A crontab file is maintained for each user by system. For creating and editing a crontab file, one can use text editor that a system specifies. Most linux distros officially comes with vi as default text editor. The text editor is started by executing the crontab command with -e option. One must type following command in terminal to get started with crontab:

#crontab -e

It will invoke vi text editor with a black window. The desired schedules and/for commands go there. Crontab commands are separated by line space, that is, one ‘cron-job’ per line. Every cron command is called a cron-job. Sections are separated buy a space and final section having one or more than one space. There cannot be spaces within sections. The schedule goes in the sections 1-5.

How do we lay down a cron job ?

minute[0-59], hour[0-23, 0= midnight],
day[1-31],month[1-12],weekday[0-6, 0=Sunday],

command

01 04 1 1 1 /usr/bin/Directory/Command

The above command will execute “Command” at 04:01AM on any Monday which falls on January 1st. If we want to use every instance of the specified time period, we can use asterisk(*). It will now be repeated at every hour, week, month, etc..

08 06 * * * /usr/bin/TheDirectory/ACommand

Above instruction will execute /usr/bin/TheDirectory/ACommand at 6:08 every day for uninterruptedly every month.

If one wishes to execute multiple instances of some command in a particular time period, values can be separated by comma and that should do. If separated via dash, it will run them continuously.

02,15 06,07 1-15 1,6 * /usr/bin/MyDirectory/MyCommand

Above instruction will be executed when minute hand strikes 02 and 15 after hour hand reaches 6:00 AM and 7:00 AM on 1st,all the way to 15 of January and June, every year.

It is always recommended that the full path of desired commands are used, as we used in above examples. Once cron file is properly edited and saved, it will work like a charm.

We have a -l option which displays the current crontab on standard output. While option -r can remove the current crontab. To edit the current crontab, option -e is used which opens appropriate editor. Upon exit from editor, all the changes made to crontab will be checked for errors and accuracy, if error free, changes will be installed automatically.

One more noteworthy technique, a double-ampersand can be inserted between commands in an event of multiple commands. It executes mentioned commands consecutively.

15 03 * * * /usr/bin/command1 && /usr/bin/command2

This will execute command1 and command 2 at 03:15 daily.

Squid is one of the most popular Open Source Proxy server and a Web Cache Daemon.

It has the wide variety of features from:

1. Speeding up a web server by caching repeated requests.

2. Caching Web, DNS, and other lookups.

3. Controlling bandwidth, Access controlling, etc.

This article explains how to setup Squid Proxy server in your RHEL 5 / CentOS 5 in a easy step-by-step procedure.

Requirements:

1. Active Internet Connection via any means.

2. Super user or root access.

Procedure:
Step 1: To install Squid Proxy Server on your RHEL / CentOS 5, run the following command:

 # yum install squid 

Step 2: Adding Squid to system start up (program starts when system boots up).

# chkconfig --level 35 squid on 

Numbers 3 and 5 indicates the run-levels of Squid. ‘3‘ indicates text mode and ‘5‘ indicates GUI mode.

Step 3: Now to start the Squid Service:

# service squid start 

Step 4: To open the squid configuration file

# vi /etc/squid/squid.conf 

If you see this error on the log file:

“WARNING: Could not determine this machines public hostname.

Please configure one or set ‘visible_hostname’ ”.

This needs to be changed, and do something like this:

visible_hostname yourhost

Step 5: Defining Access Control Lists (ACL)

Access Control Lists are used for purposes like:

1. restrict usages

2. limit web access for host(s).

