Ubuntu Linux is quickly becoming one of the most popular Desktop Linux distributions. As Ubuntu gains in popularity in the desktop market it is also gaining in popularity as a server operating system as well. In this guide I will run though the basics needed to get an IMAP and SMTP mail server up an running on Ubuntu Linux.
Installing the needed Applications
Assuming you are starting from a fresh install of Ubuntu Server you will need to install the following packages:
postfix
sasl2-bin
courier-imap
courier-imap-ssl
You can install all the needed packages by running the following command:
During the installation postfix will ask you for the general type of configuration, choose "Internet Site" and when the installer asks you for the hostname enter the fully qualified domain name (FQDN) that points to your server (i.e. server.example.com).
After all the packages have been installed you can move onto configuring them.
Configuration of Postfix
The first thing you need to do is configure postfix (our email server) to use SASL authentication. Using authentication will ensure that authorized users always have access to the mail server but will ensure that spammers and other malicious parties can't take use it to relay spam. Run the following lines of code to enable SASL authentication:
Your Postfix installation is now configured to use authentication, however, logins will NOT be encrypted. This means that any username or password you send to the server will be sent in cleartext, which is extremely insecure. To encrypt the transmissions of usernames and passwords you will need to enable SSL encryption:
Make sure you replace 'server.example.com' with the FQDN of your server. You may also replace the paths for the tls key, cert and CA file paths with the path to your custom certificates if you have one.
Next, you need to force postfix to use the maildir style of directory so that it will be compatible with the courier mail server.
Configuration of Courier-imap
Next, you need to configure Courier as an IMAP server so that users can retrieve emails stored on the server:
Note that every time you want to allow a new user email permissions you must copy the maildir folder into the user's home directory by issuing the command:
Finally, you should configure courier to use SSL encryption to increase security. Generate a self-signed SSL certificate using OpenSSL. Follow these instructions for more information about generating SSL certificates.
After you have generated your crt and key files you need to edit /etc/courier/imapd-ssl and provide the paths to your custom certificate files.
After following this guide you should hopefully have a functional email server based on the Ubuntu Linux operating system. Additional information about Ubuntu's email services can be found at ubuntu.com.
Zeroshell is a linux-based operating system that is specifically designed to operate as a router. Zeroshell can be used to replace a hardware router or firewall in a home or small office or it can be used to provide NAT and IP routing for virtual machines in a virtualized network. Zeroshell seems to run great in Microsoft Hyper-V, Oracle Virtualbox and VMware ESXi virtualization environments. The name zeroshell comes from the fact that the operating system is designed so that little or no shell access is required for administration. All basic features such as port forwarding, interface configuration, DHCP and QoS are accessible within the web GUI. Zeroshell also comes with built in software for running VPN and DNS servers, also administrable from the WebUI. Unlink other router distributions the free edition of Zeroshell has no limitations and is a breeze to install and configure. I first came across Zeroshell when I was setting up a virtual network for the discovr.us gaming community and I have since moved on to using Zeroshell for personal networking projects. In this guide I’m going to walk through the installation and basic configuration steps needed to get a Zeroshell router up and running in Microsoft HyperV.
For more information about Zeroshell, or to download it visit zeroshell.org
Installing ZeroShell
This guide assumes you are running Windows 2008 or Windows 2008R2 with the HyperV roll installed and operational. For more information on HyperV check out this Blog post. The first thing to do is set-up a virtual machine and virtual network to run Zeroshell. Open the HyperV manager and create a new virtual machine.
Give the machine a hard drive of at least 2GB (I would recommend 3) and allocate it 512mb of RAM (you can reduce the allocated RAM later but we do need at least 512mb for the initial install). When asked what network to connect it to leave the option disconnected for now. After the virtual machine has been created, open up the HyperV virtual network manager. Create two new networks, one (which I will call VM-WAN) will be an external network, allowing Zeroshell to talk with the outside world. The second network will be an internal network (I will call it VM_LAN) and it will allow all the virtual machines to talk with each other directly. When creating an external network HyperV will ask you what physical interface to connect it to. Choose the Ethernet adaptor that you use to connect Windows 2008 to the Internet.
