My Linux box

  1. The project
  2. Installing an SSH server
    1. /etc/ssh/sshd_config
  3. Basic networking and DHCP
    1. /etc/network/interfaces
    2. /etc/dhcp3/dhcpd.conf
  4. Samba filesharing
    1. Samba users
    2. /etc/samba/smb.conf
  5. Still to come…

Update 2/2/2010: This is now pretty much here for historic purposes as I’ve repurposed my ITX box and actuall no longer run Linux on anything at home. Someone may still have use for what’s here (I intended it to be a pretty simple walkthrough, so probably), so I’m leaving it here for the time being.

The project

While at uni I dabbled with the idea of using Linux as my main desktop OS. It was a nice hobby, and my local Linux Users Group was cool, but basically all my home computers run Windows because I got bored of keeping up with the scene and wanted something that’d Just Work.

All my home computers, except the one that sits in a corner without a monitor, runs 24/7, and does little things like download my torrents, store my network backups, admin my entire computer network… all the things that are a complete crap to do with a Windows machine.

I could’ve used an NSLU2 for this. I could’ve used any one of a number of consumer NAS things. Really, the machine I built to do all this network appliance crap is vast overkill – it’s a small computer, but it’s bigger than a NAS; it’s a full-on desktop PC, so it sucks more power than a NAS; and it cost more to buy and build than an NSLU2 setup would.

But I love small desktop PCs, and I’m pretty familiar with Ubuntu Linux, so I bought the parts for a Mini-ITX box and made myself a headless Ubuntu server.

Here’s my notes from setting it all up, for me to have at hand for reference if it blows up and I have to do it all again.

Installing an SSH server

If you want to run your Linux box without a keyboard, mouse and monitor attached, you’ll be doing most of your configuration and such via SSH – a remote, command-line login.

Ubuntu is proud of its out-of-the-box security, boasting no open ports whatsoever on a default desktop install. What this means is that unlike Debian you have to manually install an SSH server before you can use it over the network. It’s pretty simple, though:

$ sudo apt-get install openssh-server

/etc/ssh/sshd_config

There’s only two sshd options I’ve ever really cared about; one is X11 forwarding, which is on by default anyway, and the port the server listens on. I’m generally content with leaving the port at 22, and forwarding a different port to it from outside with my router.

Once you’ve set up the SSH server to your liking, you should now be able to connect to it from another computer with an SSH client. I use PuTTY:

Basic networking and DHCP

Computers communicate with each other on a network by referring to unique IP (Internet Protocol) addresses, which are assigned to computers by a special DHCP (Dynamic Host Control Protocol) server, which is frequently your ADSL modem or router.

/etc/network/interfaces

To set a static IP address, you need to put the following in your /etc/network/interfaces file:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.1.24
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.0.255
gateway 192.168.1.1

The first two lines deal with Linux’s loopback device – you don’t want to mess with that.

The next few define your network interface eth0 as having a static configuration. It will use the IP address 192.168.1.24, it is part of the 192.168.1.0 subnet, and the ACTUAL gateway – the network node that shares its internet access with others, generally your ADSL modem/router – is at 192.168.1.1.

After changing this information, you’ll have to restart networking:

$ sudo /etc/init.d/networking restart

If you’re SSH’d into the machine while you do this, you’ll lose the connection. If you’re changing its IP address when you do this, remember to connect to the new address.

Because I have a deathly hatred of consumer ADSL modems, I wanted my Linux box doing my DHCP duties, including fixed address settings.

Once you’ve set a static IP address, you need to install package dhcp3-server:

$ sudo apt-get update
$ sudo apt-get install dhcp3-server

/etc/dhcp3/dhcpd.conf

The magic configuration file is /etc/dhcp3/dhcpd.conf. Open it, and add the following to the bottom:

subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.128 192.168.1.192;
        option domain-name-servers 220.233.0.2;
        option domain-name "tim.id.au";
        option routers 192.168.1.1;
        default-lease-time 600;
        max-lease-time 7200;
}

What this does is tell the DHCP server that it manage IP addresses in the 192.168.1.x subnet. Any computers that request an IP address will be given one in the range 192.168.1.128 to 192.168.1.192 (I picked 128-192 for no reason except that I like them). They will also be told to use the DNS server at 220.233.0.2, which is my ISP’s primary DNS server, and that their gateway is 192.168.1.1, my ADSL router.