3. To allow your network to use internet

ACL Syntax:



acl aclname acltype value
aclname = rulename (something like personalnetwork )
acltype = type of acl like : src, dst (src:source ip | dst:destination ip)
value = this could be ip address, networks, URLs , etc.
Example: This example will allow the localhost to access the internet.



acl localhost src 127.0.0.1/40
http_access allow localhost 

Step 6: Allowing a particular network ip range to access internet

Find these lines in squid.conf file:

# http_access allow localhost
# http_access deny all

Replace the above two lines like this:

# acl personalnetwork src 10.10.1.0/24
# http_access allow localhost
# http_access allow personalnetwork
# http_access deny all 

Step 7: Restart your Squid server

# service squid restart

Note: if you encounter some error for using “/24“ change it to “ /255.255.255.0 “

and now restart your squid server

Step 8: Blocking Internet access for a particular IP address

# acl block_it src 10.10.1.20
# http_access deny block_it
# acl personalnetwork src 10.10.1.0/24
# http access allow personalnetwork 

The above acl will block internet access only for 10.10.1.20 and the rest will have access.
Step 9: Restricting internet access by time or Working hours



# acl personalnetwork src 10.10.1.0/24
# acl working_hours time M T W H F 13:00-17:00
# acl block_it src 10.10.1.20
# http_access deny block_it
# http_access allow personalnetwork working_hours
Step 10: Block particular URL

# acl block_website dst www.facebook.com
# http_access deny block_website

Step 11: Blocking a domain and its sub-domains

# acl blocked_domain dstdomain .google.com
# http_access deny blocked_domain

Step 12: Blocking a list of websites using a text file

We need to create a text file with a list of sites to be blocked and to give read permissions for this file, run the below commands in terminal

# touch /etc/squid/black_list.txt
# chmod 444 /etc/squid/black_list.txt
# vi /etc/squid/black_list.txt 

Enter the url of the websites need to be blocked like this

www.xxx.com

www.yyy.com
Now create a create rules in ACL by opening the config file and type the below rules



# acl black_list url_regex "/etc/squid/black_list.txt"
# http_access deny black_list 

Also you can block URL’s containing specific words like this:

# acl prevent_word url_regex sex
# http_access deny prevent_word

Case sensitive words can also be blocked like this ” -i sex ”

Step 13: Block types of files for download



# acl block_type url_regex .*\.exe$
# http_access deny block_type 

# acl block_type dstdom_regex \.br$
# http_access deny block_type 

Step 14: Prompting Username and Password from clients

# htpasswd -c /etc/squid/squid_pass your_username 

When it prompts for the password enter a new password that you would like to authenticate.
Now set permissions for this file

# chmod o+r /etc/squid/squid_pass 

Now open the config file and add these lines

# auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_pass
# acl ncsa_user proxy_auth REQUIRED
# http_access allow ncsa_user 

We hope that this article has enlightened you how to configure Squid Proxy server in your network running Linux Servers.

id user1    (or) id -u user1

Association of UID / GID with Programs:

Whenever a user or group runs a program in Linux, they should have the permission to execute the program or else they are not allowed to execute the program. In order to make the program executable under this user account, the user need to set the Sticky bit which is called SUID (SetUserID) or SGID (SetGroupID).

Although this can be done by using Graphical User Interface, here we show you the way of how to achieve this in terminal which is very easy and faster.
Checking permission for files:

Step 1: To find ‘ What is existing permission for a file or directory ? ‘, supply this command in your terminal:

# ls -l

this command will display the permission for all the files in a directory.

Step 2: To find the permission for a specific file

# ls -l filename

replace the filename with the respective name of the file that you want to check.
The above commands specified will return something like ‘ drwxr-xr-x ‘. where,

d- directory.

r-read, w-write, x-executable.
If x is missing then it means, the file or program has not got the executable permission.
To Set Permission for files or Programs:

‘ chmod ‘ is the command used to achieve the task.

chmod changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.

chmod preserves a directory’s set-user-ID and set-group-ID bits unless you explicitly specify otherwise. You can set or clear the bits with symbolic modes like u+s and g-s, and you can set (but not clear) the bits with a numeric mode.

