Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

> For a standard installation, there's also the base console
> functionality: ALT+F(n) key combo - each one, F1 up to (IIRC) F12,
> gets a different console.

This depends on how many virtual consoles have been
defined in the /etc/ttys file. I think the default
is 0 up to 7, and 8 (corresponds to PF9) is X. The
consoles for Alt+PF10,11,12 can be added easily.



> I often leave the main console alone to
> display system messages while I work at other consoles.

In former times, this was my STANDARD development
setting (text-mode only), 80x25 each.




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Charlie Kester]

On Fri 26 Nov 2010 at 14:31:23 PST Chip Camden wrote:

Quoth Polytropon on Friday, 26 November 2010:

FIVE!  Using a tiling window manager like xmonad, just open another
xterm.  Either share a workspace between them, or put one of them in a
different workspace, depending on whether you like to be able to see
both at the same time and/or have multiple monitors.


SIX! sysutils/dvtm tiles console or terminal windows, similar to tmux.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Kurt Buff]

On Fri, Nov 26, 2010 at 06:53, Chris Brennan  wrote:
>
> On Fri, Nov 26, 2010 at 6:30 AM, Dave  wrote:
>
> >   Yes, I found that, good info.  I'm relying on the freebsd.org site man
> > pages and documentation among others, as I'm finding it too inconvenient
> > (bad short term memory) using the man pages on the system.  At least I
> > can have the website pages open on a nearby laptop.
> >
> >
> There are two options that I know of that could make this part easier for
> you
>
> 1) screen (tried and true) can do split windows/multiple windows although
> I've never been able to correctly figure it out
>
> 2) tmux (the pretentious upstart), it's a quick install and it's built in
> help (^b?) is eternally useful and it's options make more sense then screen
> (to me at least)
>
> Don't get me wrong, both serve there purpose. Personally, I prefer tmux but
> I still use screen for some things. So the choice comes down to what you
> find that works for you.

For a standard installation, there's also the base console
functionality: ALT+F(n) key combo - each one, F1 up to (IIRC) F12,
gets a different console. I often leave the main console alone to
display system messages while I work at other consoles.

Or, for that matter, multiple ssh sessions.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Kurt Buff]

On Fri, Nov 26, 2010 at 13:18, Polytropon  wrote:
> On Fri, 26 Nov 2010 09:53:51 -0500, Chris Brennan  
> wrote:
>> There are two options that I know of that could make this part easier for
>> you
>>
>> 1) screen (tried and true) can do split windows/multiple windows although
>> I've never been able to correctly figure it out
>>
>> 2) tmux (the pretentious upstart), it's a quick install and it's built in
>> help (^b?) is eternally useful and it's options make more sense then screen
>> (to me at least)
>
> Along with the Spanish Inquisition, there are three! Three!
> Three options: screen, tmux, and the native solution of
> virtual terminals via Alt+PFx switch. This even allows
> you to use the mouse-driven edit buffer (copy + paste),
> e. g. if you need to compose a command line using the
> examples listed in the man page.
>
> If you're accessing a system remotely, there is also the
> option of opening -- FOUR! Four options! -- the option
> of opening more than one connection to the remote system,
> and each of them in an own xterm (or KDE Konsole tab
> which I would say if I had been using KDE, but I haven't).
> Of course, this solution also allows you copy + paste
> operations. Other means of accessibility are provided by
> the window manager you're using.
>
> Nobody expects the Spanish Inquisition! :-)

That's what I get for waiting a week to look at email...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Adam Vande More]

On Sat, Nov 27, 2010 at 12:05 PM, Chris Brennan wrote:

> No need to specify the full path w/ portmaster ... just "portmaster
> --no-confirm -D sysutils/tmux" is sufficient, portsnap is the best/easiest
> way to get the latest snapshot of ports. No real reason not to unless your
> using a custom ports or are maintaining your own ports and don't want them
> clobbered.
>

There are a couple of reasons specifying the full path is more convenient:

1.  tab-completions work
2.  When dealing with system utilities like whereis(1), the full path is
displayed making double-click+middle click give you correct cmd

portmaster $FULL_PATH - $PORTSDIR is only useful for me in cases where I
remember exactly where the port lives.

-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Chris Brennan]

On Sat, Nov 27, 2010 at 12:40 PM, Dave  wrote:

> On 27 Nov 2010 at 11:22, Adam Vande More wrote:
>
> > On Sat, Nov 27, 2010 at 11:06 AM, Dave  wrote:
> >
> > > >
> > > > /usr/ports/sysutils/screen/
> > > >
> > >
> > > Ryan, thanks, but no 'ports' is installed on this box, it was built
> > > with a net install, from a V8.0 boot disk, earlier this year (April
> > > if memory serves.)
> > >
> > > I find now, that Sysinstall's ports management utility, has to be
> > > "told" to go look for V8.1 stuff (the Options page) else it just
> > > whinges about not being able to login to the repository ftp servers.
> > >
> >
> > As root, type "portsnap fetch extract"
> >
> > I also like tmux, it's BSD licensed and BSD-like in that is has easier
> > to work with default settings.  Once ports are installed you'll want
> > to install a port managment tool, I prefer portmaster.
> >
> > Something like the following will get you up and running with
> > portmaster and install tmux:
> >
> > cd /usr/ports/ports-mgmt/portmaster
> > make install clean && rehash
> > portmaster --no-confirm -D /usr/ports/sysutils/tmux && rehash
>

No need to specify the full path w/ portmaster ... just "portmaster
--no-confirm -D sysutils/tmux" is sufficient, portsnap is the best/easiest
way to get the latest snapshot of ports. No real reason not to unless your
using a custom ports or are maintaining your own ports and don't want them
clobbered.


>
> >
>
> Thanks Adam.
>
> Unless I hear from others a good reason why not, I'll be trying that
> tomorrow, as I'm running out of time today to play any more.   The first
> of this years Xmas party's tonight.   Tomorrow, I might be a little slow
> as a result..
>
> Best Regards to All.
>
> Dave B.
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

On Sat, 27 Nov 2010 17:06:06 -, "Dave"  wrote:
> Ryan, thanks, but no 'ports' is installed on this box, it was built with 
> a net install, from a V8.0 boot disk, earlier this year (April if memory 
> serves.)