After the virtual networks have been set-up, apply the changes and close the network manager. Next comes the tricky part. To install Zeroshell to a hard disk you must download the appropriate image and extract it onto the target disk. The most efficient way of accomplishing this is to use an Ubuntu Live CD and a second, temporary, virtual hard disk. Hop on over to ubuntu.com and download the latest version of the 32-bit live CD. While Ubuntu is downloading hop back over to HyperV to configure the network and temporary hard disk. Open up the settings for the Zeroshell VM and remove the network adaptor that Windows has added. Then go to “add hardware” and add two new legacy network adaptors to the machine. Connect one adaptor to the WAN network and the other to your LAN network and apply the settings. Next add a new hard drive to Zeroshell by clicking on IDE controller 0 and selecting ‘hard disk.’
Opt to create a new hard disk of size 4GB and select the default options. After your copy of Ubuntu has finished downloading, navigate to the DVD Drive on IDE controller 1 and connect it to the Ubuntu iso you just downloaded.
Apply the settings and then start up the VM.
If everything has been configured correctly your VM should boot off the Ubuntu live CD. And eventually load an Ubuntu desktop. The first thing you’ll need to do upon loading Ubuntu is to format the temporary hard drive you created in the previous step. If you followed these instructions then it should be a 4GB hard disk. Start by launching ‘gparted’ from the home screen.
Once Gparted fires up you should note that there are two hard disks, one 3GB disk and one 4GB disk. Select the 4GB disk and create a new ext3 partition. You will probably want to give it a label, I called mine temp.
Gparted may ask you to initialize the disk with a partition table, you can set up a partition table under “device…. Create partition table”. Apply the changes.
Close Gparted and mount the new partition by selecting it from the sidebar in a file navigation window.
Next, you need to open up Firefox and navigate to the download page for Zeroshell. Make sure you download the 2GB image file by right clicking on it and selecting save as. Save the image to the newly formatted temp hard disk. After the Zeroshell image has finished downloading open up a terminal window and cd to the directory that you have downloaded the Zeroshell image to (in my case /media/temp/). After that extract the image by running
Finally, write the image to your unused hard drive using the command:
Where /dev/sda is the identifier of your first hard disk. (if you followed this guide to the letter then /dev/sda will be your OS drive, however, if you have deviated from these instructions then you may need to use a different drive). You should see something similar to the following output if the copy was successful:
After you see the confirmation message you may shut-down Ubuntu. Before turning the VM back on we need to edit a few settings. After the VM has been turned off, open up its settings in the HyperV manager and remove the 4GB hard drive as it is no longer needed. You should also make sure that the Ubuntu iso has been removed from the VM. Finally you may reduce the amount of allocated RAM to 128 or 256mb, depending on how much load you will be putting on the server. Apply the settings and turn the virtual machine on. If everything was successful you should be presented with the default ZeroShell console.
At this point Zeroshell has been successfully installed and just needs to be configured for network access. If your Zeroshell WAN port is connected to a consumer-level ISP or another LAN then it will likely pull a DHCP address and no additional configuration is required. If, however you need to set a static IP on your WAN then you will need to enter option “I” for “edit interfaces” and enter your static IP. You will also likely need to enter a gateway. Secondly, you will want to set your LAN IP address. I would recommend using an address like ‘192.168.10.1’ rather than the most common ‘192.168.1.1.’ Further information on the configuration of Zeroshell is available at zeroshell.org.
Congratulations, you now have a virtualized router that can be used to provide a private network to all your HyperV virtual machines, and provide Internet access to a large number of VMs.
