VPS Tutorials Powered by PhotonVPS

9Oct/110

Set time-out settings for Windows 2003

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Using Terminal Services Configuration

1. Open Terminal Services Configuration.

2. In the console tree, click Connections.

3. In the details pane, right-click the connection for which you want to modify time-out settings, and then click Properties.

4. On the Sessions tab, above End a disconnected session, select the Override user settings check box. This allows you to configure time-out settings for the connection.

5. Configure the following time-out settings as appropriate:

- In End a disconnected session, select the maximum amount of time that a disconnected session remains on the server. When the time limit is reached, the disconnected session ends. When a session ends, it is permanently deleted from the server. Select Never to allow disconnected sessions to remain on the server indefinitely.

- In Active session limit, select the maximum amount of time that a user's session can remain active on the server. When the time limit is reached, either the user is disconnected from the session or the session ends. When a session ends, it is permanently deleted from the server. Select Never to allow the session to continue indefinitely.

- In Idle session limit, select the maximum amount of time that an idle session (a session without client activity) remains on the server. When the time limit is reached, either the user is disconnected from the session or the session ends. When a session ends, it is permanently deleted from the server. Select Never to allow idle sessions to remain on the server indefinitely.

Notes

To open Terminal Services Configuration, click Start, click Control Panel, double-click Administrative Tools, and then double-click Terminal Services Configuration.

Group Policy overrides the configuration set with the Terminal Services Configuration tool.

These settings affect every client that uses the connection to connect to the terminal server. To define Session settings on a per-user basis, use the User Configuration Group Policies or the Terminal Services Extension to Local Users and Groups and Active Directory Users and Computers.

Filed under: Windows No Comments
15Jun/110

Setting up DNS on a Linux Dedicated Server

Below are some great links for setting up DNS on a Linux Dedicated Server:

http://www.youtube.com/watch?v=1qY5Od7iDl4 - Part 1

http://www.youtube.com/watch?v=wMAlsPq6qTw - Part 2

Filed under: CentOS, Linux, OpenVZ, Xen No Comments
21May/110

LNMP Server on CentOS

Step 1. install yum repo

  • //32 bit
    rpm -ivh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
    rpm -ivh http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/i386/ius-release-1.0-6.ius.el5.noarch.rpm
  • //64 bit
    rpm -ivh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
    rpm -ivh http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-6.ius.el5.noarch.rpm

Step 2. install MySQL

  • //Visit http://dev.mysql.com/downloads/mysql/5.5.html?current_os=7#downloads
    //You need to download 4 packages, they are:
    MySQL-client MySQL-server MySQL-shared-compat MySQL-shared
    //After you download them run:
    rpm -ivh *.rpm
  • //change MySQL root password:
    service mysql start
    mysqladmin -u root password 'yourpasswd'
    service mysql stop

Step 3. Add www account

  • groupadd www
    useradd -g www -d /home/www www
    // We add www as user of nginx and php-fpm

Step 4. install php

  • yum install php53u-cli php53u-common php53u php53u-devel php53u-mysql php53u-xmlrpc php53u-xml php53u-gd php53u-pdo php53u-tidy php53u-mcrypt php53u-mbstring php53u-pear php53u-pecl php53u-pecl-memcache php53u-pecl-apc php53u-fpm
    //The current PHP version is 5.3.5-3, IUS' package's name is php53u
    //You can run command blew to find out lastest version
    yum list | grep -w \.ius\.

Step 5. configure php-fpm

  • //setup php-fpm
    vim /etc/php-fpm.d/www.conf
    //Find Unix user/group of processes
    //change user & group to www

Step 6. Install Nginx

  • //visit http://nginx.org/en/download.html to get lastest Nginx
    //for example, we use http://nginx.org/download/nginx-0.9.5.tar.gz

    yum install pcre pcre-devel # these are depend by nginx
    cd /tmp
    wget http://nginx.org/download/nginx-0.9.5.tar.gz
    tar -zxvf nginx-*.tar.gz
    cd nginx-*
    ./configure --user=www --group=www --conf-path=/etc/nginx/nginx.conf --with-http_stub_status_module --with-http_ssl_module
    make
    make install

    //register nginx as a service
    vim /etc/init.d/nginx
    //paste the script blew then run: chmod 755 /etc/init.d/nginx