Use this:

# pkg_add -r screen

Precompiled packaes work without a ports tree installed.
Obtains files via Internet and installs all needed
dependencies.


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Dave]

On 27 Nov 2010 at 11:22, Adam Vande More wrote:

> On Sat, Nov 27, 2010 at 11:06 AM, Dave  wrote:
> 
> > >
> > > /usr/ports/sysutils/screen/
> > >
> >
> > Ryan, thanks, but no 'ports' is installed on this box, it was built
> > with a net install, from a V8.0 boot disk, earlier this year (April
> > if memory serves.)
> >
> > I find now, that Sysinstall's ports management utility, has to be
> > "told" to go look for V8.1 stuff (the Options page) else it just
> > whinges about not being able to login to the repository ftp servers.
> >
> 
> As root, type "portsnap fetch extract"
> 
> I also like tmux, it's BSD licensed and BSD-like in that is has easier
> to work with default settings.  Once ports are installed you'll want
> to install a port managment tool, I prefer portmaster.
> 
> Something like the following will get you up and running with
> portmaster and install tmux:
> 
> cd /usr/ports/ports-mgmt/portmaster
> make install clean && rehash
> portmaster --no-confirm -D /usr/ports/sysutils/tmux && rehash
> 
> 
> -- 
> Adam Vande More
> 

Thanks Adam.

Unless I hear from others a good reason why not, I'll be trying that 
tomorrow, as I'm running out of time today to play any more.   The first 
of this years Xmas party's tonight.   Tomorrow, I might be a little slow 
as a result..

Best Regards to All.

Dave B.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Adam Vande More]

On Sat, Nov 27, 2010 at 11:06 AM, Dave  wrote:

> >
> > /usr/ports/sysutils/screen/
> >
> >
> >
>
> Ryan, thanks, but no 'ports' is installed on this box, it was built with
> a net install, from a V8.0 boot disk, earlier this year (April if memory
> serves.)
>
> I find now, that Sysinstall's ports management utility, has to be "told"
> to go look for V8.1 stuff (the Options page) else it just whinges about
> not being able to login to the repository ftp servers.
>

As root, type "portsnap fetch extract"

I also like tmux, it's BSD licensed and BSD-like in that is has easier to
work with default settings.  Once ports are installed you'll want to install
a port managment tool, I prefer portmaster.

Something like the following will get you up and running with portmaster and
install tmux:

cd /usr/ports/ports-mgmt/portmaster
make install clean && rehash
portmaster --no-confirm -D /usr/ports/sysutils/tmux && rehash


-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Chris Brennan]

> Hi.
>
> As I now have ssh working, I can indeed have multiple logins running in
> indipendant windows on another box.   (because I have it) I'm using PuTTY
> on Win2k.  
> http://www.chiark.greenend.org.uk/~sgtatham/putty/
>
> It appears to work well.
>
> I now have another problem of the BSD flavor (inabiltiy to 'su') but I've
> already asked that in another post.
>
> Thanks.
>
>
use screen/tmux/some other app that does this inside of putty to preserve
work in progress. :D



>  Dave B.
>
> PS: Do I detect a Monty Python fan?  ;-)
>
>
Bring out your dead! Bring out your dead!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Dave]

On 26 Nov 2010 at 22:18, Polytropon wrote:

> On Fri, 26 Nov 2010 09:53:51 -0500, Chris Brennan
>  wrote: > There are two options that I know of
> that could make this part easier for > you > > 1) screen (tried and
> true) can do split windows/multiple windows although > I've never been
> able to correctly figure it out > > 2) tmux (the pretentious upstart),
> it's a quick install and it's built in > help (^b?) is eternally
> useful and it's options make more sense then screen > (to me at least)
> 
> Along with the Spanish Inquisition, there are three! Three!
> Three options: screen, tmux, and the native solution of
> virtual terminals via Alt+PFx switch. This even allows
> you to use the mouse-driven edit buffer (copy + paste),
> e. g. if you need to compose a command line using the
> examples listed in the man page.
> 
> If you're accessing a system remotely, there is also the
> option of opening -- FOUR! Four options! -- the option
> of opening more than one connection to the remote system,
> and each of them in an own xterm (or KDE Konsole tab
> which I would say if I had been using KDE, but I haven't).
> Of course, this solution also allows you copy + paste
> operations. Other means of accessibility are provided by
> the window manager you're using.
> 
> Nobody expects the Spanish Inquisition! :-)
> 
> 
> -- 
> Polytropon
> Magdeburg, Germany
> Happy FreeBSD user since 4.0
> Andra moi ennepe, Mousa, ...
> 

Hi.

As I now have ssh working, I can indeed have multiple logins running in 
indipendant windows on another box.   (because I have it) I'm using PuTTY 
on Win2k.  http://www.chiark.greenend.org.uk/~sgtatham/putty/

It appears to work well.

I now have another problem of the BSD flavor (inabiltiy to 'su') but I've 
already asked that in another post.

Thanks.

Dave B.

PS: Do I detect a Monty Python fan?  ;-)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Dave]

On 26 Nov 2010 at 9:53, Ryan Coleman wrote:

> 
> On Nov 26, 2010, at 8:53 AM, Chris Brennan wrote:
> 
> > On Fri, Nov 26, 2010 at 6:30 AM, Dave 
> > wrote:
> > 
> >>  Yes, I found that, good info.  I'm relying on the freebsd.org site
> >>  man
> >> pages and documentation among others, as I'm finding it too
> >> inconvenient (bad short term memory) using the man pages on the
> >> system.  At least I can have the website pages open on a nearby
> >> laptop.
> >> 
> > There are two options that I know of that could make this part
> > easier for you
> > 
> > 1) screen (tried and true) can do split windows/multiple windows
> > although I've never been able to correctly figure it out
> I second screen.
> 
> /usr/ports/sysutils/screen/
> 
> 
> 

Ryan, thanks, but no 'ports' is installed on this box, it was built with 
a net install, from a V8.0 boot disk, earlier this year (April if memory 
serves.)

I find now, that Sysinstall's ports management utility, has to be "told" 
to go look for V8.1 stuff (the Options page) else it just whinges about 
not being able to login to the repository ftp servers.

Cheers.

