Archive for the ‘Arch Linux’ Category.

Using SSMTP with GMAIL

I’ve posted this before on the Archlinux.org forums, but thought I’d repost it here as well for future reference for myself, and anyone else that’s interested.
I’ve made a few changes to the original article and hopefully made it even more clear how to do this with Arch Linux.

SSMTP with GMail
In arch this is very simple to setup.
If your like me, you don’t always need a full blown mail server, since I use gmail (my @archlinux.us email )for most everything. But it’s nice to have a quick easy way to get automated mail off your machine and to a mail hub. Enter ssmtp, the quick and painless way to do this.

[crouse@VistaCrusher ~]$ pacman -Ss ssmtp
extra/ssmtp 2.62-2
Extremely simple MTA to get mail off the system to a mailhub

Installing in arch…. piece of cake…..

[root@VistaCrusher ~]# pacman -S ssmtp
resolving dependencies...
looking for inter-conflicts...

Targets (1): ssmtp-2.62-2
Total Download Size: 0.02 MB
Total Installed Size: 0.07 MB
Proceed with installation? [Y/n] y
:: Retrieving packages from extra...
ssmtp-2.62-2-x86_64 21.4K 63.6K/s 00:00:00 [######################] 100%
checking package integrity...
(1/1) checking for file conflicts [######################] 100%
(1/1) installing ssmtp [######################] 100%
[root@VistaCrusher ~]#

Now you have 2 files to edit.
In /etc/ssmtp/revaliases:

root:youraccount@gmail.com:smtp.gmail.com:587
mainuser:youraccount@gmail.com:smtp.gmail.com:587

In /etc/ssmtp/ssmtp.conf, set the following:

root=youraccount@gmail.com
mailhub=smtp.gmail.com:587
rewriteDomain=
hostname=youraccount@gmail.com
UseSTARTTLS=YES
AuthUser=youraccount
AuthPass=yourpasword
FromLineOverride=YES

I setup mine for my @archlinux.us account…… works great.
> cat ssmtp.conf | grep -v “#”
root=XXXXXXXX@archlinux.us
mailhub=smtp.gmail.com:587
rewriteDomain=archlinux.us
hostname=archlinux.us
UseSTARTTLS=YES
AuthUser=XXXXX@archlinux.us
AuthPass=XXXXXXXX
FromLineOverride=YES

You can test if it’s working by sending your email (to a different account than what you setup for ) by opening a terminal……

echo test | mail -s “testing ssmtp setup” USERNAME@SOMEDOMAIN.COM

USERNAME@SOMEDOMAIN.COM would of course be an email YOU can check.

That’s all folks, it’s THAT simple :)

RCS – The GNU Revision Control System.

Here is a copy of the original article I submitted to archuser.com for publication in the magazine.

         RCS, or the GNU Revision Control System, is a system used to keep track of files that can be edited by many people, or for files that may need to be reverted back at some point in time. I’d like to concentrate on the latter, simply because I think it will actually pertain to more readers than the first reason might. If you have multiple people coding on a project, then you probably already know what a revision control system is, but if you don’t, read on, it’s much easier than it sounds I promise. I really love using Arch as a server distro. While many think it’s not up to the task, I think they are sadly mistaken, I think it’s a great server distro that is extremely flexible and easy to maintain. But I digress, that’s not what I wanted to talk about today. My point was that if you run a server, you make changes to configuration files quite often, and having a revision control system can come in quite handy. The reasons for using RCS are many, from keeping track of coding changes you make to your scripts and programs, to keeping track of changes to apache configuration files, to recipes for a dish that your trying to perfect. Regardless of the reason you may have for needing a revision control system, RCS should prove to be something worth your time to look into. It’s short learning curve and usefullness should be enough to tweak the interest of even the most reluctant users. I know it’s not always fun, but the old adage “Backup, backup, backup, backup.” has been ringing in my ears, and RCS proves to be just the tool for many of those backup jobs that sometimes might otherwise not get done. Using a revision control system does NOT have to be hard to do. It should be easy enough to become second nature and just natural to do in your day to day work. So, lets get started with this shall we ? First and formost, and perhaps the most complicated part j/k pacman -S rcs and the system installs RCS, so cool, so easy.

If we use the revision control system correctly, we should ensure two things.