I wanted more, though; I wanted fixed-address DHCP. This is a way to create exceptions to the DHCP rules, where specific computers will be given specific IP addresses – if you want your laptop to have a certain IP at home but use DHCP-assigned addresses everywhere else, a fixed address will let you do it without having to set it back to use static when you go home again.

This is done by creating host entries for each of your fixed address computers in the dhcpd config, like so:

host darkknight {
        hardware ethernet 00:1c:c0:8b:67:91; #intel 82567lf-2
        fixed-address 192.168.1.14;
        option host-name "darkknight";
}

host radiostar {
        hardware ethernet 00:16:6f:98:84:49; #intel 2915abg
        fixed-address 192.168.1.34;
        option host-name "radiostar";
}

host mothership {
        hardware ethernet 00:18:e7:27:1b:06; #netcomm np544 usb
        fixed-address 192.168.1.44;
        option host-name "mothership";
}

Basically, this tells the DHCP server that when a computer with a MAC address of 00:16:6f:98:84:49 pops up, it should assign it the IP address 192.168.1.34. (Which, you should notice, is outside the 192.168.1.128-192 range; doing this ensures you won’t cause clashes, if for example another machine has already taken .34 when Radiostar wakes up. It’s also an easy way of telling which computers are mine and which aren’t, based on what IP the DHCP server’s given them.)

Putting a # in a .conf file makes the remainder of that particular line a comment – text which the program reading the server configuration will ignore, but makes the file more human-readable. I’ve made note next to each of the MAC addresses which network adapter that actually is; this can save headaches later on if you happen to swap network cards between computers and things start acting weirdly.

I recommend including a commented-out table of computer names, IP addresses, mac addresses and other info so you can refer back to it later:

#router         192.168.1.1     static
#1320cn         192.168.1.11    08:00:37:73:ae:f9
#darkknight     192.168.1.14    00:1c:c0:8b:67:91
#isengard       192.168.1.24    static
#radiostar      192.168.1.34    00:16:6f:98:84:49
#mothership     192.168.1.44    00:18:e7:27:1b:06

When you’re done messing with the configuration, restart the server:

$ sudo /etc/init.d/dhcp3-server restart

Samba filesharing

Microsoft Windows uses a thing called Server Message Block, or SMB, to allow sharing of files and resources across a network. You need not care about this, except that Samba is an open source project that lets you run a Windows-compatible fileserver on a Linux box.

I wanted Isengard to be something I could just drag and drop my backups to, without messing around with FTP/SFTP. Samba lets me do that, with only a couple of annoying glitches.

To get it installed on Ubuntu, you need the samba package:

$ sudo apt-get install samba

If you want to get into Linux printer sharing, or browsing Windows network shares on Linux, check out SettingUpSamba on the Ubuntu help website. I just wanted a separate fileserver, so that’s what my notes here cover.

Samba users

Samba keeps a separate list of users for network share access; this can be a bit confusing at first, but means you can set up completely different users of the computer itself and of the fileshares. Samba users are managed by smbpasswd:

$ sudo smbpasswd -a tim
New SMB password: ********
Retype new SMB password: ********

For the time being I just want the one user, because I’m the only one using the Linux box as a fileserver. You could easily add another user, with permissions for their own shares as set out below in the Samba config file.

/etc/samba/smb.conf

Make sure it’s set to use the same workgroup as your Windows PCs. This could be “mshome” if you have XP Home machines, but most people just use “workgroup”.

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP

Apart from that, you could just leave the multitude of other options alone, skip to the bottom of the configuration file and start defining your own network shares:

[Torrents incoming]
path = /misc/torrents-incoming
browsable = yes
valid users = tim
writable = yes

[Torrents finished]
path = /misc/torrents-finished
browsable = yes
valid users = tim
writable = yes

[Backups]
path = /misc/backups
browsable = yes
valid users = tim
writable = yes

After you’ve done that, restart samba to apply the new settings:

$ sudo /etc/init.d/samba restart

Still to come…

– Headless torrenting with Azureus and azwebui