Dave B.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Chip Camden]

Quoth Polytropon on Friday, 26 November 2010:
> On Fri, 26 Nov 2010 09:53:51 -0500, Chris Brennan  
> wrote:
> > There are two options that I know of that could make this part easier for
> > you
> > 
> > 1) screen (tried and true) can do split windows/multiple windows although
> > I've never been able to correctly figure it out
> > 
> > 2) tmux (the pretentious upstart), it's a quick install and it's built in
> > help (^b?) is eternally useful and it's options make more sense then screen
> > (to me at least)
> 
> Along with the Spanish Inquisition, there are three! Three!
> Three options: screen, tmux, and the native solution of
> virtual terminals via Alt+PFx switch. This even allows
> you to use the mouse-driven edit buffer (copy + paste),
> e. g. if you need to compose a command line using the
> examples listed in the man page.
> 
> If you're accessing a system remotely, there is also the
> option of opening -- FOUR! Four options! -- the option
> of opening more than one connection to the remote system,
> and each of them in an own xterm (or KDE Konsole tab
> which I would say if I had been using KDE, but I haven't).
> Of course, this solution also allows you copy + paste
> operations. Other means of accessibility are provided by
> the window manager you're using.

FIVE!  Using a tiling window manager like xmonad, just open another
xterm.  Either share a workspace between them, or put one of them in a
different workspace, depending on whether you like to be able to see both
at the same time and/or have multiple monitors.

> 
> Nobody expects the Spanish Inquisition! :-)
> 

Yep, it's still a surprise, even after all these years.

-- 
Sterling (Chip) Camden| sterl...@camdensoftware.com | 2048D/3A978E4F
http://camdensoftware.com | http://chipstips.com| http://chipsquips.com


pgpIbz7bWfdQZ.pgp
Description: PGP signature

Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

On Fri, 26 Nov 2010 09:53:51 -0500, Chris Brennan  wrote:
> There are two options that I know of that could make this part easier for
> you
> 
> 1) screen (tried and true) can do split windows/multiple windows although
> I've never been able to correctly figure it out
> 
> 2) tmux (the pretentious upstart), it's a quick install and it's built in
> help (^b?) is eternally useful and it's options make more sense then screen
> (to me at least)

Along with the Spanish Inquisition, there are three! Three!
Three options: screen, tmux, and the native solution of
virtual terminals via Alt+PFx switch. This even allows
you to use the mouse-driven edit buffer (copy + paste),
e. g. if you need to compose a command line using the
examples listed in the man page.

If you're accessing a system remotely, there is also the
option of opening -- FOUR! Four options! -- the option
of opening more than one connection to the remote system,
and each of them in an own xterm (or KDE Konsole tab
which I would say if I had been using KDE, but I haven't).
Of course, this solution also allows you copy + paste
operations. Other means of accessibility are provided by
the window manager you're using.

Nobody expects the Spanish Inquisition! :-)


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Ryan Coleman]

On Nov 26, 2010, at 8:53 AM, Chris Brennan wrote:

> On Fri, Nov 26, 2010 at 6:30 AM, Dave  wrote:
> 
>>  Yes, I found that, good info.  I'm relying on the freebsd.org site man
>> pages and documentation among others, as I'm finding it too inconvenient
>> (bad short term memory) using the man pages on the system.  At least I
>> can have the website pages open on a nearby laptop.
>> 
> There are two options that I know of that could make this part easier for
> you
> 
> 1) screen (tried and true) can do split windows/multiple windows although
> I've never been able to correctly figure it out
I second screen.

/usr/ports/sysutils/screen/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Chris Brennan]

On Fri, Nov 26, 2010 at 6:30 AM, Dave  wrote:

>   Yes, I found that, good info.  I'm relying on the freebsd.org site man
> pages and documentation among others, as I'm finding it too inconvenient
> (bad short term memory) using the man pages on the system.  At least I
> can have the website pages open on a nearby laptop.
>
>
There are two options that I know of that could make this part easier for
you

1) screen (tried and true) can do split windows/multiple windows although
I've never been able to correctly figure it out

2) tmux (the pretentious upstart), it's a quick install and it's built in
help (^b?) is eternally useful and it's options make more sense then screen
(to me at least)

Don't get me wrong, both serve there purpose. Personally, I prefer tmux but
I still use screen for some things. So the choice comes down to what you
find that works for you.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

On Fri, 26 Nov 2010 11:30:29 -, "Dave"  wrote:
>   The original instructions I used when creating the GPS/NTP server, 
> resulted in the BASH shell being used.  I think that's part of the odd 
> problem, as that does not show up in the list of known shell's, when 
> creating a new user.

The Bourne Again Shell is NOT, I repeat: *NOT* part of the
FreeBSD default installation. It is an ADDITIONAL piece of
software.

A common "Linuxism" seems to imply that bash is present on
every system. While I agree that bash is a good interactive
shell (except some "misbehaviour", in my opinion), it is
often used as scripting shell where NO functionality that
is specific to bash is used - instead of sh, the Bourne Shell,
FreeBSD's standard scripting shell (as well as the standard
scripting shell on nearly every UNIX out there).

You have to manually add bash (by ports or packages), then
it will be listed in /etc/shells and therefore be available
to the adduser script (or pw program) for new users. You can
alter the user's shell afterwards using the chsh command.



>   Not quite it seems, that parameter only works if the -D is used too I 
> believe, and with inetd running things. 

Yes, -D makes ftpd become a daemon. Its invication via inetd
is very convenient, allthoug the "need for inetd" is originated
in a different time in past.



> At present, the system wont 
> allow that for some odd reason.  No errors, it just ignores it.

How that? Which settings do you currently have? Oh, and check
the firewall (e. g. IPFW) to allow FTP on the alternative port.



> > Remember: This is FreeBSD, we have excellent manpages and
> > other good documentation. :-)
> 
>   Agreed, the documentation is excelent, compared to that available for 
> many Linux's (with the exception of Debian I've found) 

I share this observation. :-)



> The biggest 
> difference is the people.  Here in the FreeBSD world, I ask a question, I 
> get sensible answers, for which I'm eternaly gratefull.   In many LUG's 
> and other Linux Forums, I often get self opinionated Flames!

You can get them here, too, if you ask the "right" questions. :-)
No, honestly: This list has helped me very much, and I could learn
many things. So I want to contribute back. When I see a chance
to help with knowledge, experience or pointers, I'll do that.
And so do most on this list.