1. We have a log of all change we have made to the file.

2. We can revert back to previous versions of the file with ease.

There are two main ways to use RCS.

1. Just use “co” and “ci” on files in any directory, there will be files created that match “file” but have a “,v” at the end of them. So you would have “file” and “file,v” in your directory.

2. Create a subdirectory named RCS in every directory you want to work in, and RCS will automatically store files there, and keep your work area clean. I prefer this method myself.

        You could get creative and create simlinks to ONE directory, but that’s outside the scope of this document, besides, having a RCS subdirectory in the directory your working in quickly lets you know that you should use RCS to edit these files. Create the RCS subdirectory with the command “mkdir RCS” anywhere you want to use RCS, see, I told you it’s not hard. Moving on…

       There are two commands that you will use the most. They aren’t hard to master at all. “ci” = check in, and “co” = check out. Pretty darn complicated so far isn’t it lol. Ok, lets see how we first start using RCS with a new file. Lets say we have a file we want revision control on. Lets call it “myshellscript.sh”. The very first thing we need to do is checking the file to RCS. Issue the command:

ci -u myshellscript.sh

       This will initialize the RCS version of the file. It will also ask you for a DESCRIPTION of the file. This is NOT a change log entry, it is for entering a description of the file. This can be a multiline description, when your done with that, put a single “.” (period) on one line and that finished the entry of the description. Woot!, you have now checked in your first file to RCS :) “Ok, now how do i check this bad boy out and make changes”, you ask. Glad you did, it’s just as easy. Now we want to check out myshellscript.sh and make some minor changes to it. So we need to issue the command:

co -l myshellscript.sh

       So, we now have myshellscript.sh checked out, so we can open it with our favorite text editor, and make any changes we want to. Then we save the file. This is the tricky part, the part AFTER you have saved the file, you must check the file back into RCS. This is where people drop the ball and forget to do the check in of the file. It’s really simple as well, in fact, we’ve already used the same command once before ! Now type in:

ci -u myshellscript.sh

       This immediately PROMPTS you for a change log entry. Again, this can span multiple lines if you need it to, just end the log entry with a . “period only” on a single line. For those of you that are like me, and will probably forget to check things back in, I wrote a quick script, called amazingly enough “RCSedit”. Okay, I actually hacked the thing from other examples I’ve seen, but I did cut it down quite a bit in the spirit of KISS. It’s very basic, but does the job very nicely. It will use whatever editor you tell it to, and it checks out the file using your editor, then once your done, it starts the check in procedure, so you never forget ! Nice eh, plus, you don’t even have to remember those command above, even though they were extremely simple.

——————— RCSedit Script ———————-

       This small script is used to open your default text editor, or nano if you don’t have a default editor set. Create an alias to it in your .bashrc, or put it in your PATH somewhere, and name it RCSedit. It then checks out the file, and when your done editing, it checks it back in for you, so you don’t accidentally forget that. (Trust me, it’s EASY to forget to check the files back in ! )

#!/bin/sh
if [ ! "${EDITOR}" ]
then
EDITOR=nano
fi
/usr/bin/co -l $1
${EDITOR} $1
/usr/bin/ci -u $1

———————————————————————

       Ok, so now we can initialize RCS by creating an RCS directory, we can initialize the file by running the check in command, we can check out the file and edit it, and finally check it back in. I sort of feel like hitting my red Staples button that says “That was easy”. :) So, what else do we need to do ? Here is a run down of commands that you might find useful. I highly suggest reading man pages for them to become familiar with all the options they have available. Below is a very basic set of commands that would probably do about 99% of what you might need to accomplish though.

mkdir RCS Create an RCS subdirectory for storing rcs initialized files.

ci -u filename Initialize the file

co -l filename Check out the file and lock it.

ci -u filename Check the file back in.

rlog filename Shows the long log of changes made to filename.

rcdiff filename Compares RCS revisions

rcs -u filename Overide a locked unchanged working file. In short, it “unlocks” the file. Use with care.