    #!/bin/sh
    #
    # nginx - this script starts and stops the nginx daemin
    #
    # chkconfig: - 85 15
    # description: Nginx is an HTTP(S) server, HTTP(S) reverse \
    # proxy and IMAP/POP3 proxy server
    # processname: nginx
    # config: /etc/nginx/nginx.conf
    # pidfile: /usr/local/nginx/logs/nginx.pid
    # Source function library.
    . /etc/rc.d/init.d/functions
    # Source networking configuration.
    . /etc/sysconfig/network
    # Check that networking is up.
    [ "$NETWORKING" = "no" ] && exit 0
    nginx="/usr/local/nginx/sbin/nginx"
    prog=$(basename $nginx)
    NGINX_CONF_FILE="/etc/nginx/nginx.conf"
    [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
    lockfile=/var/lock/subsys/nginx
    start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
    }
    stop() {
    echo -n $"Stopping $prog: "
    killproc $prog
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
    }
    restart() {
    configtest || return $?
    stop
    start
    }
    reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
    }
    force_reload() {
    restart
    }
    configtest() {
    $nginx -t -c $NGINX_CONF_FILE
    }
    rh_status() {
    status $prog
    }
    rh_status_q() {
    rh_status >/dev/null 2>&1
    }
    case "$1" in
    start)
    rh_status_q && exit 0
    $1
    ;;
    stop)
    rh_status_q || exit 0
    $1
    ;;
    restart|configtest)
    $1
    ;;
    reload)
    rh_status_q || exit 7
    $1
    ;;
    force-reload)
    force_reload
    ;;
    status)
    rh_status
    ;;
    condrestart|try-restart)
    rh_status_q || exit 0
    ;;
    *)
    echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
    exit 2
    esac

Step 7. Start at boot
chkconfig mysql on
chkconfig php-fpm on
chkconfig nginx on

Step 8. Start services
service mysql start
service php-fpm start
service nginx start

Finish

By the way, there is an easy solution which help you do the same, try LNMP Installer for RHEL & CentOS

Filed under: CentOS, Linux No Comments
9Feb/110

Set up a Minecraft Server on CentOS

Setting up a Minecraft server can be pretty difficult if you don't know what you're doing. This tutorial is to simplify running it on CentOS 5.

We'll need to following:

- Dedicated Server / Xen based VPS
- CentOS 5.x 32bit/64bit
- 1GB of RAM or more
- Latest Java JDK
- Minecraft Server

Let's start with getting a Xen VPS, grab one from PhotonVPS. You'll need a Xen one, so I'll recommend a WARP2 or higher.

Now, let's get started by installing Java-JDK:

yum install java-1.6.0-openjdk

Now, let's check if Java was installed:

which java

It should display the following if it was properly installed:

/usr/bin/java

We're done with that now, let's create a directory for Minecraft then install it:

1. Make sure we're in the root directory still:

cd

2. Now let's create the directory:

mkdir Minecraft

3. Enter the directory:

cd Minecraft

4. Time to get Minecraft:

wget http://minecraft.net/download/minecraft_server.jar

5. We'll need to make sure Minecraft as all the correct permissions:

chmod +x minecraft_server.jar

Minecraft is now installed!

From here we'll need to install "screen" to keep the Minecraft server running after we close the SSH session.

Install screen:

yum install screen

Now, we'll use the screen and run Minecraft from there.

screen

Starting up Minecraft now:

java -Xmx1024M -Xms1024M -jar minecraft_server.jar nogui

(*1024 value can be changed depending on how much RAM your VPS has)
Ex. 512MB VPS - java -Xmx512M -Xms512M -jar minecraft_server.jar nogui
Ex. 2048MB VPS - java -Xmx2048M -Xms2048M -jar minecraft_server.jar nogui

To get back to the normal screen now you'll have to do the following:

Control + a + d

To get back to the screen where Minecraft is running:

screen -r

That's it for getting Minecraft up and running on CentOS!

If you need a VPS, check out PhotonVPS Xen based VPS and use coupon code "MINECRAFTVPS" to receive 10% recurring on all monthly plans.

http://www.photonvps.com/minecraft.html

Filed under: CentOS, Linux No Comments
28Jan/110

Kloxo – Processed Logs

Kloxo saves all the log files in the processed stats folder. What you need to do is go to your Kloxo control panel and do the following:

- Resources > Domain Defaults > Remove Processed Logs > Update

Filed under: CentOS, Linux No Comments
20Jan/110

Install Kloxo/LxAdmin on CentOS 5.x 32bit

Kloxo installation is fairly easy, however keep in mind this only works on CentOS 32bit.  There is a few bugs in 64bit and I would not recommend it's use.