>   Though the doc's are good, I do find it less than easy to assimilate it 
> all in a meaningfull way, not coming from a unix background.  But that's 
> just my problem, and I'm sure the penny will drop sometime soon.

The backgrpund of the documentation is that is is a reference,
not a HOWTO, or a Wiki style conglomerate. It is maintained in
the same quality way as the system is. Many (but sadly not all)
ports follow this concept (e. g. "man xmms", "man mplayer" or
even "man opera"; in contradiction "man firefox" or any KDE
program).

You need to have experience in HOW to read man pages, to filter
out what you need. The system does NOT know what you need, so
it doesn't "hide unneeded information".



>   So I know (not being too familier with all this) in simple terms, what 
> advantages/disadvantages are there, in respects to the different shell's 
> avalable?   Is there a comparison feature table somewhere?

http://en.wikipedia.org/wiki/Comparison_of_command_shells

You'll find more than just the UNIX shells in there. The ports
collection has a category "shells" where you can refer to the
description files.

The most common shells in use are, of course, the system
shells: sh as default scripting shell, csh as default dialog
shell. Common "3rd party" shells are bash (obviously), zsh
and ksh.



>   As an asside, having got the FTP server working, I then "had an idea" 
> and ended up breaking it.  Cest la vie...   I'll look to using a stand 
> alone program/utility I think, that involves less system settings 
> manipulation.

That's what inetd is originally intended for: Configure and
delegate requests to specific programs.




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Dave]

On 25 Nov 2010 at 21:25, Polytropon wrote:

> On Thu, 25 Nov 2010 20:00:21 -, "Dave" 
> wrote: > Lots is written about the 'x' bit, and allowing execution of
> a file, but > not that it affects the ability to even use that
> directory.  I guess in > this context, "using" = "executing", so it
> sort of makes sense.
> 
> It is written lots and nicely explained in "man chmod",
> where you can read:
> 
>0100For files, allow execution by owner.  For directories,
>allow the owner to search in the directory.
> 
>0010For files, allow execution by group members.  For directo-
>ries, allow group members to search in the directory
> 
>0001For files, allow execution by others.  For directories
>allow others to search in the directory.
> 
> The "1" part of the octal masks refers to the x attribute. In
> relation to directories, it means "search", which you can also
> see when using the "find" program: Directories that are not +x
> cannot be searched.

  Yes, I found that, good info.  I'm relying on the freebsd.org site man 
pages and documentation among others, as I'm finding it too inconvenient 
(bad short term memory) using the man pages on the system.  At least I 
can have the website pages open on a nearby laptop.

> 
> 
> > It appears too, that if one of the group members then creates a new
> > direcory, that inherits the permissions of the parent directory.
> 
> You can set default permissions for file creation using the
> umask builtin (e. g. for csh, the default dialog shell); see
> the "man csh" for details.

  The original instructions I used when creating the GPS/NTP server, 
resulted in the BASH shell being used.  I think that's part of the odd 
problem, as that does not show up in the list of known shell's, when 
creating a new user.


> 
> > Next task, to get the ftp server to work on another port.   I might
> > just quit while ahead, and go up the pub though, and leave that till
> > tomorrow.
> 
> That's easy: See the -P option explained in "man ftpd". Also
> see /etc/defaults/rc.conf which mentions ftpd_flags.

  Not quite it seems, that parameter only works if the -D is used too I 
believe, and with inetd running things.  At present, the system wont 
allow that for some odd reason.  No errors, it just ignores it.

> 
> 
> Remember: This is FreeBSD, we have excellent manpages and
> other good documentation. :-)

  Agreed, the documentation is excelent, compared to that available for 
many Linux's (with the exception of Debian I've found)  The biggest 
difference is the people.  Here in the FreeBSD world, I ask a question, I 
get sensible answers, for which I'm eternaly gratefull.   In many LUG's 
and other Linux Forums, I often get self opinionated Flames!

  Though the doc's are good, I do find it less than easy to assimilate it 
all in a meaningfull way, not coming from a unix background.  But that's 
just my problem, and I'm sure the penny will drop sometime soon.

  I've recently installed 8.1 on another sacreficial PC to mess with, so 
I can learn "how to" etc, without adversley affecting the NTP server box, 
untill I'm sure I know what to do.

  So I know (not being too familier with all this) in simple terms, what 
advantages/disadvantages are there, in respects to the different shell's 
avalable?   Is there a comparison feature table somewhere?

  As an asside, having got the FTP server working, I then "had an idea" 
and ended up breaking it.  Cest la vie...   I'll look to using a stand 
alone program/utility I think, that involves less system settings 
manipulation.

  Best Regards All.

Dave B.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

On Thu, 25 Nov 2010 20:00:21 -, "Dave"  wrote:
> Lots is written about the 'x' bit, and allowing execution of a file, but 
> not that it affects the ability to even use that directory.  I guess in 
> this context, "using" = "executing", so it sort of makes sense.

It is written lots and nicely explained in "man chmod",
where you can read:

   0100For files, allow execution by owner.  For directories,
   allow the owner to search in the directory.

   0010For files, allow execution by group members.  For directo-
   ries, allow group members to search in the directory

   0001For files, allow execution by others.  For directories
   allow others to search in the directory.

The "1" part of the octal masks refers to the x attribute. In
relation to directories, it means "search", which you can also
see when using the "find" program: Directories that are not +x
cannot be searched.



> It appears too, that if one of the group members then creates a new 
> direcory, that inherits the permissions of the parent directory.

You can set default permissions for file creation using the
umask builtin (e. g. for csh, the default dialog shell); see
the "man csh" for details.



> Next task, to get the ftp server to work on another port.   I might just 
> quit while ahead, and go up the pub though, and leave that till tomorrow.

That's easy: See the -P option explained in "man ftpd". Also
see /etc/defaults/rc.conf which mentions ftpd_flags.


Remember: This is FreeBSD, we have excellent manpages and
other good documentation. :-)



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Dave]

On 25 Nov 2010 at 9:42, Nathan Vidican wrote:

Trimmed...

