Make Linux Interesting: 2021

Thursday, December 2, 2021

How to create SFTP only Server on Centos/RHEL/UBUNTU | SFTP Jailed Server on Centos/RHEL/UBUNTU

How to create SFTP only server in chroot jailed environment

Step 1 - Install ssh packages

# yum update

# yum install openssh-server

#apt-get update

# apt-get install openssh-server

Step 2 - Create user and group

* Create new group for sftp

# groupadd sftp_users

* Create user for sftp and set password

# useradd -g sftp_users -s /bin/false -M -d /opt/SFTP/nirmal nirmal

# passwd nirmal

The -g sftp_users option will add nirmal user to the sftp_users group.

The -s /bin/false will disable user ssh shell because we want only sftp only user so shell not required .
The -M -d /opt/SFTP/nirmal options will ignore to create nirmal user with defined home directory but will assign home Directory in profile .

Step 3 - Create SFTP Directory and change owner and permission

# mkdir -p /opt/SFTP/nirmal

# mkdir /opt/SFTP/nirmal/DATA

# chown root:sftp_users /opt/SFTP/nirmal

# chown nirmal:sftp_users /opt/SFTP/nirmal/DATA

# chmod 755 /opt/SFTP/nirmal

# chmod 770 /opt/SFTP/nirmal/DATA

Step 4 - Change sshd_config configuration file accordingly

# vi /etc/ssh/sshd_config

#Subsystem sftp /usr/lib/openssh/sftp-server # comment this line

Subsystem sftp internal-sftp # add this line

#add below entry for every user as required

Match User nirmal

ForceCommand internal-sftp

PasswordAuthentication yes

ChrootDirectory /opt/SFTP/nirmal

PermitTunnel no

AllowAgentForwarding no

AllowTcpForwarding no

X11Forwarding no

# now save file and exit

# vim /etc/ssh/sshd_config

#Subsystem sftp /usr/lib/openssh/sftp-server # comment this line

Subsystem sftp internal-sftp

#add below entry for every user as required

Match group sftp_users

ForceCommand internal-sftp

PasswordAuthentication yes

ChrootDirectory %h

PermitTunnel no

AllowAgentForwarding no

AllowTcpForwarding no

X11Forwarding no

# now save file and exit

Note: if you want user landing in a folder inside Home Directory you can use like

ForceCommand internal-sftp -d /DATA

Step 5 - Restart SSHD Service

# systemctl restart sshd

Step 6 - Check from client

# sftp nirmal@192.168.1.2

Enjoy :)

Wednesday, October 6, 2021

How to deploy new wordpress website on centos 7 step by step from scratch | How to install new wordPress website on Centos

How to deploy new wordpress site on centos 7

Task will be completed in this lab

1 => Install http/apache server

2 => Install mysql server

3 => Install php

4 => Install wordpress

5 => Deploy app1.makelinuxinteresting.com on wordpress

Let's Start

Step 1 — Installing http/Apache Server

Open your terminal and login with root user or use sudo

Note: I'm using root user

* After installation of Centos 7 on server first update the yum repodata
by running below command.

# yum update

* Now Install http/apache server package from below command

# yum install httpd

* Now enable httpd service on startup and start httpd service by below command

# systemctl enable httpd

# systemctl start httpd

# systemctl status httpd

Note: I have turned off firewall and selinux is permissive if you have firewall on mode
you have to run below command to enable allow http in iptable.

# firewall-cmd --zone=public --permanent --add-service=http

# firewall-cmd --zone=public --permanent --add-service=https

# firewall-cmd --reload

# iptables -L

* Now open your server ip in browser to check default page

http://192.168.1.2/

Note: Change Server IP according to your server IP .