Step 1:

# chmod u+s filename

Note: Replace filename with the name of the file for which permission has to be set.
Here,

u – Associates of sets the user’s id as the owner of the file.

s – Sets the SUID; where g+s, sets the SGID.

Step 2: Now in order to check the changes we made, run the below command:

# ls -l filename

Step 3: Now you can run the program with desired and proper executable permission.
The chmod command has now changed the scenario, now after setting the permission for a program, the program will run with the Permissions that the user who runs the program have.

To know more about chmod command type: ‘ man chmod ‘ in your terminal.
Hence, you can check the permissions for the file and similarly you can disable permission for executing some files if you wish it lacks security.

Here we go,‭ ‬with Step-by-Step procedure:

‎ ‏Step‭ ‬1:‭ ‬Open your terminal and‭ ‬ssh‭ ‬to your Remote host.‭ ‬To know about ssh type

‎

 ‏man ssh‭ ‬ 

in your terminal.

‎ ‏Step‭ ‬2:‭ ‬Update your remote host to ensure they are up to mark,‭ ‬using the following‭
commands:

‎	‏#‎ ‏sudo apt-get update
‎	‏#‎ ‏sudo apt-get upgrade

‎ ‏Step‭ ‬3:‭ ‬Change the password if you are logged in as a root user in the remote host,‭ ‬to‭
change run the following command while being logged in via ssh:

‎	‏#‎ ‏passwd

‎ ‏This will prompt for a password for the root user.

‎ ‏Step‭ ‬4:‭ ‬Now add‭ ‬/‭ ‬create a new user account:

‎	‏#‎ ‏adduser user_name

‎ ‏Note:‭ ‬Replace‭ ‬user_name‭ ‬with the desired username you wish to have.

‎ ‏Step‭ ‬5:‭ ‬Now add the new user account to the‭ ‘‬ sudoers‭ ‘ ‬list,‭ ‬to get the administrative‭
privileges using the below command:

‎	‏#‎ ‏adduser username sudo

‎ ‏Step‭ ‬6:‭ ‬We need to install‭ ‬LAMP‭ (‬Linux Apache MySQL PHP‭)‬ SERVER,‭ ‬and to do it run‭
the below command:

‎	‏#‎ ‏sudo apt-get install tasksel
‎	‏#‎ ‏sudo tasksel install lamp-server

You may be asked to set up a new account for mysql database during installation.

‎

Step‎ ‏7:‎ ‏After the installation of Lamp-server is completed,‭ ‬make sure that Apache,‭ ‬Mysql‭ servers are up and running in your remote host and now from the
web-browser,‭ ‬enter the‭ domain name or the Ip-address associated with the remote host,‎ ‏and if it shows‭ “‬It‭
works‎”‏,‎ ‏Congratulations,‭ ‬you have done it perfect.

‎ ‏Step‭ ‬8:‭ ‬Now in-order to secure the MySQL run the following command in terminal:

‎	‏#‎ ‏mysql_secure_installation

‎ ‏If you feel the password is not secure,‭ ‬make it now and answer‭ ‘‬y‭’ ‬-‭ ‬yes for all the below:
‎ ‏1.‎ ‏Remove anonymous users
‎ ‏2.‎ ‏Disallow root login remotely
‎ ‏3.‎ ‏Remote test database and access to it
‎ ‏4.‎ ‏Reload privilege table now

Well,‎ ‏everything is fine and you are completed with setting up your Ubuntu server‭
successfully.