Recently, I found myself attempting to upgrade my network infrastructure in order to support IPv6 technology. I was using a WRT54GL running the Tomato Firmware as my primary router and I was delighted to discover that a modified build of the Tomato Firmware would support IPv6 without issue and the quest began to find some functional firmware. When selecting the correct firmware I learned the hard way that it is all too easy to load the incorrect firmware onto the router rendering it useless. In this guide I will outline the rather radical steps I followed to breathe new life into my bricked WRT54GL router.
After loading the new firmware onto my router it quickly became apparent that the router was inaccessible over the LAN and a quick trip to the server closet confirmed that the router was a brick. The easiest way to determine the state of your bricked router is to examine the power LED on the front panel. In my case the LED was constantly blinking quickly which indicated a corrupt bootloader, meaning it would not be possible to recover the router using traditional network methods. Faced with the prospect of a permanently bricked router, I began to search the Internet for a more "outside-the-box" solution and I found one over at the WRT54GL recovery guide.
First of all a little disclaimer: although this recovery method worked for me it may not work in your case. Use this method of restoration only as an absolute last resort, as the potential for permanently damaging your router is very high. It is also needless to say that following this procedure will void your router’s warranty.
In the next few steps I will explain how to remove the WRT54GL’s cover and expose the main circuit board. Next, I will explain how to short two pins on the flash memory chip in order to force the router to enter its “firmware recovery mode.” Finally, I will explain how to use a TFTP program to load the recovery firmware to the router using Telnet.
Start by popping the front cover off the router. The router simply “snaps” together so there are no screws to worry about removing. The easiest way to remove the front cover is to place the thumbs of your left and right hands below the rubber “feet” and push. You will need to press fairly hard to accomplish this. After you have removed the front panel, the plastic top should easily fall away, exposing the main motherboard. Locate the flash chip, on my router the chip is located near the LEDs, however, different revisions of the router may have the chip located in a different spot. The flash chip should be a 48-pin surface-mount component. In my router the chip was marked as MX 29LV320CTB. This guide only works for the 29LV320CTB. If your router has a different flash chip you should stop right now and investigate farther, likely this recovery method will not work and following this procedure will damage your router farther.
Using a magnifying glass, locate pins 16 and 17 and place a small piece of wire or other conductive material to them. This will short the two pins together causing the router to enter “firmware recovery mode” at boot. Be careful to ensure that ONLY pins 16 and 17 are connected as shorting additional pins together will likely cause serious damage to the flash chip. With pins 16 and 17 shorted, turn on the router by plugging it into the wall and wait 15 seconds. After the 15 second wait, remove the piece of wire and connect your computer to one of the LAN ports on the router. Set your computer to have a static IP of ‘192.168.1.2’ and a subnet mask of ‘255.255.255.0’ and try to ping ‘192.168.1.1,’ the IP address of the router. If the ping has been successful then you know you have entered “firmware recovery mode” and can proceed to the next step.
Next, download the firmware for your WRT54GL, note that the firmware you choose MUST be 3MB or smaller in file size. I would recommend you download the DD-WRT Mini version. After you load the initial firmware onto the recovered router, you may upgrade to a larger image from the web-interface.
Next, you will have to install the TFTP client in windows by navigating to control panel, add remove programs, turn windows features on or off. After the TFTP client has been installed, open up a command prompt window and cd to the directory where your firmware is located. Enter the following command to load the firmware onto the router:
tftp -i 192.168.1.1 PUT "name of firmware".bin
The command should take 15-30 seconds to execute, afterwards a success message will display. Once the firmware has been successfully TFTPed to the device wait 3 minutes WITHOUT rebooting the router or removing power. After about 3 minutes you should be able to bring up the DD-WRT web-interface by typing ‘192.168.1.1’ into a web browser. If you see the DD-WRT web-interface then you have successfully recovered your router and can re-assemble the chassis.
Hopefully, after following this guide, you have managed to save your WRT54GL from a future as a paperweight. If this guide hasn’t worked for you or you would like some additional tips, have a look at the WRT54GL recovery guide.