> 
> Two commands of interest here, 'chmod' and 'chown'. I'd highly suggest
> reading the manpage on both, but here's the short/quick-start version:
> 
> chmod
>  - used to change permissions for a file or directory
>  - permissions are broken down into: 2=read, 4=write, 1=execute
>  - permissions are displayed in group of three, corresponding to
> owner-group-everyone else
>  - so chmod 666 means "make owner,group,everyone each able to read(2)
>  plus
> write(4) (2+4=6)
>- the first number indicating the owner of the files permission,
>the
> second the group, and the last everyone
>  - so when you noted seeing "drwxr-xr-x" - that's 755 (owner
> read+write+execute(7), group read+execute (5), everyone else
> read+execute(5)
>  - in order for a user to 'cd' to a directory, the execute permission
>  must
> be set
>  - to answer your original question then, "chmod 775 " would
>  then
> change the permissions to that the group can write as well
> 
> chown
>  - used to change ownership of a file or directory
>  - can change owner, or group ownership
>  - syntax is "chown user:group "
> 
> As far as the FTP thing goes, you need to make sure that the shell you
> assign the user is listed in /etc/shells - that's what the system
> 'standard' ftpd is looking for.
> 
> -- 
> Nathan Vidican
> nat...@vidican.com
> 


Thanks Nathan.

Following your lead, and after some more reading, I seem to have it 
working as I want.   That execute permission bit, is a doozie.  If you 
hadn't said it's needed for the user (or group member) to be able to 'cd' 
to that directory, I'd have been there for hours.

Lots is written about the 'x' bit, and allowing execution of a file, but 
not that it affects the ability to even use that directory.  I guess in 
this context, "using" = "executing", so it sort of makes sense.

I did find though, that the -R switch, doesn't always cause chmod to 
alter sub directories in the way one expects.  One directory at a time 
then, but job done.

It appears too, that if one of the group members then creates a new 
direcory, that inherits the permissions of the parent directory.

Next task, to get the ftp server to work on another port.   I might just 
quit while ahead, and go up the pub though, and leave that till tomorrow.

Thanks again.

Dave.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Nathan Vidican]

On Wed, Nov 24, 2010 at 4:49 PM, Dave  wrote:

> Hi again.
>
> Firstly, many thanks for the responces to my questions.  Much
> appreciated.   Especialy as on other "lesser" forums (Lugs etc) I often
> get flamed for asking such stuff, and learn nothing as a result.
>
>
> OK.   The FTP thing first   Just for the heck of it, trying to use
> the built in server daemon, "because it's there" etc
>
> I've sort of got the default FTP server up and running thanks to the
> hints from you all, but pound to a penny, it's not optimaly configured,
> yet.
>
> I have two users defined, "ral" and "faros" (easy to remember, as they
> are the names of the two external automated systems I intend to have send
> data to the small website, when that's done.) Each with a unique
> password.
>
> Both are also members of a group "webupdater".
>
> (As an asside, creating users, regardless of what "shell" I pick from the
> list, I get "unknown root shell" warnings as adduser completes.)
>
> Both users can connect to the ftp server (still stuck at port 21 for now,
> but I'm manually starting it from the root command line) and log in with
> their username and password.
>
> (Both can also login to the system from the console too, not what I
> wanted, but..   I did try the "nologin" shell, but that prevents them
> from loging in to the FTP server too.)
>
> However, each user see's it's own unique homedir folder, exactly as
> described in the man pages, but I'd like them to see the folder structure
> below by default.
>
> I have created a directory '/var/site' and from that some decendant
> directories that mimic the existing site on the other machine.
>
> /site   < the "root" folder for the FTP and WWW
> system.
> /site/60m
> /site/faros
> /site/faros/fixedimages
> /site/faros/parking
>
> I've been trying to use Groups, and the ftpchroot file, to get the
> "users" to see the /site directory as their root (for compatablility with
> the way things work on the other system, so I don't have to change
> existing batch and script files when I get to point them at this box) or
> their individual data directory 60m for ral and 'Faros' for Faros.
>
> However, the pages for that feature are a little thin in content detail
> that I can use.  (I'm looking at the man pages and handbook files on the
> freebsd.org site)
>
> I have this in /etc/ftpchroot
> @webupdater /var/site
>
> And indeed, loging into the ftp server as either faros, or ral, the
> default directory is indeed the /site folder as I wish.  As ftp users,
> then can traverse the tree downwards as needed, but not upwards from
> /site back to /var.  Nice.
>
> But, neither user can read write or even see anything in those
> directories (only the decendant directories are visible.)
>
> Without that entry in ftpchroot, then I can indeed ftp stuff
> up/down/sideways to/from each user's home folder, but that's not a lot of
> use for what I want.
>
> I sort of understand the way the rights work (I think) but as yet I can't
> see a way to assign group rights to a folder tree.
>
> Navigating my way there in the console, if I do a ls -l, then I see
> what's sort of expected.
> drwxr-xr-x # root  wheel 512 date time subfolder etc.
> (# is a number)   (when logged in as root, somewhat less, when logged in
> as ral or faros, but I can still list and read stuff.)
>
> Of course, the group "webupdater" is not listed, hence it's users wont be
> able to see or do anything.
>
> What have I missed?   Can I assign group rights to a folder structure?
> Or, am I going about this all wrong.
>
> Problems and unfamiliarity asside, I'm sort of enjoying all this.  But
> it's a near vertical learning curve, again...
>
> Best regards, time for the kettle to start work I think.
>
> Dave B.
>
> PS: I saw somewhere, that pureftp has had some recent security
> troubles.
> Can't find the details right now though.
>
> Ah..  Here we are
> http://www.vuxml.org/freebsd/533d20e7-f71f-11df-9ae1-000bcdf0a03b.html
> Like yesterday!
>
> Mind you, looking at it's features and abilities, I think I already need
> a second FreeBSD machine to play with to check this stuff out on.
>
> >><<
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscr...@freebsd.org"
>

Two commands of interest here, 'chmod' and 'chown'. I'd highly suggest
reading the manpage on both, but here's the short/quick-start version:

chmod
 - used to change permissions for a file or directory
 - permissions are broken down into: 2=read, 4=write, 1=execute
 - permissions are displayed in group of three, corresponding to
owner-group-everyone else
 - so chmod 666 means "make owner,group,everyone each able to read(2) plus
write(4) (2+4=6)
   - the first number indicating the owner of the files permission, the
second the group, and the last everyone
 - so w

Re: new user questions. (Before I back myself into a corner!)

[Dave]

Hi again.

