Based upon suggestions, I'll ask Patrick to add new catagories. Pat, if you see this, there are probably a couple that we could add.

I changed the hostname with hostname command and also modified the hostname in /etc/hosts.

Then, I tried /usr/local/psa/bin/reconfigurator.sh to confirm the correct ip address for name based hosting.

But, while restarting MySQL failed to restart.

Please advice me, what went wrong? and how to fix it.

Thanks
uka

Stange things, hostname gets itself changed to plesk.rachshack.net

When I tried to use /sbin/linuxconf, only a blank line appears and nothing happens, as under:-

[root@plesk admin]# /sbin/linuxconf
_

linuxconf is there in the sbin directory, please tell me, how to start and use the linuxconf.

Bugger in hell, I forgot to leave this port open.

How do I re enable it in pmfirewall?

Bugger ;-(

Brian

Please guy's, can anyone help me!

Sorted, re run install and started from fresh.

As you run the install script it defaults to a standard set of instriuctions, all you have to do is press enter, but be VERY carefull when it comes to ports and make sure you leave you usual ports open I.E. 8443, 21, 22 etc etc

Dont want to lock yourself out like I did do we.

i want to do the ssh upgrade you post.

But it doesn't work.
first now is there on the ftp only the Version 11 not 8. That isn't so serious - before i tried to install:

rpm -U ftp://ftp.redhat.com/pub/redhat/linux/upd...2-11.7.i386.rpm
error: failed dependencies:
libc.so.6(GLIBC_2.2.4) is needed by openssh-server-2.9p2-11.7

so i try to install/update the new glibc 2.2.4:

error: failed dependencies:
glibc-common = 2.2.4-19 is needed by glibc-2.2.4-19
glibc-devel < 2.2.3 conflicts with glibc-2.2.4-19
glibc > 2.2.2 conflicts with glibc-common-2.2.2-10
glibc = 2.2.2 is needed by glibc-devel-2.2.2-10

oh, i think - ok maybe i have to do the right sequence.. :
the glibc-common first..

[root@plesk /root]# rpm -U ftp://ftp.redhat.com/pub/redhat/linux/upd...2.4-19.i386.rpm
error: failed dependencies:
glibc < 2.2.4 conflicts with glibc-common-2.2.4-19
glibc-common = 2.2.2-10 is needed by glibc-2.2.2-10

now i stopped.. is there anything installed now or is it removed ?
how can i do it now ?
any idea ? RedHat is a new terrain to me (Used only IBM-AIX before) (*g* RedHat=MadHat)

Please help..

Okay, you've got ssh installed, next thing to do is to install pmfirewall.
http://www.pointman.org

download the latest version and copy it to your server. I used the /tmp folder.

'gunzip pmfirewall*' at the #prompt as super user

then 'tar -xf pmfirewall*.tar'

'cd' into the 'pmfirewall*' folder
and run './install.sh'

answer the various questions appropriate to your server, but remember to choose to leave port 8443 open.

Next thing you want to do is install snort.
Personally I've not managed to get a version of snort for linux 7.1 yet. So if anyone could help in this matter PM me.

I'd also install webmin so you can do the stuff plesk can't on an ad hock basis(currently only using webmin for multipul ftp accounts for SSL on one domain)

if you've not already don so send an email to askmesurfer for another 3 ip addresses (2 for DNS, as using ns1/2.rackshack.net is just another waiste of 5 minutes and propigation time for each domain, and one IP for SSL ip based hosting).
Enable email in the mail section of server in plesk to use POP3(i'd guess thats what most of us are going to use)

lol:D

Boomer

I think we need to start a thread where everybody can post what by his or her opinion needs to be done to a WBL after you bought it. I configured 5 WBLs so far and I am facing to configure 10 more today; I imagine RackShack's techs do 10 times that, so this thread can be useful for them as well.

OK, things you may want to do:

1) Check date & time. On quite a few machines I had the date was set to Jul 2001! You can set the new date & time while in super-user mode:You can use your time zone when setting the time, the system will correctly adjust the time to machine's time zone.

(Of course you can do the same thing with Plesk. Go to Server/System/System Time. The only disadvantage of doing it from Plesk you can't be sure what time zone your server is in).

2) Install/upgrade openssh. If you are going to continue to use shell, install openssh-server (and upgrade openssh-clients to the latest version). By default openssh-server is not installed:rpm -e openssh-clients is needed to remove openssh-clients installation, otherwise openssh will not upgrade to the latest version because of dependency of openssh-clients on the older version (and you can't upgrade openssh-client before upgrading openssh itself).

After that I had to reboot to make openssh-server work, simple /etc/init.d/xinetd restart did not do the trick. Once this is done, you can login to your server with ssh instead of telnet.

3) Change server hostname. First with hostname command check what hostname you have:If this is not the name you wish to have, you can change it. There are reports that using hostname command to change the name creates problems with Plesk: forum.rackshack.net/showthread.php?threadid=1496

What I did and it worked with Plesk, I just used /sbin/linuxconf to change the server's name. Go to 'client tasks', then 'host name and IP network devices', then 'host name + domain' and type your desired host name there. Accept the changes, exit from linuxconf, then reboot with /sbin/reboot.