Those of you who are regular followers of this blog will know that I have a fondness for vintage storage mediums. In my last PC I had a 5.25” floppy as well as a zip drive all running on a core i7 motherboard under Windows 7. After the Intel Ivy Bridge processors were released I decided it was time for a motherboard and CPU upgrade, the only catch was that I still wanted to keep my legacy hardware which meant the search for a modern motherboard with onboard floppy and IDE began.
Eventually I came across the Asrock Fatal1ty Z77 Ivy Bridge motherboard. Along with 10 SATA connectors, dual gigabit LAN and 6 USB 3.0 ports the motherboard sported both floppy and IDE controllers, something that is becoming increasingly rare in modern PCs. About a week after placing my order I received my new motherboard in the mail and began to assemble my PC.
2 hours and several 4 letter words later I came to the devastating realization that the motherboard’s on board floppy controller offered no configuration options, meaning it was hard-set for a 3.5” drive and wouldn’t support my 5.25” drive natively.
Enter the Kyroflux
Because I can be a little obsessive and never take no for an answer I began my search for either a PCI/PCI express floppy controller or a USB-floppy adaptor, and, after many hours of searching I came across the latter. The Kyroflux is a USB floppy controller built from an arm development board. Kyroflux is unique in that it reads floppies at an extremely low level meaning that the discs can no longer be accessed through Windows Explorer, but instead through the bundled Kyroflux software. Fortunately, using the Kyroflux software is fairly simple, although it is mainly command-line based. To read floppies one has to make an image of the inserted floppy and then use a third-party application to read it. After reading the instruction manual it wasn’t long before I was making .img files from my stacks of DOS-formatted 5.25” floppies.
Writing floppies is limited to only two image types at the moment although more image types will apparently be supported in future software releases. After building an Amiga disk file (*.adf) I was able to write the image to a spare 5.25” floppy disk. Days later I was able to create an image of the floppy and open it in Opus ADF to recover the files I originally wrote to it.
While the Kyroflux isn’t a perfect alternative to a 5.25” floppy drive running natively under Windows Explorer, it still allows data to be recovered from old floppies that you may have lying around. As more computer motherboards are being manufactured without any form of floppy support the Kyroflux is certainly a great way to add legacy support to a modern PC.
The image really says it all; 141 days of uptime and counting. For myself, an amateur system administrator and website administrator, the VPS company Linode has been a fantastic fit. I first signed up for Linode’s Linode512 package in January of 2012. The package provides me with 512MB of RAM, 20GB of disk space, and my choice of Linux distribution. Linode also allows the use of a custom Linux Kernel but I haven’t yet tried my luck with one.
Linode’s packages aren’t the cheapest in the world, the basic one (Linode512) starts at $20 per month and that goes up depending on how much disk space and RAM you need, but the reliability is worth the price. I installed Ubuntu Server edition (my favorite Linux Server operating system) in February of 2012 and haven’t needed to reboot it since, even after a full system upgrade. The server itself is responsible for hosting five websites, a web proxy server, a VPN server, a DNS server, and a file server and not once have I noticed it skip a beat. While my mere 141 days of uptime may not be hugely impressive how does 272 days sound or 365? I have friends with over a year of consecutive uptime on a Linode server.
Linode also has an extremely simple user interface. Using their free Linode manager users can easily deploy different Linux Distributions, repartition their virtual hard disk, or reformat a misbehaving server. While reformatting is a drastic step, the fact that it can be done with the click of a button should set most folks minds at ease.
For anyone looking for a user-friendly and reliable VPS Linode should be first on the shortlist.
Microsoft recently launched the public beta of Windows 8 - their next operating system release. Windows 8 has been completely redesigned, the OS is optimized for tablets rather then mice and keyboards. I have been running the Windows 8 beta as my main system for about a week now and have encountered more then a few interesting changes.