Firstly, many thanks for the responces to my questions.  Much 
appreciated.   Especialy as on other "lesser" forums (Lugs etc) I often 
get flamed for asking such stuff, and learn nothing as a result.


OK.   The FTP thing first   Just for the heck of it, trying to use 
the built in server daemon, "because it's there" etc

I've sort of got the default FTP server up and running thanks to the 
hints from you all, but pound to a penny, it's not optimaly configured, 
yet.

I have two users defined, "ral" and "faros" (easy to remember, as they 
are the names of the two external automated systems I intend to have send 
data to the small website, when that's done.) Each with a unique 
password.

Both are also members of a group "webupdater".

(As an asside, creating users, regardless of what "shell" I pick from the 
list, I get "unknown root shell" warnings as adduser completes.)

Both users can connect to the ftp server (still stuck at port 21 for now, 
but I'm manually starting it from the root command line) and log in with 
their username and password.

(Both can also login to the system from the console too, not what I 
wanted, but..   I did try the "nologin" shell, but that prevents them 
from loging in to the FTP server too.)

However, each user see's it's own unique homedir folder, exactly as 
described in the man pages, but I'd like them to see the folder structure 
below by default.

I have created a directory '/var/site' and from that some decendant 
directories that mimic the existing site on the other machine.

/site   < the "root" folder for the FTP and WWW system.
/site/60m
/site/faros
/site/faros/fixedimages
/site/faros/parking

I've been trying to use Groups, and the ftpchroot file, to get the 
"users" to see the /site directory as their root (for compatablility with 
the way things work on the other system, so I don't have to change 
existing batch and script files when I get to point them at this box) or 
their individual data directory 60m for ral and 'Faros' for Faros.

However, the pages for that feature are a little thin in content detail 
that I can use.  (I'm looking at the man pages and handbook files on the 
freebsd.org site)

I have this in /etc/ftpchroot
@webupdater /var/site

And indeed, loging into the ftp server as either faros, or ral, the 
default directory is indeed the /site folder as I wish.  As ftp users, 
then can traverse the tree downwards as needed, but not upwards from 
/site back to /var.  Nice.

But, neither user can read write or even see anything in those 
directories (only the decendant directories are visible.)

Without that entry in ftpchroot, then I can indeed ftp stuff 
up/down/sideways to/from each user's home folder, but that's not a lot of 
use for what I want.

I sort of understand the way the rights work (I think) but as yet I can't 
see a way to assign group rights to a folder tree.

Navigating my way there in the console, if I do a ls -l, then I see 
what's sort of expected.
drwxr-xr-x # root  wheel 512 date time subfolder etc.
(# is a number)   (when logged in as root, somewhat less, when logged in 
as ral or faros, but I can still list and read stuff.)

Of course, the group "webupdater" is not listed, hence it's users wont be 
able to see or do anything.

What have I missed?   Can I assign group rights to a folder structure?  
Or, am I going about this all wrong.

Problems and unfamiliarity asside, I'm sort of enjoying all this.  But 
it's a near vertical learning curve, again...

Best regards, time for the kettle to start work I think.

Dave B.

PS: I saw somewhere, that pureftp has had some recent security troubles.  
Can't find the details right now though.

Ah..  Here we are
http://www.vuxml.org/freebsd/533d20e7-f71f-11df-9ae1-000bcdf0a03b.html  
Like yesterday!

Mind you, looking at it's features and abilities, I think I already need 
a second FreeBSD machine to play with to check this stuff out on.

>><<

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Polytropon]

Allow me to answer some of your questions without begin too
precise about the "whole picture", because I just can't speak
about all aspects due to lack of experience. :-)



On Tue, 23 Nov 2010 22:55:51 -, "Dave"  wrote:
> I'd like to:-
> Have a ssh login via LAN available, I believe that's a standard feature, 
> but I expressedly disabled that (well, told it not to implement it) when 
> I orignaly installed the OS. 

The SSH functionality is provided by

sshd_enable="YES"

in /etc/rc.conf; upon reboot or

/etc/rc.d/sshd start

the server gets activated. If no keys are present, they are
generated at first startup. You can also provide your own set
of keys if you already have some. See

man sshd

for details.



> Have a small web server, again I've read that Apache can do a good job, 
> but I don't want (nor need) all it's facilities, in particular I need to 
> lock it down so no "Put's" can happen for a start!  The web pages are 
> simple flat form, text and static graphics, with a little client side 
> scripting, purely to find the client's local date and time, to select the 
> graphic to serve.

Well, lighttpd comes to my mind, although there are some others
that are really good at this "simple stuff". Reducing things to
a working and functional minimum isn't as easy as it sounds. :-)



> Have a FTP server, so I can automate some of the web page graphics 
> updates, from other systems that generate the data, and can FTP files 
> across the LAN, also of course for general web page maintenance needs.

The system brings an FTP server. You can enable it by uncommenting
the entry

ftp  stream  tcp  nowait  root  /usr/libexec/ftpd  ftpd -ll

in /etc/inetd.conf. With this approach, the system's inetd controls
the communication to the server program.

You'll notice that THIS line has ftpd -ll (ell ell) instead of just
one -l. This is intended for log purposes. Add the line

!ftpd
*.* /var/log/ftpd.log

to /etc/syslog.conf and

touch /var/log/ftpd.log

to create a log file for the FTP server. This can help you to
spot misbehaviour either on server or client side.



> That sounds in the face of things what I want, but am unsure of the 
> implications of doing that.  Is it "better" (ie, easier for a novice to 
> manage) than the native OS based FTP server tool?  I would preffer to 
> have FTP login's that are in no way related to any system login users.

In order to disallow system level accounts for FTP, use the file
/etc/ftpusers: This file contains the accounts that are NOT allowed
to make an FTP connection. Put "root" and "toor" (UID 0 accounts)
on top. Also put "ftp" there - this is the anonymous FTP user
which I think you do NOT want to work.

Also, consider using scp for file transfers, it's often much more
convenient, allthough I like

ftp -u ftp://$(FTPUSER):$(FTPPASSWD)@$(SERVER) ${FILES}

for shoving new stuff onto the the web server with FTP server. :-)

There's nothing wrong with system's FTP in my opinion, as long as
you know what it's actually doing (and how), and you can see the
implications to consider to your particular needs and security
requirements.



