業務用エアコン関連の技術情報、エラーコード、環境問題対策に関する別サイト「エアコンの安全な修理･適切なフロン回収」

2024-04

Ubuntu Server24.04 : SSH connection with authentication using public key cryptography

SSH connection with authentication using public key cryptography Creation of public and private key pairsCreate a public/private key pair for a user connecting to the Linux server using OpenSSH.Use ssh-keygen to create key pairs.Creation of public/private key pairs is performed with remote login user privileges。If you do not specify the destination and file name, id_ed25519 and id_ed25519.pub will be created in /home/(user name)/.ssh/. On the way, enter the password for the key.

Ubuntu Server24.04 : OS Install

Ubuntu Server 24.04 Download Installation ImageThe installation media for Ubuntu Server can be downloaded from the official site on the Internet. As long as you have a fast connection, you can download the OS itself in about 2 to 3 minutes. You will need to create an installation CD/DVD from the downloaded iso file. (approx. 2.7G)The iso file itself can be used for installation on a virtual machine using Vmware or other software.The iso file can be downloaded from the "Official Ubuntu Download Site".Ubuntu 24.04 (released on April 25, 2024) is supported until April 2029, so it is safer to install the LTS version of Ubuntu 24.04 in the production environment.

FreeBSD13.3 : Postfix ClamAV + Amavis + SpamassAssin

Install ClamAV on FreeBSD 13 and link it with Amavis against Postfix.ClamAV is anti-virus software.We will proceed on the assumption that you have already implemented Postfix.Before proceeding, update the Ports Collection.2. AmavisInstall Amavis, which links ClamAV and Postfix3. Anti-Spam with SpamAssassin3.1 SpamAssassin InstallIf you did not select spamassassin as an option when you installed Amavis, install it as follows

FreeBSD13.3 : Mail Server(Postfix,Dovecot) , SSL/TLS

1. Obtaining a certificate for the mail serverObtain a certificate for the mail server to convert the mail server to SSL/TLS.Use the certbot that was used when the web server was converted to SSL.Stop the web server and execute the following command

FreeBSD13.3 : Web Server SSL、Webmin

1. FreeBSD13.2 ; Web Server SSL、Webmin1.1 Installing the Certbot tool for Let's EncryptRun the following command to install the Certbot package# pkg install py39-certbot2. Webmin InstallWebmin is a web browser-based tool for configuring Unix-like operating systems (OS) such as Linux. It allows users to make numerous changes to internal OS settings such as user and disk usage limits, services, configuration files, etc., and to modify and control many open source applications such as Apache, PHP, MySQL, and others.Webmin is built primarily in Perl and runs as its own process and web server. By default, it communicates on TCP port 10000.

FreeBSD13.3 : FTP Server , Samba Fileserver

1. FTP Sever (Vsftpd)1.1 advance preparation①Private Key Creation2. File Server with SambaUse Samba to build a file server for Windows and Mac file sharing2.1 Samba Install# cd /usr/ports/net/samba413/# makeRemove the active directory relationships for ADS and AD_DC, as they will not be used this time.LDAP is also removed because account management is not done through LDAP.

FreeBSD13.3 : OS INSTALL

FreeBSDFreeBSD is UNIX-like open source OS software. In particular, its performance as a network operating system exceeds that of Linux-based systems, and it maintains stable performance even under high loads.FreeBSD is designed to be robust and sturdy with an emphasis on practicality, making it suitable for operating FTP, WWW, and e-mail servers for major companies and services.In this project, we will install FreeBSD 13.3, released on March 5, 2024, and build the server.FeaturesHigh-speed, high-performance multi-platform capable of withstanding high workloadsAdopted by many major companiesNetwork security measures can be applied by restricting accessCapable of operating small to large serversMore than 33,000 dedicated software applications from commercial to personal use

Fedora40 : System Backup and Restore

1.Website data backupBackup under /var/www/html①Create backup script file2.MySQL database backup①Create backup script file3.Web configuration file (under html) restored① Copy the HTML backup file to the "/ (root)" directory of the server to be used for restoration4.Restore MySQL data①Save database backup file to any directory