Additional Steps:

‎ ‏1.‎ ‏Phpmyadmin‭ ‬-‭ ‬(GUI for MySQL via Web-browser‭)‬.
‎
Step‎ ‏1:‎ ‏Install‭ ‬PHPMyAdmin‭

		#‎ ‏sudo apt-get install phpmyadmin
‎		‏#‎ ‏sudo nano‭ ‬/etc/apache2/apache.conf

‎ ‏and paste the following line at the end of the this file:
‎ ‏Include‭ ‬/etc/phpmyadmin/apache.conf

‎ ‏Step‭ ‬2:‭ ‬Restart Apache server:

‎		‏#‎ ‏sudo‭ ‬/etc/init.d/apache2‭ ‬restart

‎ ‏Now at the web-browser go to the following url:
‎ ‏http://ipaddress_of_this_host/phpmyadmin

‎ ‏Note:‭ ‬Replace‭ ‬ipaddress_of_this_host‭ ‬by the desired Ip address.
‎ ‏Now you should see the PhpMyadmin page.

‎ ‏2.‎ ‏Webmin‭ ‬-‭ ‬It is an Browser based Control panel for administrators to manage their‭
servers without the need of terminal.

‎ ‏Step‭ ‬1:‭ ‬

#‭ ‬sudo nano‭ ‬/etc/apt/sources.list

‎ ‏Now add the following two lines to the end of the file
‎

		deb http://download.webmin.com/download/repository sarge contrib‭
		‬deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

‎ ‏Save the file and exit.

‎

Step‎ ‏2:‎ ‏Download the key and install Webmin by following steps in terminal

‎		‏#‎ ‏wget http://www.webmin.com/jcameron-key.asc‭
		‬#‭ ‬sudo apt-key‭ ‬add jcameron-key.asc
‎		‏#‎ ‏sudo apt-get update
‎		‏#‎ ‏sudo apt-get install webmin

‎ ‏Note:‭ ‬The default port number for webmin to access is‭ ‬10000,‭ ‬so go to web‭
browser and navigate to the following url:

‎		‏http://ipaddress_of_this_host:10000/
‎	

This will bring the Webmin interface to you to access.‭ ‬Now you have set up‭
additional tools required for your servers so that you can access them with ease‎
of use.

Requirements:

1. Active Internet Connection by any means

2. Super user or Root’s password.

Important Note: If you gain root access using “su” command, ignore the keyword “sudo“ before every command mentioned in the following steps. If you are not gaining Root access and performing the upgrade as normal user use the command as it is mentioned.
“sudo“ works only if the user has been added to perform Administrative privileges at the time of installation or it can be performed manually after installation.

Procedure:
1. Fedora 16 – Desktop:
Step 1: In order to upgrade our system first the local repositories and Package manager must be update so that they support variety of packages to be installed for upgrading.

Open your terminal and run the following commands (provide passwords wherever necessary).

            # sudo yum update rpm

            # sudo yum -y update

            # sudo yum clean all

            # sudo reboot

Step 2: Prior to upgrade process, you need to perform pre-upgrade process and this can be done by running the following commands in terminal.

            # sudo yum install preupgrade

            # sudo preupgrade

Step 3: Now the Pre-upgrade process will start like a wizard and your system will be prepared for upgrade process and let it complete and Reboot the system manually if it doesn’t prompts to reboot.

2. Fedora 16 – Server:
Step 1 of Server is same as the Step 1 of Desktop, so perform the same operations mentioned above in Step 1.

Step 2: Similar to Desktop upgrade, we need to perform the pre-upgrade process for server too. Execute the below commands in terminal:

            # yum install preupgrade

            # preupgrade-cli

Step 3: The result of the previous command should produce some lines of output and the last line should show

Fedora 16 (Verne)

Step 4: To start the Upgrade process append the last line to the below command like this

            # preupgrade-cli “Fedora 16 (Verne)”

Step 5 : Now Reboot the system manually if it doesn’t prompts using the following command:

            #sudo reboot

Note : Updates will be installed as you reboot and it may take extra time to completely gets booted up, please be patient as your updates will be installed and you can log in into your new Fedora 16 Linux Operating System.

vsftpd stands for‭ ‬Very‭ ‬Secure‭ ‬File‭ ‬Transfer‭ ‬Protocol‭ ‬Daemon and it is an popular and well known FTP server for Unix-like‭ (‬Linux‭) ‬Operating system.