* Now create a virtual host for your website app1.makelinuxinteresting.com

#mkdir /var/www/html/app1

#vim /etc/httpd/conf.d/app1.makelinuxinteresting.conf

NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin admin@makelinuxinteresting.com
    ServerName app1.makelinuxinteresting.com
    ServerAlias www.app1.makelinuxinteresting.com
    DocumentRoot /var/www/html/app1
    ErrorLog /var/log/httpd/app1.makelinuxinteresting.com-error.log
    CustomLog /var/log/httpd/app1.makelinuxinteresting.com-access.log combined

<Directory /var/www/html/app1>
        RewriteEngine on
        RewriteCond %{SERVER_NAME} =www.app1.makelinuxinteresting.com[OR]    
        RewriteCond %{SERVER_NAME} =app1.makelinuxinteresting.com
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
       AllowOverride All
</Directory>
</VirtualHost>

Press esc and :wq enter to save file

* Create a DNS A record in your hosting provider or if you want to resolve it locally edit in your

host file

for windows : c:\windows\system32\drivers\etc\hosts

For linux or mac : vim /etc/hosts

Step 1 Result : Now you can see you are able to open default page of https/apache server .

* Now check http configuration

# httpd -t

* if no error found restart httpd service

#systemctl restart httpd

* run below command to check website configuration

#httpd -S

: Now open app1.makelinuxinteresting.com to verify .

Note : you get default testing page only because till now we don't put any data in root folder

Step 2 — Installing mysql 5.7 server

A – Now you have to enable MySQL Repository by below command

# yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm

B - Now You have to Install MySQL 5.7 Server by running below command

# yum install mysql-community-server

C - Now enable mysql service on startup and start mysql service by below commands.

# systemctl enable mysqld

# systemctl start mysqld

# systemctl status mysqld

Note : After installing MySQL 5.7 Server default root password will be set to see default pass you have to run below command .

# grep 'A temporary password' /var/log/mysqld.log |tail -1

D – Now you can Login to MySQL by using default pass

#mysql -uroot -p

E - Now Change mysql root password for security purpose according to yourself .

Note : use strong password only

# mysqladmin -uroot -p password

F - Now create a user wp_user for wordpress installation

# mysql -uroot -p

mysql> use mysql;

mysql> grant select,insert,delete,create,update on *.* to wp_user@‘localhost’ identified by "Xmr@3HCP9rs3My34";

* Now create a database for your website remember you
can give any name according to you. I'm using wordpress

mysql> create database wordpress;

Step 3 — Install php packages

A : Install yum-utils and enable EPEL repository

# yum install epel-release yum-utils -y

B : Download and Install remirepo using yum command

# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

C : Now enable configuration for PHP 7.3 repository, use below command

# yum-config-manager --enable remi-php73

D : Install PHP 7.3 along with dependencies.

# yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysql php-fpm

Step 4 — Installing Wordpress

A - Download wordpress

# wget https://wordpress.org/latest.tar.gz

# ls

B - Now extract latest.tar.gz file by below command

# tar -zxf latest.tar.gz

#ls

C - Now copy or sync wordpress folder in Root Directory.

# rsync -a wordpress/ /var/www/html/app1/

D - Now change permission by below command

#chmod 777 -R /var/www/html/app1/

#chown apache:apache -R /var/www/html/app1/

Step 5 — Deploy app1.makelinuxinteresting.com on wordpress

A : Now open http://app1.makelinuxinteresting.com/wp-admin/setup-config.php
in your browser

B : Click on Let's go!

* Here fill all the details which you was created in Step 2 like mysql database ,

username, and password and hostname. and click submit

Note : If you face any issue in above step do it manually

#cp /var/www/html/app1/wp-config-sample.php /var/www/html/app1/wp-config.php

#vim /var/www/html/app1/wp-config.php

change DB_NAME , DB_USER, DBPASSWORD and DB_HOST according to you

* Now click on Continue

* Now fill details according to yourself and click on Install WordPress to install it.

* Now WordPress has been installed successfully here you can login .

* Now Wordpress successfully deployed you can open and verify open http://app1.makelinuxinteresting.com pp1.makelinuxinteresting.com/

Thanks

Make Linux Interesting