Ubuntu 12.04 Ultimate Server Guide

This guide will help you configure Ubuntu Server Edition 12.04 for a small/medium business. The server will provide DHCP, DNS, NTP, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network. This will be one unified setup, supporting Ubuntu, Windows and OS X clients… let the fun begin! Continue reading Ubuntu 12.04 Ultimate Server Guide

How to Build an Ubuntu 11.10 SBS (Small Business Server)

This guide will help you configure Ubuntu Server Edition 11.10 for a small/medium business. The server will provide DHCP, DNS, NTP, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.
Continue reading How to Build an Ubuntu 11.10 SBS (Small Business Server)

How To Generate An SSH Keypair To Allow Password-less Logins

It’s quite common to use SSH/SCP in scripts, particularly for backup purposes. Unfortunately, this would mean storing a password in the script, which would consequently appear in logs etc… A much better plan is to use SSH keypairs. Once you’ve created a passphrase-less keypair and copied it to both machines, you can login without a password.

Firstly we’ll create the key on the client machine. This is the machine that you want to be able to connect FROM without using a password. In this scenario, the machine “www” is going to run a backup script that needs to store data on “neo” without using a password. So we create the key on “www”.

ssh-keygen -t rsa -b 4096

The -b 4096 is optional, but will instruct the machine to generate a more secure 4096bit key rather than the default 2048 bit one.

When asked for a passphrase, simply hit enter for none.

Now we need to copy the key to the machine that we want to be able to access without a password:

ssh-copy-id -i ~/.ssh/id_rsa.pub dan@neo.danbishop.org

You will be prompted for your password for the user dan@neo.danbishop.org.

All done 🙂

You can now type “ssh neo” and it will log you straight in without asking for your password! 😀

Create Your Own Local Mirror of the Ubuntu Repositories

If you have several Ubuntu machines on a network, you might like to mirror the Ubuntu repositories locally so that you’re not wasting bandwidth downloading the same packages from the internet for every single machine. If you’ve already got an Ubuntu server up and running for some other task (such as ldap+kerberos+nfs type server, or a local web server) it’s very easy to add mirroring repository functionality to it. All you need is a spare ten minutes and ~35GB of free space for main, universe and multiverse and ~70GB if you also want the source packages (deb-src). Continue reading Create Your Own Local Mirror of the Ubuntu Repositories

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 7 – Setting Up Clients

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

The clients are going to be configured so that they mount home directories from the server and verify usernames/password using ldap and kerberos. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 7 – Setting Up Clients

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 6 – NFS

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

This section will help you configure NFS using Kerberos to secure it. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 6 – NFS

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 5 – Kerberos

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

It’s time to install and configure Kerberos. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 5 – Kerberos

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 4 – OpenLDAP Account Management

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

Now you have OpenLDAP up and running, it’s time to learn how to manage your users and groups. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 4 – OpenLDAP Account Management

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 3 – OpenLDAP

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

OpenLDAP is a directory service. Think of it as a database for storing all your users, their passwords and groups. In time you can use it to store much more, but initially we’re going to use it as a centralised authorisation system. Clients will check usernames and permissions against those stored in the directory on the server. Though it is also possible to store passwords in LDAP and use it for authorisation, we’ll be using Kerberos for this purpose. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 3 – OpenLDAP

Ubuntu 10.10 SBS (Small Business Server) Setup: Part 2 – NTP

This is part of a guide to setting up an Ubuntu server for a small/medium business. The server will provide DHCP, DNS, LDAP, Kerberos and NFS services such that users can login to any machine on the network and all their files and settings will be the same across the entire network.

Your server will automatically request the time from the Ubuntu NTP servers on every boot… but hopefully you’re not going to reboot it very often. It is useful for the server time to be correct when debugging and it is ESSENTIAL for the server and all the clients on the network to have the same time (+-5mins by default) for Kerberos to work. Continue reading Ubuntu 10.10 SBS (Small Business Server) Setup: Part 2 – NTP