Zack's Website

My Egotistic and Esoteric Website

Installing Slackware Linux

FreeBSD is a VERY secure operating system. I use it in areas that need extra hardening.

Here are some of my installation Steps

1.) Boot from FreeBSD install CD
2.) Install SSH (to allow remote access and change port in /etc/ssh/sshd_config to something other than 22) - I'm not going to tell you what I use also see below to lock out root access if on the Internet!  But use a port between 1000 - 65535 that's not currently in use.
3.) Add a default user - so you don't run as root
4.) Make sure security patches are installed by doing...
4b.) freebsd-update fetch
4b.) freebsd-update install
4c.) pkg audit -F

You're done!  This will give you a secured installation.

 

Secure The Box!

Now you don't want "root" hack attempts, right?  So just set the SSH daemon to deny root access to the box.  You MUST do this if you're connected to the Internet.  There are tens of thousands of hack requests per month.  Most originate from China and Russia, but you never know where the bad guy truely is.  So do the following...

1.) Change the Port to something other than 22 (like I told you to above).

2.) Edit /etc/ssh/sshd_config

3.) Set "Protocol 2"

4.) Set "PermitRootLogin no"

5.) Number 3 and 4 are Mandatory, but I also set "LoginGraceTime 1m", "MaxAuthTries 2" as well to thwart bad login attempts.

Now if you need to login as root, you need to login as a user first, then "su root" to get access as a root user.  This is way more secure.

1.) Add yourself to the wheel account
1a.) pw group mod -n wheel -m zburns

 

Never, Never, "Run as root"

You should never run common commands, X Windows, etc as root.  It's not that it causes a problem, it's just a safety feature all Linux/Unix/BSD/etc. administrators should follow.   There are some cases when you need to login as root to install a program, or configure part of the system.  With all that "back and forth", you sometimes miss the difference in prompt $ = normal user, wheras # = superuser (root).  I color code my bash prompt by doing the following...

1.) Edit /root/.bashrc

2.) Add the line......PS1='\[\e[1;31m\][\u@\h \W]\$\[\e[0m\] '


Want to Forward X Windows - to connect remotely to your X Windows over SSH?
1.) Edit /etc/ssh/sshd_config and change the following
       AllowTcpForwarding yes
       X11Forwarding yes
       X11DisplayOffset 10
       X11UseLocalhost yes
2.) Restart SSH daemon
       /etc/rc.d/rc.sshd restart
3.) On Local Windows/Linux Machine change /etc/ssh/ssh_config as follows
       ForwardAgent yes
       ForwardX11 yes
4.) Connect to remote X Windows like the following
       ssh -Y remoteuserid@remotemachineip
5.) Check to see if remote commands are echo'd locally
       echo $DISPLAY
       If nothing seen type...
       export DISPLAY=localhost:10.0
6.) Launch a program
       firefox &
       xterm &

FYI - I use Xming (free) and Starnet's XWin32 for XWindows Server.  It allows simple connectivity from Windows to a Linux box.  If you're logging into your system via Putty, then you need to change the X11 Forwarding option to "allow" in that portion of the setup to allow the display to be forwarded.

 

 

Want to Change Your X-Term Font Size?

/usr/bin/xterm -bg black -fg green -cr orange +cm +dc -font -*-fixed-medium-r-*-*-18-*-*-*-*-*-iso8859-* -geometry 150x40

The above line will launch X-Term with a Black Background, Green Font, Orange Cursor and an 18 point font size on a 150 pixel wide by 40 pixel tall window.
 

 

 

First time using Linux?  Here are some helpful commands and key combinations (to use from the physical box).

CTRL-ALT-F1 through CTRL-ALT-F6 takes you to virtual terminals.

CTRL-ALT-F7 - takes you to your running XWindows screen.

 

 

Console Screen Blanking?  Yeah, I Hate That Too!

Change the following script from blanking the screen after 15 minutes to something else (or not at all).  I'm not a big fan of power management, etc.  Damn tree-huggers!  Not sure why the distros like this setting in there.

Edit "/etc/rc.d/rc.M" and change the line starting "/etc/setterm -blank 15 -powersave powerdown -powerdown 60" to something more appropriate.

 

Slack Build Repository - By "Alien Bob" (Eric Hameleers' Slackware Repository RSS Feed) - he's a Slackware Guru.

Visit or subscribe to the repository at - http://connie.slackware.com/~alien/slackbuilds/ChangeLog.rss

 

Want to read information about a command?  Read the manual!

Anything you ever want to know is in the man page.  Just type "man man" or "man command_here" and you'll get a wealth of information.  Want to leave what you've just read on the screen instead of clearing it out when you quit the man page?  Edit as root the /usr/lib/man.conf and change the PAGER line to look like this "PAGER   /usr/bin/less -isX" (notice the X) - that'll help when you find that perfect command and don't want the help disappearing on you - helpful in a console only screen.

 

So you're interested in "slackware-current"?

Slackware-Current is the latest and greatest packages as determined by Slackware's maintainers.  You can keep your system stable, or change your mirror to current.  You can switch to current by doing the following...

  1. Set your preferred slackware-current mirror by uncommenting the relevant line in /etc/slackpkg/mirrors.
  2. Update package list: # slackpkg update
  3. Install new packages: # slackpkg install-new
  4. Upgrade all installed packages: # slackpkg upgrade-all
  5. Remove unneeded packages: # slackpkg clean-system
  6. Repeat steps 2, 3, 4 and 6 once or twice a week to ensure that you are always in sync with the "current" development.

 

Other Questions?

Visit Linux Questions at http://www.linuxquestions.org - it is the de-facto place for anything Slackware.