It is Licensed under GNU General Public License.

In this tutorial we cover how to configure‭ ‘‬vsftpd‭’ FTP server ‬on CentOS‭ ‬6.0.

Assumptions:

We assume that you are using CentOS‭ ‬6‭ (‬Linux operating system based on RedHat Distribution‭)‬.
And using‭ ‬vsftpd‭ ‬version‭ ‬2.2.2
Your system is connected to Internet via any means.

Step-by-Step Procedure:

‎ ‏Step‭ ‬1:‭ ‬Open Terminal in your CentOS.
‎
Step‭ ‬2:‭ ‬Gain the root access by executing the following command:
‎

‏su‭ ‬-root

‎
Step‭ ‬3:‭ ‬After gaining the root access,‭ ‬now run the following command in the root shell:
‎

‏
yum install vsftpd

‎ ‏Step‭ ‬4:‭ ‬The above command will download the‭ ‬vsftpd‭ ‬from the CentOS repository and‭
will be installed automatically.

‎ ‏Step‭ ‬5:‭ ‬Once the installation is completed,‭ ‬a default configuration file will be placed in
‎ ‏following directory‭ “‬ /etc/vsftpd/‭ “‬.

‎ ‏Step‭ ‬6:‭ ‬Now navigate to the following directory using the cd command in terminal:
‎

‏
cd‭ ‬/etc/vsftpd/

‎ ‏Step‭ ‬7:‭ ‬We need to make some changes in the‭ ‬config file present in this directory.‭
Use any of your favorite text editor to edit this file,‎ ‏here we are using‭ ‬gedit
‎ ‏text editor.‭ “ ‬gedit config‭ &“ ‬or if you wish use‭ “ ‬vi config‭ “‬.

‎ ‏Step‭ ‬8:‭ ‬In this file comment/add or uncomment the following and leave the rest as is.

‎‏anonymous_enable=NO‭ 	‬        This is set to‭ ‬YES by default.
‎local_enable=YES‭ 		‬This is set to‭ ‬NO by default and change when you want the local users to have ftp access.
‎‏xferlog_enable=Yes‭ 		‬This is set to‭ ‬NO by default.‭ ‬Your logs will be written to‭ ‬/var/log/xferlog.

Common Errors:
‎
Most of the Linux systems have SELinux‎ (‏Security Enhanced Linux‭) ‬is a linux feature installed by default and enabled in order to enhance the security of a Linux system and this throws an error when the installer does not take care of the SELinux policy’s.‭ ‬The Error is as follows:‭ ‬500‭ ‬OOPS:‭ ‬cannot change directory:/home/someuser

Need not panic,‭ ‬this can be fixed by either disabling the SELinux or Setting the SELinux boolean option.

Solution‭ ‬1:‭ ‬Disabling SELinux.

‎ ‏Step‭ ‬1:‭ ‬Open the linux terminal and edit the following file:
‎

‏vi‭ ‬/etc/selinux/config

‎ ‏Step‭ ‬2:‭ ‬Now change the value of SELINUX‭ = ‬enabled to‭ ‘ ‬disabled‭ ‘ ‬and save the file.

Solution‭ ‬2:‭ ‬Tuning SELinux for ftp access.

‎ ‏ Open the linux terminal and run the following commands in terminal‎ (‏you may
‎ ‏need to execute these commands as a super user‭)‬.

‎

	‏
getsebool‭ ‬-a‭ | ‬grep ftp

‎
This will list a group of ftp Boolean options,‭ ‬the value of‭ ‬ftp_home_dir will be
‎ ‏set‭ ‘‬off‭’ ‬by default and we need to set it‭ ‘‬on‭’ ‬by using the following command.

‎

‏setsebool‎ ‏-P ftp_home_dir on

‎
Execution of the above command may take some time to be completed,‎ ‏a minute
‎ ‏or two and please wait until you get back the prompt.‭ ‬To check back whether it‭
is set on check using the former command‎ (‏getsebool‭)‬.