If you don't have linuxconf, you can install it by executing rpm -U http://customer.saburovo.com/linuxconf-1.2...4r2-10.i386.rpm as root (su).

Jonathan reports that in his case he also had to change /etc/hosts file to make Apache work with new hostname: forum.rackshack.net/showthread.php?postid=9504#post9504

4) Upgrade Plesk installation. The list of what's new/fixed in the latest Plesk patch is too long to put here, you can check for yourself: download1.plesk.com/psa2/build011011.15/psa_v2.0.0_build011011.15_os_RedHat_7.x_i686_patch.txt

Before upgrading, go to Server/System/Statistics and check what version of Plesk you have. psa_v2.0.0_build010911.01_os_RedHat 7.x means you have Build 010911.01 and the latest one from Plesk is Build 011011.15. You can upgrade from shell:Use it on your own risk! I upgraded 5 servers so far (2 Intels and 3 AMDs), it worked, but I can't guarantee it works for you.

Added on Dec 10: Plesk came with another patch, which fixes security issues with phpMyAdmin. You can install it only after you installed the previous one:5) Check/set IP for name-based hosting. Of 15 Plesk servers I have 3 had IP for name-based hosting set incorrectly. As you can see from this post (forum.rackshack.net/showthread.php?threadid=1353) this is quite common problem.

To correct it please follow the steps suggested in Plesk documentation, page 171: run /usr/local/psa/bin/reconfigurator.sh as root (su) from shell, anwer 'Y' to the first question, enter your e-mail address and then just press to choose defaults for the next questions.

6) Switch off portmap. You may want to switch off portmap as suggested here by winston: forum.rackshack.net/showthread.php?threadid=1526:

CODE

[root@plesk admin]# /sbin/service portmap status

portmap (pid 6867) is running...

[root@plesk admin]# /sbin/service portmap stop

Stopping portmapper:                                       [  OK  ]

That's it from my side so far; I'll be interested to hear what other people do with WBLs before putting them into production environment.

Can you please send your test file to me? I would like to test it on upgraded and non-upgraded Plesk and see if this is indeed the cause. If it is, we need to escalate to Plesk as soon as possible.

Well, Winston did. Please see his post regarding Red Hat network above.

I fetched older version of openssh which does not have GLIBC_2.2.4 dependency, so even if all Red Hat mirrors get updated, we will have it. You can use them as well, should be fast between RackShack servers:

http://customer.saburovo.com/openssh-2.9p2...p2-8.7.i386.rpm
http://customer.saburovo.com/openssh-clien...p2-8.7.i386.rpm
http://customer.saburovo.com/openssh-serve...p2-8.7.i386.rpm

You are not alone, this has been discussed: forum.rackshack.net/showthread.php?threadid=1496 and conclusion is you need to use /sbin/linuxconf to change the hostname instead of hostname command.

Actually, rdate is a great way to set the date and time. There are plenty of rdate servers around, and you can set your system clock to match a highly accurate atomic clock.

Don't forget to set your timezone too :-) (Covered in another thread, I think).

Sign up for the RedHat network (it's free for a single machine in many cases). Follow the instructions and then use the "up2date" tool to keep your system up to date. It will automatically download all the bits you need and install them.

I still wish we were using Debian though, apt simply rocks.

I think you really need access to the console to start off a brand new install of a new distro. I guess with enough h@x0ring you could probably get some other distro on...but it's not something I've tried :-]

My deb systems were fresh installs.

lol

i dont suggest upgrading your plesk installation

for the past 3 days i have been searching madly for what has caused my cgi and php scripts to not be working

finally i have my friend try the same ubb test file as me and it works fine for him but for me no it does'nt work i get an internal server error

so do not upgrade your plesk

and i'm still trying to figure out how i'm going to get this one fixed

seems the problem was'nt plesk

wierd eh

it was the ftp program

do not use flashfxp to chmod files it just does'nt work



got cuteftp said the file was 644 instead of 755 so i changed it on there and now it works

majic

www.zdwebhosting.com/cgi-bin/ubb6_test.cgi

http://forum.zdwebhosting.com

thanks a lot from, Zac

What are the pros & cons of using openssh vs. the ssh from ssh.com? (FYI, the free non-commercial version of ssh from ssh.com can be used for commercial purposes on Linux servers.)

Although it's not the best way to do it, you can work around the GLIBC dependency problem for openssh-servers by grabbing an older version of the RPMs from a server that hasn't been updated. ftp://ftp.utfsm.cl/Linux/updates/7.1/i386/ is one of them, for example...you can probably find others through http://www.filesearching.com/

By the way, I haven't found a way to sign up to RH Network for free...is it possible, or is it necessary to pay the $20/month fee?

I think I answered my own question...