> Of all the stuff I've read so far in the FreeBSD handbook, and a few 
> other places, not one mention is made (that I can see so far) of how to 
> set services for alternative port numbers?

In the documentation of that services (FTP, SSH for example) you
can specify alternative ports, e. g. -p  for sshd which can
be set via sshd_flags= in the /etc/rc.conf file. It's always a good
idea to look through the man pages of the programs you use. The
system's program ALL do come with a good manpage - software from
ports not always provides that quality.



> Unless there is a compelling argument to, I'd prefer to stick with V8.0 
> too.

I don't see a problem with that. Unlike most other operating systems,
you can always use FreeBSD on "old-fashioned" hardware. For example,
I have a 150 MHz P1 with 128 MB here doing some simple "in-house"
server stuff - it currently runs 8.0 (and will soon receive an
update using freebsd-update, a tool that will allow you to keep
your system on a current state even if you don't want to run big
compile orgies on it).



> PS:   I run one of these
> http://www.ncdxf.org/beacon/monitors.html

Greetings es 73 de JO52TD ryryryry ...-.- :-)




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Jonathan Chen]

On Tue, Nov 23, 2010 at 08:41:17PM -0600, Kevin Kinsey wrote:
[...]
> >Have a FTP server, so I can automate some of the web page graphics 
> >updates, from other systems that generate the data, and can FTP files 
> >across the LAN, also of course for general web page maintenance needs.
> 
> The base system ftpd is run from inetd, a "super server" which can serve
> several small protocols.  Have a look at /etc/inetd.conf.  The first "real" 
> line:
> 
> #ftp stream  tcp nowait  root/usr/libexec/ftpd   ftpd -l
> 
>Uncomment that (remove the 'hash'), and save it (you'll have to be root
> again, of course).

An easier solutions would be to enable the ftp server in standalone
mode via /etc/rc.conf:

ftpd_enable="YES"

-- 
Jonathan Chen 
--
"The reason why worry kills more people than work is that more people
 worry than work." - Robert Frost
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Charlie Kester]

On Tue 23 Nov 2010 at 17:43:32 PST Beech Rintoul wrote:

On Tuesday 23 November 2010 13:55:51 Dave wrote:




Have a small web server, again I've read that Apache can do a good job,
but I don't want (nor need) all it's facilities, in particular I need to
lock it down so no "Put's" can happen for a start!  The web pages are
simple flat form, text and static graphics, with a little client side
scripting, purely to find the client's local date and time, to select the
graphic to serve.


Two good choices for a lightweight webserver would be:

www/cherokee  Easy to configure

www/lighttpd  Also lightweight and easy to configure


Another good one is www/hiawatha  - fast, secure, easy to configure

Despite popular misimpressions, there are many more webservers out there
besides Apache and IIS. It will probably be well worth your time, Dave,
to spend some time at freshports.org, browsing the www category.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: new user questions. (Before I back myself into a corner!)

[Kevin Kinsey]

Dave wrote:


Hi. Sorry ... 


Hello, and welcome.  And I made it a bit shorter ;-)

 > I'd like to:-
Have a ssh login via LAN available, I believe that's a standard feature, 
but I expressedly disabled that (well, told it not to implement it) when 
I orignaly installed the OS.   Or have a VNC server running.


As someone mentioned:
   sshd_enable="YES"
in /etc/rc.conf.  You can then either a] reboot, or b] issue the
following with root privileges:
   /etc/rc.d/sshd start

Have a small web server, again I've read that Apache can do a good job, 
but I don't want (nor need) all it's facilities, in particular I need to 
lock it down so no "Put's" can happen for a start!  The web pages are 
simple flat form, text and static graphics, with a little client side 
scripting, purely to find the client's local date and time, to select the 
graphic to serve.


I believe Beech had some advice on this.  It's probably pretty good :-)

Have a FTP server, so I can automate some of the web page graphics 
updates, from other systems that generate the data, and can FTP files 
across the LAN, also of course for general web page maintenance needs.


The base system ftpd is run from inetd, a "super server" which can serve
several small protocols.  Have a look at /etc/inetd.conf.  The first "real" 
line:

#ftp stream  tcp nowait  root/usr/libexec/ftpd   ftpd -l

   Uncomment that (remove the 'hash'), and save it (you'll have to be root
again, of course).

See if inetd is running:

$ pgrep inetd

If you get a number(PID), it's running.  Otherwise, you'll probably need
to enable it.  Again, you need:
  inetd_enable="YES"
in /etc/rc.conf.  Add the line and either a] reboot, or b] issue the
following with root privileges:
   /etc/rc.d/inetd start

Sound familiar?

*IF* inetd was *already running*, all you should have to do is issue:

$ kill -HUP `pgrep inetd`

It'd be nice to have a  VPN endpoint, but not esential, as that is 
currently living on another W2k box.  But in the long term perhaps.  The 
only complication with that, is I need to be able to tunnel a UDP VoIP 
stream over/throug it.  (I currently use Hamachi on Windows for that, it 
works well.)  Also, the "other end" needs to live on a XP (or later) 
Laptop.


I'll leave vpn to someone more knowledgeable in that area.  AFAIK you'll
have to install a port; /usr/ports/security/openvpn is likely the canonical
program, but, as I say, seek other advice on that fo' shizzle ;-)

I would preffer to 
have FTP login's that are in no way related to any system login users.


I can't help with that either; check the docs on Beech's suggestions,
perhaps.

Lastly, I have everything so far (on the Win2k box) working well with 
highly non standard (high numbered) ports.   Even thoug it's "exposed" 
(via port forwarding in the router) to the outside, there is next to no 
"noise", (script kiddies, chinese hackers etc) poking arround my back 
passage.


Of all the stuff I've read so far in the FreeBSD handbook, and a few 
other places, not one mention is made (that I can see so far) of how to 
set services for alternative port numbers?


That's generally in the configuration file for the server.  This information
might be available in the manpage, if one exists.

For example:

$man sshd | col -bx > ~/sshd.txt
$ grep -c port ~/sshd.txt
22

So, there's at least 22 mentions of "port" in the sshd manpage.
As it turns out, there's a line in /etc/ssh/sshd_config that gives
it right away:

$ grep -i port /etc/ssh/sshd_config
#Port 22
# Disable legacy (protocol version 1) support in the server for new
#GatewayPorts no

So, remove the comment from the "Port 22" line, change the number
from the default 22 (222, perhaps, for memory's sake?) and either a]
reboot, or b] "kill -HUP `pgrep sshd`"   (sounding REAL familiar now).