Configuring VSFTPD for local and virtual users‭’ ‬access

The virtual users home folders will be under‎ ‏/var/ftp/‎ ‏and we need root access to do‭
access this directory.

‎ ‏Step‭ ‬1:‭ ‬Run the following command in terminal:‭ ‬‭ ‬yum install db4-utils
‎

Step‎ ‏2:‎ ‏Create the virtual users as a simple text file in the‭ ‬/etc/vsftpd/‭ ‬directory with‭
username of virtual users and their respective password on the next line and save‎
this file with name user1_list‎ (‏use any of your favorite text editor‭)‬.
‎ ‏Eg:-‭

‬                user1
‎		‏password1
‎		‏admin
‎		‏password2

‎ ‏Step‭ ‬3:‭ ‬Now make sure you are in the‭ ‬/etc/vsftpd/‭ ‬directory and run the following:

‎		‏
mkdir user1		‏
cp user1_list user1/		‏
db_load‭ ‬-T‭ ‬-t hash‭ ‬/etc/vsftpd/user1/user1_list‭ ‬/etc/vsftpd/user1/user1_db.db

‎ ‏A hashed DB file of the user1_list is created named user1_db.db.‎
Note that the file has a‎ ‏.db extension and this is necessary.

‎ ‏Step‭ ‬4:‭ ‬You need to append to the file‭ ‬/etc/pam.d/vsftpd the following contents and‭
follow the below commands to perform it.
‎

cd‭ ‬/etc/pam.d/
‎‏vim vsftpd

‎Now add the following‭ ‬2‭ ‬lines to the file as it is:
‎

auth‭       ‬sufficient pam_userdb.so db‭=‬/etc/vsftpd/user1/user1_db
‎account‭  ‬sufficient pam_userdb.so db‭=‬/etc/vsftpd/user1/user1_db

‎ ‏Step‭ ‬5:‭ ‬Append Options to‭ ‬/etc/vsftpd/vsftpd.conf‭ ‬file from following:
‎

guest_enable=YES‎ ‏#‎ ‏activate the virtual users
‎virtual_use_local_privs=YES‎ ‏#‎ ‏virtual users have local priveleges
‎user_sub_token‎=‏$USER
local_root‭=‬/var/ftp/user1/$USER‭ ‬#‭ ‬specifies a home directory for each virtual user
‏chroot_local_user=YES‭ ‬#‭ ‬Restricting the user to the FTP area and HOME dir's only

‎ ‏Step‭ ‬6:‭ ‬Create the Virtual User Folders
‎

	‎‏cd‭ ‬/var/ftp‭
	‬mkdir user1‭
	‬mkdir user1/user1‭
	‬mkdir user1/user2‭
	‬chown‭ ‬-R ftp:ftp‭ ‬/etc/ftp/user1/
‎	

Step‭ ‬7:‭ ‬For local users,‭ ‬do the following

‎	‏cd‭ ‬/var/ftp/user1/
‎	‏mkdir yourlocaluser‎
	‏
	chown ftp:ftp yourlocaluser‭
	‬ln‭ ‬-s‭ ‬/var/ftp/user1/yourlocaluser‭ ‬/home/yourlocaluser/ftphome

‎	

Step‎ ‏8:‎ ‏Testing the server
‎

service vsftpd start‎

(‏or‭)

service vsftpd restart

‎ ‏Step‭ ‬9:‭ ‬From another machine in the network connect to this server either using a GUI‭
client or CLI client.‎ ‏Its simple right.

‎ ‏Step‭ ‬10:‭ ‬If you want the ftp service to run automatically whenever your computer boots then just type the command given below.
‎

chkconfig vsftpd on

You can stop the service from running automatically by replacing‎ “‏on‭” ‬with‭ “‬off‭”‬.‭

That is all about the FTP using VSFTPD package.‭

Preliminaries:
This works perfectly with Ubuntu 11.10, may work with other versions of Ubuntu but I am not sure about that. You may try, I won’t guarantee on this.

