin = lqfb.piratenpartei.de
-> masquerade_domains = $mydomain
-> #relayhost =
===system network config===
vim /etc/network/interfaces
auto eth1
iface eth1 inet static
address 194.150.168.118
netmask 255.255.255.252
gateway 194.150.168.117
vim/etc/resolv.conf
nameserver 194.150.168.168
[[Kategorie:LiquidFeedback]]
==RAID==
*2x36,4GB (ID3,ID4), RAID 1+0
**Maximum boot partition disabled
*2x28,2GB (ID0,ID1), RAID 1+0 plus 1x28,2GB (ID2) as spare
==Installation debian==
-> Install
-> English
-> other
-> Europe
-> Gemarny
-> German
-> Primary network interface eth0
-> Hostname: rogers
-> Domain Name: lqfb.piratenpartei.de
-> Manual
-> cciss/c0d0
-> Create a new partition
-> 12GB, primary, beginning, ext3 at /, Bootable flag ON
-> create new partition
-> REST, primary, beginning,
-> use as: physical volume for encryption
-> AES/256/cbc-essiv:sha256/Random key/no/off
-> cciss/c0d1
-> create new partition
-> 20GB, primary, beginning,
-> use as: physical volume for encrypti-> cciss/c0d1/c0d1on
-> AES,256,cbc-essiv:sha256,passphrase,yes,off
-> create new partition
-> 5,0GB, primary, beginning, ext3 on /var/log
-> configure encrypted volumes
-> yes
-> yes again
-> passphrase c0d1p2 according to security manifest
-> Select c0d1p2
-> Ext3, mount_point /var/lib
-> Done setting ...
-> select c0d0p2, swap
-> Done setting
-> Finish partitioning and write changes to disk
-> YES
-> (watch the progress bar or do something else)
-> root passwort according to security manifest
-> system user mpd
-> mpd passwort
-> Germany
-> mirror: ftp.de.debian.org
-> no
-> no
-> deselect standard system
-> grub YES
-> Continue
==Configuration==
Update packages
apt-get update
apt-get upgrade
===LF-Dependencies===
apt-get install lighttpd postgresql libpq-dev lua5.1 liblua5.1-0-dev build-essential ghc libghc6-parsec-dev imagemagick tig
vim /etc/apt/sources.list
Add deb http://www.backports.org/debian etch-backports main contrib non-free to
apt-get install etckeeper git-core metastore -t etch-backports
cd /etc
etckeeper init
git add .
etckeeper commit 'Initial commit'
git gc
ssh-install
apt-get install openssh-server
===Komfort===
aptitude install screen
apt-get install bash-completion less
bash-completion einkommentieren
vi /etc/bash.bashrc
# enable bash completion in interactive shells
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
apt-get install vim-nox
update-alternatives --config editor
selection number 4
===Nutzer registrieren und ssh-key-login===
adduser alx
adduser ibo
Keys eintragen
su - alx
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
su - mpd
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
su - ibo
mkdir .ssh
chmod go-rwx .ssh
vi .ssh/authorized_keys
exit
===sudo installieren===
apt-get install sudo
visudo
Einkommentieren: %sudo ALL=NOPASSWD: ALL
vi /etc/group
-> sudo:x:27:alx,ibo,mpd
===SSH-Config===
vi /etc/ssh/sshd_config
Kein direkter root-Login
PermitRootLogin no
Kein Kennwort-basierender Login
PasswordAuthentication no
SSH-Daemon neustarten
/etc/init.d/ssh restart
===RAID-Controler===
apt-get install arrayprobe
wget "http://switch.dl.sourceforge.net/project/cciss/cciss_vol_status/cciss_vol_status-1.06.tar.gz"
tar xvfz cciss_vol_status-1.06.tar.gz
aptitude install build-essential
cd cciss_vol_status-1.06
./configure
make
make install
cd ..
===array-configuration-utility===
wget ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p414707558/v59422/hpacucli-8.50-6.0.noarch.rpm
apt-get install alien
alien hpacucli-8.50-6.0.noarch.rpm
dpkg -i hpacucli_8.50-7_i386.deb
==== array config ====
gib mir sparedrives
status:
hpacucli controller slot=0 physicaldrive all show
add all unassigned drives as spares
hpacucli controller slot=0 array A add spares=allunassigned
status again:
hpacucli controller slot=0 physicaldrive all show
===MTA===
apt-get install postfix
-> Internet Site
-> lqfb.piratenpartei.de
vim /etc/postfix/main.cf
-> mydomain = lqfb.piratenpartei.de
-> myorigin = lqfb.piratenpartei.de
-> masquerade_domains = $mydomain
-> #relayhost =
===system network config===
vim /etc/network/interfaces
auto eth1
iface eth1 inet static
address 194.150.168.118
netmask 255.255.255.252
gateway 194.150.168.117
vim/etc/resolv.conf
nameserver 194.150.168.168
[[Kategorie:LiquidFeedback]]