Fedora40 : Tripwire,Logwatch,Disk Usage Check Script

Tripwire1.Install# dnf -y install tripwire2.Passphrase settingLogwatch①Install# dnf install logwatch②Edit configuration fileIntroduce disk usage check script1. Script Creation# cd /var/www/system# vi disk_capacity_check.sh

Fedora40 : Suricata , SNORT3 Install

SuricataSURICATA IDS/IPS is an open source IDS that monitors communications on the network and detects suspicious traffic.The basic mechanism is signature-based, so it can detect predefined unauthorized communications. Suricata is also characterized by its ability to provide protection as well as detection.1. Suricata Installation and Configuration①Suricata installSNORT3Snort is an open source network intrusion detection system that can perform real-time traffic analysis and packet logging on IP networks.It can perform "protocol analysis," "content search," and "matching" and can be used to detect a variety of attacks such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, semantic URL attacks, and server message block probes. detection.

Fedora40 : Mysql8 , WordPress Install

Mysql8 Install＃ dnf -y install mysql-serverCreate a new charset.cnf with the following contentsWordPress Install1. Create database for Word PressAs an example, assume database [wp_db] database user [wp_user] password [?W123456]

Fedora40 : SSL Certificate Acquisition( Let's Encrypt ) , Apache , Mail SSL

1.Obtain an SSL certificate ( Let's Encrypt )Install the latest open ssl# dnf install openssl-devel1.1 advance preparation1.Package management system Snappy installedSince the SSL certificate issuing tool "certbot" of Let's Encrypt is recommended to be installed using "snap" after 2021, install Snapd first.(Can also be installed the traditional way with dnf or yum)2. Converting Apache to httpsInstall the following just in case# dnf -y install mod_ssl3. SSL/TLS (Let's Encrypt) settings on the mail server3.1 Obtaining a certificate for the mail serverObtain a certificate for the mail server, but it cannot be obtained in the same way as above, so the following with the "--standalone" option fails.

Fedora40 : Clamav , Mail Server

1. Clamav ( anti-virus software )1.1 Clam AntiVirus Install# dnf -y install clamav clamd clamav-update1.2 Edit Clam AntiVirus configuration file2. Mail server(Postfix)2.1 Postfix InstallInstall Postfix and build an SMTP server# dnf -y install postfixCheck if Postfix is installed3. Mail server(Dovecot)3.1 Dovecot Install# dnf -y install dovecot4.Create mail user and check operation4.1 advance preparation①Pretreatment for new usersWhen a new user is added, set up the system to automatically send and receive e-mail.Mail Server : Postfix + Clamav + clamav-milter+SpamAssassin1.Real-time scanning of e-mails①clamav-milter InstallVirus checks are performed on the mail server side using Clam AntiVirus.The mail server and Clam AntiVirus are linked using clamav-milter.

Fedora40 : FTP Server(Vsftpd) , File Server(Samba)

1.FTP Server Installation1. 1 Vsftpd Install# dnf install vsftpdversion check# vsftpd -vvsftpd: version 3.0.52. vsftpd SSL/TLSConfigure Vsftpd to use SSL/TLS2.1 Create self-signed certificatesThis work is not required if you are using a trusted, legitimate certificate such as Let's Encrypt.3.File server installation with SambaBuild a file server with access rights that requires user authentication with Samba.Installation Procedure① Create shared folders with access rights that require user authentication②Creation of accessible groups③Creation of users belonging to groups that can be accessed④Configuration File Editing

Fedora40 : Remote connection with SSH public key cryptography

1.Creation of public and private key pairsCreate a public/private key pair for a user connecting to a Linux server using OpenSSH.Use ssh-keygen to create the key pair.The creation of a public/private key pair is performed with the authority of the user logging in remotely.If you do not specify the creation destination and file name, id_ed25519 and id_ed25519.pub will be created in /home/(user name)/.ssh/. On the way, also enter the password for the key

1 2 3 4