       Ok, so now we can do all sorts of stuff with RCS, but wait you say…. “How to I revert a file back to a previous version ?” GREAT QUESTION !!! It’s very easy as well. We don’t even need a new command we use some of the ones above, cool eh ? Lets say we have made several revisions to our myshellscript.sh script, but we decided the last changes just sucked bad, and we really just want to go back one revison to what was working before we fubared it. Not a problem. RCS to the rescue ! First, i’d use the rlog filename command to list all of my revisions, and revision numbers . Let us say my last revision was 1.2 and I want to go back to 1.1. it’s pretty easy really. Issue the commands:

rcs -u myshellscript.sh This unlocks our file.

co -l -r1.1 myshellscript.sh This checks out the revision number we want to use.

ci -u myshellscript.sh This checks in the current working version, which is 1.1.

       TaDa ! Version 1.1 is back in business !!! Play with this on some non-critical files, so you can see how this works. You can edit version 1.1, and it becomes 1.1.1, and you can also still edit version 1.2 and it becomes 1.2.1. Takes some getting used to, but you’ll soon get the hang of it, and be using revsion control, and wonder why you didn’t start doing this sooner. There you have it, the basics of RCS, see, it really was simple, and I hope it proves to be a useful tool for you, it has for me.

One final note, if you like use emacs, your in luck, emacs has built in support for RCS and other version control systems. ! :)

RELATED URLS:

http://www.gnu.org/software/rcs/

http://www.cs.purdue.edu/homes/trinkle/RCS/

http://www.athabascau.ca/html/depts/compserv/webunit/HOWTO/rcs.htm

http://agave.garden.org/~aaronh/rcs/emacs.html

Archlinux.me – Updates

Looks like we had either an update failure, or a hardware failure. Everything is back to “normal” again. Ended up having to do a forced upgrade on mysql to get the site back up and running, so at this point, after some studying, I’m about 90% sure this was caused not by hardware, but by an interrupted update.

The bad part is, we did start out on faulty hardware, so that of course makes you nervous about everything else from then on. The hosting company has been great to do everything they can to help get the issue resolved, and has offered to come in late and pull the hard drive and test the hardware at some point, just to be sure.

This should basically serve as a reminder to all, export your data, there is a system in place for this, and I don’t have all my backup routines in place for the site yet………. so, it’s “User Beware” ;)
Do yourself a favor, and backup your work. I’ll get my mysql stuff in place eventually…. but for now, it’s on you to backup your own work.

I am currently working on the front page feeds as well…….. as you can probably already see :)

The ArchLinux Laptop Bag Arrives !

New Laptop bag !

The Arch Linux Laptop Bag Finally Arrives !

After what seemed like an eternity, the laptop bag I ordered finally arrives :)

The pictures don’t really do it justice, but I think it’s a very nice laptop bag. It is smaller than the one I have been using, but the compactness is actually a much needed relief for me. The bag I’ve been using was designed for up to a 17 inch laptop, mines 15.4, and while the specs for this bag stated it would hold up to a 17″ laptop, I really think you would be hard pressed to get it to fit.

I am now able to proudly display my favorite OS everywhere I go. Needless to say, it’s almost a “one of a kind”, as the sales of these were not quite what Dusty expected them to be. So, if you want a really nice laptop bag, you should really look at http://schwag.archlinux.ca/ .
He has quite a selection available, and while it might take awhile to get it, it’s worth the wait :)

This is the link to the one I purchased: http://schwag.archlinux.ca/product/director-messenger/ and that is shown in the pictures.

New Laptop bag !

About the only thing I thought might be wrong with it, was that the place that was designed to hold a water bottle was extremely small. I honestly don’t see how your going to squeeze a water bottle into that holder without ripping it apart, the elastic just won’t stretch that far. It’s either that or your drink half of it and squeeze the bottle to a fraction of it’s original diameter lol.

All in all, I couldn’t be happier. It’s a great looking bag, and I get to show off the new Arch Linux logo. Ok, so it’s not a new logo anymore, but hey, I still get to show it off ! :)


http://schwag.archlinux.ca/product/director-messenger/
“The Director maximizes your momentum with a messenger bag that fits most 17″laptops. It keeps everything organized and leaves you free to maneuver with its Pullman handle attachment sleeve, business card pocket, organizer panel and handy airline ticket sleeve. Made from 600-denier poly/420- denier nylon.

Dimensions: 13.5″ x 22″ x 4″; 900 cubic inches. Price $80 + $15 USA shipping or $30 for Intl. shipping”


Archlinux.me running with kernel26-2.6.30-5

The new kernel is out for Arch Linux, you can read more about it here.
The ArchLinux.me server is now running on kernel 2.6.30-5 ! :)

Continue reading ‘Archlinux.me running with kernel26-2.6.30-5’ »

Renewed / Extended Archlinux.me domain registration.