Let's check what version of CentOS you're on first:

# uname -m
i686 <-- This means it's 32bit.
x86_64 <-- This means it's 64bit

Next let's get the Kloxo installer by running this command:

# wget http://download.lxlabs.com/download/kloxo/production/kloxo-install-master.sh

Now we can install Kloxo:

# ./kloxo-install-master.sh

This will take some time now, after it's completed the below message will appear:

Congratuations. Kloxo has been installed succesfully on your server as master
You can connect to the server at https://<ip-address>:7777 or http://<ip-address>:7778
Please note that first is secure ssl connection, while the second is normal one.
The login and password are 'admin' 'admin'. After Logging in, you will have to change your password to something more secure
We hope you will find managing your hosting with Kloxo refreshingly pleasurable, and also we wish you all the success on your hosting venture
Thanks for choosing Kloxo to manage your hosting, and allowing us to be of service

Now open your Browser and type http://(ip-address):7778 and login with

Username : admin
Password : admin

Follow the instructions to change your password

Filed under: CentOS, Linux No Comments
19Jan/110

Change Windows 2008 Administrator Password

To change the Administrator password on Windows 2008, please follow the directions below:

Membership in Administrators, or equivalent, is the minimum required to perform this procedure.

To change the Administrator password in Windows Server 2008

  1. Log on to the computer using the Administrator account.
  2. Click Start > Settings, click Control Panel, and then double-click User Accounts.
  3. In User Accounts, in Make changes to your user account, click Change your password.
  4. In Change your password, in Current Password, type your password.
  5. In New password, type a new password.
  6. In Confirm new password, retype the password.
  7. In Type a password hint, type a word or phrase that will remind you of your password or, optionally, leave this field blank.
  8. Click Change password.
Filed under: Windows No Comments
19Jan/110

Change Windows 2003 Administrator Password

To change the Administrator password on Windows 2003, please follow the directions below:

Membership in Administrators, or equivalent, is the minimum required to perform this procedure.

To change the Administrator password in Windows Server 2003

  1. Log on to the computer using the Administrator account.
  2. Click Start > Settings > Control Panel, right-click Administrative Tools, and then click Open. Administrative Tools opens.
  3. Double-click Computer Management, click Local Users and Groups, and in the details pane, double-click Users. The Users folder opens.
  4. In the details pane, right-click the account that you want to change, and click Set Password. A warning dialog box opens. Read the information to determine whether you want to proceed with the step to change the password.
  5. In New Password, type a password. In Confirm password, retype the password, and then click OK.
Filed under: Windows No Comments
10Jan/110

PPTP VPN Setup – Xen CentOS 5

Note: This tutorial is based on the YardVPS Xen (Tree plan) using CentOS 5

Please select CentOS 5 32bit as your OS when you purchase your YardVPS or rebuild the VPS via SolusVM.

First install the PPTPD VPN and it's dependencies and then update your OS.

yum install ppp iptables vim-enhanced -y

rpm –Uvh http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm

yum update

Edit the following files with vim or whichever editors you prefer.

/etc/ppp/options.pptpd

add a line:

ms-dns 8.8.8.8

/etc/pptpd.conf

add two lines at the bottom of the file.

localip 192.168.216.1

remoteip 192.168.216.2-100

/etc/ppp/chap-secrets

add your vpn clients in this file with this format:

username PPTPD password *

or

username PPTPD password  [specified ip address which is in the range of 2-100, the range should be conformed to what’s at the bottom of /etc/pptpd.conf, see above ]

/etc/sysctl.conf

modify:

net.ipv4.ip_forward  =  1

Issue the following command:

sysctl –p

iptables -t nat -A POSTROUTING -s 192.168.216.0/24 -o eth0 -j MASQUERADE

/etc/init.d/iptables save

/etc/init.d/pptpd start

chkconfig pptpd on

chkconfig iptables on

Setup PPTPD VPN on Windows client

Enter your VPS IP here:

Enter the username and password in /etc/ppp/chap-secrets

Connect to your PPTP VPN and Cheers!

Filed under: CentOS, Linux, Xen No Comments
10Jan/110

OpenVPN Setup – Xen CentOS 5

Note: This tutorial is based on the YardVPS Xen (Tree plan) using CentOS 5

Please select CentOS 5 32bit as your OS when you purchase your YardVPS or rebuild the VPS via SolusVM.

Installing OpenVPN

The packages required to install OpenVPN and it's dependencies are not available in the standard CentOS repositories. As a result, in order to install OpenVPN, we must install the "EPEL" system. EPEL, or "Extra Packages for Enterprise Linux," is a product of the Fedora Project that attempts to provide Enterprise-grade software that's more current than what is typically available in the CentOS repositories. Enable EPEL with the following command:

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

Make sure your package repositories and installed programs are up to date by issuing the following command:

yum update

Answer Y when it prompts.