Incidentally, one might suggest that running on non-standard ports
is merely security by obscurity.  In the case of sshd, at least, a
better solution might be to only allow key-based authentication; but,
as I said, that's just a suggestion.  I have done such things myself
a time or two ... I kinda think I just delayed the inevitable in that
case, though.

Lastly, as I don't want to break the existing NTP server, I may find 
another PC of similar spec, to mess with, witn some sort of impunity.


Well, as I mention, often you can enable and start these additional
services from the base system with little or no interruption to extant
services at all (which, IMHO, is exactly as a Real Server should work,
take that, M$).  But I suppose we'd certainly understand.  You might
even just get a Live-CD distribution and dink around with that.  AFAIK,
you could run ftpd, inetd, and sshd temporarily on those just to get
a feel for how to administer them.

My $0.02,

Kevin D. Kinsey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questio

Re: new user questions. (Before I back myself into a corner!)

[Beech Rintoul]

On Tuesday 23 November 2010 13:55:51 Dave wrote:


 
> Have a small web server, again I've read that Apache can do a good job,
> but I don't want (nor need) all it's facilities, in particular I need to
> lock it down so no "Put's" can happen for a start!  The web pages are
> simple flat form, text and static graphics, with a little client side
> scripting, purely to find the client's local date and time, to select the
> graphic to serve.

Two good choices for a lightweight webserver would be:

www/cherokee  Easy to configure

www/lighttpd  Also lightweight and easy to configure

> Have a FTP server, so I can automate some of the web page graphics
> updates, from other systems that generate the data, and can FTP files
> across the LAN, also of course for general web page maintenance needs.

ftp/proftpd 

Cheers

Beech


-- 
---
Beech Rintoul - FreeBSD Developer - be...@freebsd.org
/"\   ASCII Ribbon Campaign  | FreeBSD Since 4.x
\ / - NO HTML/RTF in e-mail  | http://people.freebsd.org/~beech
 X  - NO Word docs in e-mail | Skype: akbeech
/ \ - http://www.FreeBSD.org/releases/8.0R/announce.html
---





signature.asc
Description: This is a digitally signed message part.

Re: new user questions. (Before I back myself into a corner!)

[Nerius Landys]

> I'd like to:-
> Have a ssh login via LAN available, I believe that's a standard feature,
> but I expressedly disabled that (well, told it not to implement it) when
> I orignaly installed the OS.   Or have a VNC server running.

Add the following line:

sshd_enable="YES"

to file /etc/rc.conf .
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

new user questions. (Before I back myself into a corner!)

[Dave]

If I've not already done so.

Hi.   Sorry, this goes on a bit

New to FreeBSD, but long time served PC nut and user, from the before DOS 
days onwards...

I've not long ago put together a small FreeBSD V8.0 system, primeraly as 
a GPS derrived NTP server, following instructions from here:-
http://blog.doylenet.net/?p=145

The hardware is a small form desktop PC, with a P3/700 CPU, 15G drive, 
but only (at the moment) 256M of RAM.  I have not installed any of the X 
system, it's all command line stuff, only.

It seems to work well, no issues with that, at the moment.

In my original plans, I wanted a headless "appliance", and that's what 
I've got, and as above it works fine.

However, I'd like to move some services off another PC (that is in dire 
need of some hardware maintenance) onto this one, and though I've read 
some of the "Handbook", and many links from it, I'm still a bit unsure as 
to what best to do.

I'd like to:-
Have a ssh login via LAN available, I believe that's a standard feature, 
but I expressedly disabled that (well, told it not to implement it) when 
I orignaly installed the OS.   Or have a VNC server running.

Have a small web server, again I've read that Apache can do a good job, 
but I don't want (nor need) all it's facilities, in particular I need to 
lock it down so no "Put's" can happen for a start!  The web pages are 
simple flat form, text and static graphics, with a little client side 
scripting, purely to find the client's local date and time, to select the 
graphic to serve.

Have a FTP server, so I can automate some of the web page graphics 
updates, from other systems that generate the data, and can FTP files 
across the LAN, also of course for general web page maintenance needs.

It'd be nice to have a  VPN endpoint, but not esential, as that is 
currently living on another W2k box.  But in the long term perhaps.  The 
only complication with that, is I need to be able to tunnel a UDP VoIP 
stream over/throug it.  (I currently use Hamachi on Windows for that, it 
works well.)  Also, the "other end" needs to live on a XP (or later) 
Laptop.

I have done all that on Win2k, Using FileZilla server, and over time 
various web server app's, plus some 3rd party free VPN solutions on 
another machine, but that machine is in dire need of a major hardware 
overhaul, plus I have other plans for it when that is done, so moving the 
server tools to the F'BSD box seem like a good idea at the moment.

I've just spent a couple of hours with the FreeBSD on-line manual 
(Handbook) trying to get a simple FTP server working, but in all honesty, 
I'm out of my depth with that, in some ways, not enough detail, in other 
ways, too much detail.   (A very simple worked example of the various 
.conf files would be nice to see.)

I've found:-
http://forums.freebsd.org/showthread.php?t=591
That sounds in the face of things what I want, but am unsure of the 
implications of doing that.  Is it "better" (ie, easier for a novice to 
manage) than the native OS based FTP server tool?  I would preffer to 
have FTP login's that are in no way related to any system login users.

Lastly, I have everything so far (on the Win2k box) working well with 
highly non standard (high numbered) ports.   Even thoug it's "exposed" 
(via port forwarding in the router) to the outside, there is next to no 
"noise", (script kiddies, chinese hackers etc) poking arround my back 
passage.

Of all the stuff I've read so far in the FreeBSD handbook, and a few 
other places, not one mention is made (that I can see so far) of how to 
set services for alternative port numbers?

Lastly, as I don't want to break the existing NTP server, I may find 
another PC of similar spec, to mess with, witn some sort of impunity.

Unless there is a compelling argument to, I'd prefer to stick with V8.0 
too.

Advice please (and perhaps a little hand holding.)

Cheers.

Dave B.

PS: I run one of these
http://www.ncdxf.org/beacon/monitors.html


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"