$50 gets me 3 more years …. .me is expensive lol.

Renewed / Extended Archlinux.me domain registration.

Domain Name:ARCHLINUX.ME
Domain Create Date:31-Mar-2009 04:31:26 UTC
Domain Last Updated Date:23-Jun-2009 23:25:58 UTC
Domain Expiration Date:31-Mar-2014 04:31:26 UTC

Want an Arch Linux blog ? http://archlinux.me/username

Original post on Archlinux.org

Want an Arch Linux blog ?  http://archlinux.me/username

See http://archlinux.me for examples of what the blogs will look like :)  For about the last 3 weeks I have been testing out software for archlinux.me blogs, based on WordPress.  So far, things have went very well.
I am about ready to open things up to more users, if anyone is interested.  I have a few days before I will be able to setup new users, as I am currently in the process of moving the entire setup off my development server to it’s own server that has more bandwidth and bigger pipes.  Several nice add-ons include: Syntax highlighting using GeSHi, Twitter messages, Ping.fm updates, and more.
Continue reading ‘Want an Arch Linux blog ? http://archlinux.me/username’ »

ArchLinux.us Email

ArchLinux.us Email Sample

ArchLinux.us Email Sample

The Archlinux.us email now has themes available.

I don’t know which theme this is in particular, but it’s how I have my arch email setup to look.  One of the members made the Arch Linux logo transparent, it looks much nicer now with themes.
Continue reading ‘ArchLinux.us Email’ »

Why you should change your ssh default port.

Wednesday, July 23, 2008
Why you should change your ssh default port.
Thought some of you might find this interesting. No one gets in, but it’s funny how just changing the port number on ssh will stop 99.99% of the stupid attacks (some random bot repeatedly attempting to gain access) . Several other things SHOULD be changed in the ssh config file also, not just the port number, but this one provides the most eye opening reasons to be secure.

Installed server on Jul 17th ….. less than 5 days later, well, you get the idea.
wtmp begins Thu Jul 17 21:57:08 2008

[root@VistaCrusher1 ~]# lastb | wc -l
25349

For the less command line oriented peeps, that means I had 25,349 attempts to breach my machine via the ssh login. Bad logins recorded, along with IP’s and other cool stuff.
Needless to say, I’ll go change that shortly, along with several other security precautions. I just wanted to see how many hits I’d get in 5 days. That, and I wanted to see who came back.

Imagine that…..

[root@VistaCrusher1 ~]# lastb | grep 125.164.202.240
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:40 – 16:40 (00:00)
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:39 – 16:39 (00:00)

Someone is STILL trying.

Here is a list of WHO tried.

[root@VistaCrusher1 ~]# lastb | awk ‘{print $3}’ | sort –unique

121.14.5.209
123.140.215.92
124.42.50.54
125.164.202.240
193.23.52.17
193.33.171.66
208.65.156.53
210.146.9.109
210.176.26.185
210.221.148.223
210.51.171.74
211.160.40.29
211.33.57.138
212.90.168.161
217.199.186.93
218.38.56.181
219.122.33.3
222.195.137.249
52.26.222.203.st
61.114.236.22
74.10.24.182
83.103.170.158
83.168.89.246
89.238.203.66
Sun
c-24-5-182-18.hs
mail.zdr.ru
mail3.gus.net
martinjajcaj.vps
mvx-200-201-183-
n220246012106.ne
security.isd.com
[root@VistaCrusher1 ~]#

As someone mentioned to me on the Archlinux forums, iptables can be used to help prevent this as well.

### START SECURITY RULES ###
# Don’t limit SSH from known addreses
# xxx.xxx.xxx.xxx
iptables -A forwarding_wan -p tcp –dport 22 -s xxx.xxx.xxx.xxx -j ACCEPT

# SSH rate limiting from unknown IP addresses
# Allow 2 chances in 10 minutes to connect, reject after that
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –set
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 600 –hitcount 3 -j DROP

Attempting to setup blog system

Welcome to Arch User Blogs. I have been attempting to setup a multi-user blogging system for Arch Users, this is test 1 ;)