Now we can begin installing the OpenVPN software with the following command:

yum install openvpn

Answer Y when it prompts.

The OpenVPN package provides a set of encryption-related tools called "easy-rsa". These scripts are located by default in the /usr/share/doc/openvpn/examples/easy-rsa/ directory. However, in order to function properly, these scripts should be located in the /etc/openvpn directory. Copy these files with the following command:

cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn

Most of the relevant configuration for the OpenVPN public key infrastructure is contained in /etc/openvpn/easy-rsa/2.0/, and much of our configuration will be located in this directory.

Install Vim(need not do this if you would like use nano as your favorite editor on linux)

Configure Public Key Infrastructure Variables

Before we can generate the public key infrastructure for OpenVPN we must configure a few variables that the easy-rsa scripts will use to generate the scripts. These variables are set near the end of the /etc/OpenVPN/easy-rsa/2.0/vars file. Here is an example of the relevant values:

File: /etc/OpenVPN/easy-rsa/2.0/vars :

export KEY_COUNTRY="US"

export KEY_PROVINCE="CA"

export KEY_CITY="SanFrancsico"

export KEY_ORG="Fort-Fuston"

export KEY_EMAIL="me@myhost.mydomain"

Alter the examples to reflect your configuration. This information will be included in certificates you create and it is important that the information be accurate, particularly theKEY_ORG and KEY_EMAIL values.

Initialize the Public Key Infrastructure (PKI)

Issue the following three commands in sequence to initialize the certificate authority and the public key infrastructure:

cd /etc/OpenVPN/easy-rsa/2.0/

. /etc/OpenVPN/easy-rsa/2.0/vars

. /etc/OpenVPN/easy-rsa/2.0/clean-all

. /etc/OpenVPN/easy-rsa/2.0/build-ca

These scripts will prompt you to enter a number of values. By configuring the vars you can be sure that your PKI is configured properly. If you set the correct values in vars, you will be able to press return at each prompt.

Generate Certificates and Private Keys

With the certificate authority generated you can generate the private key for the server. To accomplish this, issue the following command:

. /etc/OpenVPN/easy-rsa/2.0/build-key-server server

This script will also prompt you for additional information. By default, the Common Name for this key will be "server". You can change these values in cases where it makes sense to use alternate values. The challenge password and company names are optional and can be left blank. When you've completed the question section you can confirm the signing of the certificate and the "certificate requests certified" by answering "yes" to these questions.

With the private keys generated, we can create certificates for all of the VPN clients. Issue the following command:

. /etc/OpenVPN/easy-rsa/2.0/build-key client1

Replace the client1 parameter with a relevant identifier for each client. You will want to generate a unique key for every user of the VPN. Each key should have it's own unique identifier. All other information can remain the same. If you need to add users to your OpenVPN at any time, repeat this step to create additional keys.

Generate Diffie Hellman Parameters

The "Diffie Hellman Parameters" govern the method of key exchange and authentication used by the OpenVPN server. Issue the following command to generate these parameters:

. /etc/OpenVPN/easy-rsa/2.0/build-dh

This should produce the following output:

Generating DH parameters, 1024 bit long safe prime, generator 2

This is going to take a long time

This will be followed by a quantity of seemingly random output. The task has succeeded.

Relocate Secure Keys

The /etc/OpenVPN/easy-rsa/2.0/keys/ directory contains all of the keys that you have generated using the easy-rsa tools.

In order to authenticate to the VPN, you'll need to copy a number of certificate and key files to the remote client machines. They are:

  • ca.crt
  • client1.crt
  • client1.key

You can use the scp tool, filezilla, or any other means of transferring. Be advised, these keys should transferred with the utmost attention to security. Anyone who has the key or is able to intercept an unencrypted copy of the key will be able to gain full access to your virtual private network.

Typically we recommend that you encrypt the keys for transfer, either by using a protocol like SSH, or by encrypting them with the PGP tool.

The keys and certificates for the server need to be relocated to the /etc/openvpn directory so the OpenVPN server process can access them. These files are:

  • ca.crt
  • ca.key
  • dh1024.pem
  • server.crt
  • server.key

Issue the following commands:

cd /etc/OpenVPN/easy-rsa/2.0/keys

cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn

These files need not leave your server. Maintaining integrity and control over these files is of the utmost importance to the integrity of your server. If you ever need to move or back up these keys, ensure that they're encrypted and secured. If these files are compromised, they will need to be recreated along with all client keys.