You can use the RedHat Network for free by registering from your system (/usr/sbin/rhn_register) and running up2date from there. Then up2date -l will show the list of available updates, and you can type up2date openssh-servers to install everything (it checks dependencies and will install dependent updates also).

Earlier, I was looking at RH's web site only and didn't realize that system profiles had to be created from the server (using the rhn_register command). So the first one is indeed free, and additional servers are $19.95/month.

Looks like others have run into this problem elsewhere...but I didn't see a solution posted for RH 7.1. Here's one link that has some information: http://www.linuxarkivet.nu/mlists/redhat-l...0/msg03217.html

Hmmm...actually, your problem is slightly different, since it points specifically to gethostname. Have you updated your machine's hostname from plesk.rackshack.net to an appropriate value? Check the other threads in the forum for details... Maybe that'll help you avoid that error?

Given a recent CERT advisory ( http://www.cert.org/advisories/CA-2001-35.html ), you`d be as well to disable SSH version 1 on your box, and to disallow root login.

Make sure you have the latest stable SSH release, and then look in /etc/ssh/sshd_config

If there is no line beginning with the word "Protocol", add one just after the Port line, thus :

Protocol 2

then look a little further down the file and find :
PermitRootLogin

Change the "yes" to "no".
Save the file, exit, and restart sshd :
/etc/init.d/sshd restart

Thanks

Excellent information and well presented!

I want to install Open SSH, through the RHN thing. I successfuly registered with the rhn, but I can not figure out how to do the updating, can anyone help me out?

noti, that's all well and good but when i try to do it, it gives me a message saying
---
Your GPG keyring does not contain the Red Hat, Inc. public key. Without it, you will be unable to verify that packages Update ANgent Downloads are securely signed by Red Hat.

Your Update Agent options specify that you want to use GPG.

/usr/bin/gpg --import /usr/share/rhn/RPM_GPG_KEY

---
WHat do i do?

Realist, when I tried to install the firewall it asked me do you use DHCP to connect to the internet. WHat does it mean by that?
If you can, would you walk through the steps of the installation?Thanks, this would be a great help.

Have anybody found a solution for the problems Tobias raised? :confused:

i tried to register through rhn_register but got this error message after pressing the next button on the personal info page :

Traceback (innermost last):
File "/usr/sbin/rhn_register", line 119, in ?
main()
File "/usr/sbin/rhn_register", line 100, in main
tui.main()
File "/usr/share/rhn/register/tui.py", line 1033, in main
tui.run()
File "/usr/share/rhn/register/tui.py", line 982, in run
win = self.windows[index](self.screen, self)
File "/usr/share/rhn/register/tui.py", line 552, in __init__
hardware.read_network()
File "/usr/share/rhn/register/hardware.py", line 261, in read_network
netdict['ipaddr'] = gethostbyname(gethostname())
socket.error: host not found

did i fill in something wrong? how do it fix it?

i assume that you are using plesk cp

after registration and as root, type :

/usr/sbin/up2date

there will be an intruction on how to enable up2date, just follow the instruction. after you have done that, get the list of uninstall patches by typing :

/usr/sbin/up2date -l

you will see the long list of uninstalled patches, with basically 3 fileds - name, version, (cant remember whats the 3rd one) ... to install the patches just type :

/usr/sbin/up2date

= the uninstall patch name(the ONE you with to install) e.g. openssh-servers

just repeat the command above to install all the desire patches. for more info regarding the patches, go to http://www.redhat.com/support/errata/rh71-errata.html

actually that is the intruction i meant above ... just type in :

/usr/bin/gpg --import /usr/share/rhn/RPM_GPG_KEY

and you will be able to run up2date ... hope it works for you

Hey dabystru (and others), just saying thanks for the info

I'm considering getting a Plesk box from RS and it's nice to know everything that i'm gonna have to do to it to get it all working safely. Maybe you can put up a webpage with all this up-to-date info?

Thanks again.

New to the RAQ game, I am faced with installing and upgrading a number of apps and like the RedHat Network Winston mentioned but have a couple of questions:

1) Where do you sign up? I looked at redhat.com but could'nt find it.

2) What level of control do you have over what and when new versions of apps are installed with this tool?

3) Has anyone had bad experiences with this?

Thanks.

Additional thought/question:

As much as the sound of automatic updates is appealing, couldn't this have a negative effect in installing unwanted apps/upgrades?

For example, some patches have been discovered to have bugs themselves after being used for a while. Having these automatically upgraded on your box might create more work in uninstalling.

Also, wouldn't this be another service running, and would there be a performance hit?

Just a thought. I like the idea, but haven't gotten any feedback so I am wondering how many of you are actually using this tool.

I will probably err on the side of caution and do my installs manually, but I am still interested in any comments in this regard.

Thanks.

dabystru> I tried to install the OpenSSH according to your instructions but I get the same dependency error as Tobias.

Any ideas? I need the Linux newbie version. Thanks.


:confused:

dabystru, is this information for use with an Ensim box as well?