One of the radical changes that Microsoft made was the complete removal of the Start Menu. The removal of this Windows icon initially left me scrambling to find new ways of performing basic tasks like shutting down the computer. Fortunately, a replacement for the start menu exists.... sort of.
Enter the "links" toolbar
The "links" toolbar is a toolbar that appears on your taskbar next to the notification area. You can enable the links toolbar by right-clicking on any empty space in the taskbar and selecting "links" under "toolbars". You can add shortcuts to your links toolbar by right-clicking on the word "Links" and selecting "open folder." Now you can add your own shortcuts here and they will appear in a drop-down menu when you click on the arrows in the taskbar.
Shutting Down and Rebooting
You can quickly reboot or shutdown your computer by placing a batch file in your "links" folder that runs the shutdown command. Place the following code into notepad and save it as shutdown.bat:
Now move "shutdown.bat" into your "links" folder and you can run the batch file from your taskbar. To create a reboot command replace "-s" with "-r" in the above line of code
While the links toolbar isn't a perfect start menu replacement it certainly goes a long way to reducing the shock in the conversion to Windows 8
A few weeks ago I blogged about how to setup the PoGo Plug as an embedded Linux server, in my previous guide I hacked together an old version of LogMeIn Hamachi to get the server accessible through a VPN. The hacked together version of Hamachi was unstable to say the least and I have been searching for a better installation method ever since. Recently, I have managed to install the latest version of Hamachi, which is much more stable than the version I was using previously. In this guide I will explain how to install Hamachi version 2.1.0.18, the latest version to date.
Use a PKGBUILD
The easiest way to install software packages in Arch Linux is to use a PKGBUILD. A PKGBUILD is a series of instructions which automatically downloads a package, extracts it, and executes the installation. Some serious Internet searching revealed the the following package, which was designed to install Hamachi 2.1.0.17. Unfortunately this package was not written to be compatible with Arm systems so I had to make some modifications. You can download my modified PKGBUILD here link.
After you have downloaded my PKGBUILD you must move it to your root directory (/) and you must then cd to that directory. Run the PKGBUILD with the following command
You also have to run the installer without integrity checks, just add the skipinteg argument as I have shown above.
Next, you will need to run the install.sh script located in the src directory.
If it throws some errors don't worrry, I ignored them and mine is still running fine.
After the script finishes, you must initialize Hamachi by browsing to the logmein directory created during the installation and running the daemon:
Now you can login to the Hamachi servers by typing "hamachi login" and join a network by typing "hamachi join (network name)"
It is important to note that when you reboot your arch system you must start Hamachi using the same "hamachid" script that you just ran. You may want to create a start-up script that automatically calls "hamachid" at boot so you don't have to worry about manually starting the program. You can add Hamachi to your start-up programs by adding the full path to the "hamachid" script in your /etc/rc.local file
It works!
I have been using this installation of Hamachi on my PoGo Plug for about a month now with no problems. I have rebooted my PoGo Plug numerous times and each time Hamachi has initialized without fail. Using the instructions I have outlined in this blog post you should have a stable, production-ready, version of Hamachi on your PoGo Plug.
I recently found the Pogo Plug on sale at my local computer store. After doing a little bit of research I discovered that this little NAS device can make a great, low power embedded Linux Server. In this tutorial I will explain how to get Arch Linux up and running on the pogo plug, how to install Apache, PHP, and Samba, as well as how to hack together Hamachi so that you can have a secure tunnel to your pogo plug from anywhere in the world.
First of all you need to understand that there are several different models of Pogo Plug and this guide is ONLY for the E-02 Model. you can check the model number of your pogo plug by looking at the sticker on the bottom.
If you have a different model, don't despair, just head on over to archlinuxarm.org to get a guide for your device.