Revoking Client Certificates

If you need to remove a user's access to the VPN server, issue the following command sequence.

. /etc/OpenVPN/easy-rsa/2.0/vars

. /etc/OpenVPN/easy-rsa/2.0/revoke-full client1

This will revoke the ability of users who have the client1 certificate to access the VPN. For this reason, keeping track of which users are in possession of which certificates is crucial.

=====DON’T REVOKE IT AT THIS MOMENT=====

Configuring the Virtual Private Network

We'll now need to configure our server file. There is an example file in /usr/share/doc/openvpn-2.1.1/examples/sample-config-files. Issue the following sequence of commands to retrieve the example configuration files and move them to the required directories:

cp /usr/share/doc/openvpn-2.1.1/sample-config-files/server.conf /etc/OpenVPN/

cp /usr/share/doc/openvpn-2.1.1/sample-config-files/client.conf ~/

cd ~/

Modify the remote line in your ~/client.conf file to reflect the OpenVPN server's name or IP.

File: ~/client.conf

# The hostname/IP and port of the server.

# You can have multiple remote entries

# to load balance between the servers.

remote VPS_IP 1194

Edit the client.conf file to reflect the name of your key. In this example we use client1 for the file name.

File: ~/client1.conf

# SSL/TLS parms.

# See the server config file for more

# description.  It's best to use

# a separate .crt/.key file pair

# for each client.  A single ca

# file can be used for all clients.

ca ca.crt

cert client1.crt

key client1.key

Copy the ~/client1.conf file(which is the client1.ovpn file mentioned below for the openvpn client in Windows) to your client system. You'll need to repeat the entire key generation and distribution process for every user and every key that will connect to your network.

Using OpenVPN

Connect Remote Networks Securely With the VPN

Once configured, the OpenVPN server allows you to encrypt traffic between your local computer and your Linode's local network. While all other traffic is handled in the conventional manner, the VPN allows traffic on non-public interfaces to be securely passed through your Linode. This will also allow you to connect to the local area network in your Linode's data center if you are using the LAN to connect to multiple Linodes in the same datacenter. Using OpenVPN in this manner is supported by the default configuration, and if you connect to the OpenVPN you have configured at this point, you will have access to this functionality.

Tunnel All Connections through the VPN

By deploying the following configuration, you will be able to forward all traffic from client machines through your Linode, and encrypt it with transport layer security (TLS/SSL) between the client machine and the Linode. Begin by adding the following parameter to the /etc/OpenVPN/server.conf file to enable "full tunneling":

File excerpt: /etc/OpenVPN/server.conf

push "redirect-gateway def1"

push "dhcp-option DNS 8.8.8.8"

Now edit the /etc/sysctl.conf file to modify the following line to ensure that your system is able to forward IPv4 traffic:

File excerpt: /etc/sysctl.conf

net.ipv4.ip_forward = 1

...

#net.ipv4.tcp_synccookies = 1 ‘comment this line’

Issue the following command to config it:

sysctl -p

Issue the following commands to configure iptables to properly forward traffic through the VPN:

iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT

iptables -A FORWARD -j REJECT

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

/etc/init.d/iptables save

Connect to the OpenVPN

To initialize the OpenVPN server process, run the following command:

/etc/init.d/openvpn start

This will scan the /etc/openvpn directory on the server for files with a .conf extension. For every file that it finds, it will create and run a VPN daemon (server). Enable OpenVPN to start on the following boot, issue the following command:

chkconfig openvpn on

chkconfig iptables on

The process for connecting to the VPN varies depending on your specific operating system and distribution running on the client machine. You will need to install the OpenVPN package for your operating system if you have not already.

Most network management tools provide some facility for managing connections to a VPN. Configure connections to your OpenVPN through the same interface where you might configure wireless or ethernet connections. If you choose to install and manage OpenVPN manually, you will need to place the the client1.conf file and the requisite certificate files in the local machine's /etc/openvpn directory, or equivalent location.

So far the openvpn server is setup and running on your yardvps.

Let’s setup your openvpn client on your windows.

Download your windows client at http://openvpn.net/index.php/open-source/downloads.html

Install it.(all next buttons)

  • Copy the client1.conf ca.crt  client1.crt  client1.key 4 files into your openvpn <installation directory>\config\ (defaults to C:\Program Files\Openvpn\config)
  • Rename client1.conf to client1.ovpn

Edit the remote line with the format:

remote vps_ip 1194

Now run openvpn-gui and right click the tray icon, select connect . You should be now on your openvpn network. Cheers~!

Filed under: CentOS, Linux, Xen No Comments