Adding Repository:
First of all we will have to add the repository which is appropriate for GNOME 3. For this purpose open your terminal and type the commands given below:

 sudo add-apt-repository ppa:webupd8team/gnome3

 sudo apt-get update

Installing GNOME 3:
Since we have added the repository now we are able to download packages for GNOME 3 by typing:

sudo apt-get install mgse-bottompanel mgse-menu mgse-windowlist gnome-shell-classic-systray gnome-tweak-tool

Installation has been completed. Now just log out and then the login option will come where it will ask for the password. Just click on cog-wheel and select GNOME from the submenu. When you select GNOME the GNOME 3 desktop will appear to you.

Now we will have to enable all the installed features and for that purpose we will have to configure them using “GNOME Tweak Tool”. You will find it in “Activities->Advance Settings”. Select the “Shell Extensions” from there and then it will show a list of all the features. From there you can select the features of your choice and can turn on or turn off those particular features.

Installing Mate:
First of all we will have to add repository of Linux Mint. For that open the “sources.list” file as

sudo gedit /etc/apt/sources.list

and at the end of the file add the text given below:

deb http://packages.linuxmint.com/ lisa main upstream import

Close the file after saving it. Then update the packages.

sudo apt-get update

Then install the mint keyring

 sudo apt-get install linuxmint-keyring

 sudo apt-get update

 sudo apt-get install mint-meta-mate

After the installation has been complete just log out and select the cog-wheel and select MATE from the list. Now you will see that all the mint based features has been installed on your system. You can change this by going to “System-> Preferences-> Appearance”. You will see many themes there. Select the default theme for Ubuntu which is “Ambiance”.

So, we saw how to install GNOME 3 on Ubuntu 11.10 and using Mint based features (theme) on your system with the help of Mate. If you faced any problem or got any error then let me know in the comments.

Still, many people have a thing for GNOME 2.x even with outdated looks. Reason being, a feel of Windows without actually using it. Due to similar looks, transition was easy from Windows to Linux. An undeniable fact is that GNOME was never even close to be considered as a desktop, who knows it was ‘their’ plan of mimicking windows UI ! GNOME 3 changed the game, it is no near to any kind of similarities with Windows.

GNOME 3 presents a whole new working environment, different, to be specific. It is free from orthodox menus and icons on desktop screen, and a lot of features borrowed from Windows. The design is developed around “Shell”, it contains features from menus of old times. They are off the screen now, but in shell, from where they can be invoked when needed and dismiss post completion of task. The ultimate design is, in simple words, cleaner. It is worth mentioning that it appears very different from most of the operating systems.

Fedora 15 does not ship with a desktop, as such. You do not get to have some sort of main menu, or click-able icons. Its the shell which does all the job, it can be invoked through key-combinations or mouse gestures. All the features appear in a full-screen mode from where one can browse through different features.

Right from this panel, applications can be launched, searched using search box. Upon completion of the task you intended to do, shell fades back into the background leaving way for everything else.

To conclude with, it can be proclaimed that GNOME 3 is going to be future of desktop, though users might take a while to get used to cleaner look. Revolution has started, there is no stopping now.

Preliminaries
S/MIME is a key paired system. It has one public key and one private key. For example if you want to send some encrypted emails from your system then receiver i.e. to whom you are sending the encrypted email must use S/MIME and his public key must be known to you. Sending an email signed with the certificate is the method to send someone your public key.