Installing:
The first thing you need to do is enable SSH on your PogoPlug. Plug your device into the wall and into you router and head on over to pogoplug.com/activate. After you have set up an account, you need to go to the security tab for your PogoPlug and select the SSH access option. You will be prompted to enter a password. Once you have enabled SSH you can close the pogo plug webpage and look up the internal IP address of your pogo plug (you will likely need to look at the DHCP list on your router's config page). Once you have determined your pogo plug's IP address, you can connect to it using putty or your favorite ssh client. Note that your username will be root and the password will be the one you setup on the pogo plug webpage.
Now that you have connected to your PogoPlug, you will first need to disable the pogo software.
Next, make sure you disconnect ALL hard drives and USB flash drives except for the one you want to install linux to. All data on any connected drives could be destroyed, so it's best to remove everything. All the data on your target drive will also be destroyed so backup any data you may have on your target drive.
Now, you will need to download the bootloader which will be used to start Linux:
now that the bootloader is installed we will format the flash drive:
**this is assuming that you only have the one flash drive inserted. if you insist of leaving multiple drives attached, make sure you are using the correct drive path
now that fdisk has been launched:
type o to clear all partitions
type n to create a new partition
type p to create a primary partition
type 1 to make it the first partition
hit enter to accept all the default options
exit by typing w
now we will make an ext2 filesystem in the new partition
Now that we have created a compatible partiton, we will need to download and install the ArchLinux distribution we will be installing.
at this point everything should be installed... unmount your flash drive and reboot
After about a min or two your device should be ready to use. You can now ssh into it (the IP may have changed) using the username root and password root
At this point you should change your password:
At this point linux has been installed and you can go ahead and use it as you see fit, or continue following this guide to install PHP, Apache, Samba, and Hamachi
Installing PHP and Apache
Install Apache using the following command:
By default a user called 'http' may not have been created so use the following command to create one:
If it says the user already exists, then you're good to go and needn't worry
now test apache and make sure it starts:
browse to the IP address of your pogo in a web browser and you should see the default webpage.
Now it's time to get php working.
Edit the http.conf file:
Add the following line of code at the END of the "Load Modules" section
Add the next line of code at the END of the "include" section
Uncomment the following lines:
(it should be found after IfModule mime_module)
Now edit /etc/httpd/conf/mime.types:
and add this line:
now restart apache to make sure it starts:
Now make a sample php file with some script it it and place it in "/srv/httpd" and then access it through your web browser
Installing Samba
Samba will allow you to share folders and files over your local network so that Linux, Windows and OSX computers can access them
At this point Samba can be started with the command
In order to make changes to shared folders you will need to make changes to your configuration file found at "/etc/samba/smb.conf". There is plenty of information online about configuring Samba, so I won't cover it in this post
Installing Hamachi
Hamachi is a zero-configuration VPN client. It allows computers connected to physically different LAN's across the Internet appear to each other as though they were on the same LAN.
Unfortunately Hamachi is far from stable on the PogoPlug, I have managed to hack it together, but please note that the method I am about to describe is far from perfect. If you have a better method of installing andf using Hamachi on this unique platform please Contact Me
OK, with the discalmer behind us let's get started. Download the older version of hammachi for arm devices and install it:
Now that Hamachi is installed we need to start it:
At this point you should be able to access your PogoPlug through the Hamachi network, however if you have the same problem as me, then the connection becomes stale after a few min of inactivity. The solution I have come up with is to continuously ping each client in your Hamachi network using a shell script that runs at start-up. If you don't notice your Hamachi connection becoming stale, then you don't need to make this script.
the following shell script will automatically configure your VPN tunnel, launch Hamachi, and continuously ping each client in the network. You will need to edit it according the the IP addresses in your network:
you will need to add this script to your start-up by editing rc.conf:
and add the path to your script
If you have followed this guide, then you should have a PogoPlug that is running Arch Linux with Apache, PHP, Samba, and Hamachi. There is a wealth of information online regarding Arch Linux, just head on over to the arch wiki for more information.