Installing SSL package
First of all install SSL package by:

sudo apt-get install openssl

Self signed certificates
We will create a directory where we will place all the files which belongs to the certificate. For example I am putting all the certificates files in /home/testuser/ssl. Here testuser is my username.

mkdir /home/testuser/ssl

cd /home/testuser/ssl

Now we will generate the key.

openssl –des3 –out cert.key 4096

An option will appear which says enter the passphrase.
The next step is to make certificate signing request by

openssl req –new –key cert.key –out cert.csr

It will ask for some data. Enter the data which it is asking for like
• Country Name
• State
• Locality
• Organization Name
• Organization Unit Name
• Common Name
• Email Address
The “Common Name” field contains the address of the server. After that we will have to sign the request which we have created with the key as:

openssl x509 –req –days 365 –in cert.csr –signkey cert.key –out cert.crt

It will ask for the passphrase which you have entered before. After this step the certificate will be created. Now our task is to make it able to be used in the mail clients. For this the format of the certificate should be in .p12 format.

openssl pkcs12 –export –in cert.crt –inkey cert.key –name “Your Name” –out cert.p12

Now run the

ls -l

command and you will see 4 files in the directory. These are
1. Cert.crt
2. Cert.csr
3. Cert.key
4. Cert.p12
If any file is missing then you have done something wrong or you missed some step.
Using CA to sign certificate
The procedure is quite same as the above with some little changes in the commands. The steps are given below:

openssl genrsa –des3 –out ca.key 4096

openssl req –new -x509 –days 365 –key ca.key –out ca.crt

openssl genrsa –des3 –out cert.key 4096

openssl req –new –key cert.key –out cert.csr

openssl x509 –req –days 365 –in cert.csr –CA ca.crt –Cakey ca.key –set_serial 00 –out cert.crt

openssl pkcs12 –export –in cert.crt –inkey cert.key –name “Your Name” –out cert.p12

Check by

ls –l

as before and you will see same 4 files. This verifies that everything goes well and the certificate key has been generated successfully.

Preliminaries:

Local System: server1.example.com (192.168.0.100)

Remote System: server2.example.com (192.168.0.101)

You must be logged in as root user.

Installing SSHFS

On server1 use this command to install sshfs

apt-get install sshfs

Now if you want to mount the remote directory /home/backup to the local /backup directory then first of all you will have to add the root user to fuse group by using the command given below:

adduser root fuse

Mounting

Now create the local /backup directory and change the owner of the directory to root.

mkdir /backup

chown root /backup

After that mount the remote directory /home/backup to /backup as:

Full path method:

sshfs –o idmap=user root@192.168.0.101:/home/backup /backup

Relative path method:

sshfs –o idmap=user root@192.168.0.101:backup /backup

This corresponds to /root/backup.

You can also omit the remote directory by

sshfs –o idmap=user root@192.168.0.101: /backup

And in this case it would be /root only.

Notice the –o idmap=user in the command. This means that it would not affect if the local system and the remote system are using different user ID. If you omit this chunk of code then there may be some permission related problems.

If everything goes well then the directory will get mounted. You can check it using the command

mount

Unmount

If you want to unmount the directory then use:

fusermount –u /backup

Creating key pair on server1

Every time we share a remote directory it will ask for the password for verification. We usually don’t want it to ask password every time so we will generate a key and will send it to server2 so that it will not ask for the password every time.

For this, just follow the steps given below:

ssh-keygen

Some options will come. Just press enter 3 times to skip the steps and let it be default settings.

Now we have to copy the key to the remote server which is server2.

ssh-copy-id –i $HOME/.ssh/id_rsa.pub root@192.168.0.101

Check on server2 if it has been copied or not by:

cat $HOME/.ssh/authorized_keys

Mounting at boot time

If you want to mount the directories at the boot time so you don’t have to mount it manually then just open the /etc/rc.local file and add the mounting command at the end of the file as:

vi /etc/rc.local

add the line given below at the end of the file.

/usr/sbin/sshfs –o idmap=user root@192.168.0.101:/home/backup /backup

That is all.

Now you can share the files remotely at boot time without having to enter password each time you share.