administration – Page 2

Cups Print Server with remote printer driver

To enable remote printing on a print server first setup the server with the correct printer drivers. In my case I had to install foo2zjs package in order to get my printer running. My network printer was than configured using the cups webinterface as socket://:9100 which is quiet specific for my HP printer.
The remote printing must be configured using the following entries in cupsd.conf:

Listen ip of printserver:631
BrowseOrder Deny,Allow
BrowseAllow From local net/255.255.255.0

Order deny,allow
Deny From All
Allow From localnet /255.255.255.0

on the client side please add the following directive to cupsd.conf:

BrowsePoll ip of printserver :631

In newer versions of cups the directive must be placed in cups-browsed.conf. The directive itself remains the same.

Do not forget to start both servers in order to get the new directives working. On the client machine the remote printers should be available in the webinterface as newly added printers ready for jobs.

In newer versions do not forget to restart the cups-browsed service also.

pyload reverse proxy config

Here is a config for apache to enable reverse proxy access to a pyload webinterface I found on the net:

ServerSignature off
RedirectMatch ^/(.*)$ https://pyload…/$1

Options FollowSymLinks
AllowOverride None

ErrorLog /var/log/apache/pyload_error.log
LogLevel emerg
CustomLog /var/log/apache/pyload_error.log combined

Tine 2.0 Setup

To enable SMTP and IMAP support in Tine 2.0 the following points must be followed:

enable system account in the setup (Systemkonto verwenden)
the login name and password must be identical in Tine as well as on the email server

The setup of Tine 2.0 itself is straight forward and following the general installation guide.

OTP – One Time Passwords

After the installation of anyterm on my sheeva I am now working on the integration of One Time Passwords to enable fullaccess to my network even from a compromised workstation in an internet cafe.

I decided to go with OPIE – One-time Passwords In Everything which is using the S/KEY system (http://www.inner.net/opie). The installation is as easy as:

aptitude install opie-server opie-client

after that the pam module for SSH must be adjusted:

/etc/pam.d/sshd

auth sufficient pam_unix.so
auth sufficient pam_opie.so
auth required pam_deny.so

must be in whereas:

@include common-auth

must be out.

Initialisation is done via:

opiepasswd -c

which gives you back the first password and seed. You need to give a passphrase for the actual account before the command completes.

With the command opiekey the sequence number and the passphrase you can also get the apropriate password or with the option -n <number> a list of usable
passwords for printing.

NVidiaGraphicsDriver under Debian

I recently installed the stock nvidia graphics driver on my debian lenny machine by using the nvidia original driver from their support page. Just installing the kernel sources and the driver shell script and executing it lead me to a running nvidia dual head system.
http://wiki.debian.org/NvidiaGraphicsDrivers

pflog0

To view the log file:

# tcpdump -n -e -ttt -r /var/log/pflog

Note that using tcpdump(8) to watch the pflog file does not give a real-time display. A real-time display of logged packets is achieved by using the pflog0 interface:

# tcpdump -n -e -ttt -i pflog0

pfctl

     # pfctl -f /etc/pf.conf     Load the pf.conf file
     # pfctl -nf /etc/pf.conf    Parse the file, but don't load it
     # pfctl -Nf /etc/pf.conf    Load only the NAT rules from the file
     # pfctl -Rf /etc/pf.conf    Load only the filter rules from the file

     # pfctl -sn                 Show the current NAT rules
     # pfctl -sr                 Show the current filter rules
     # pfctl -ss                 Show the current state table
     # pfctl -si                 Show filter stats and counters
     # pfctl -sa                 Show EVERYTHING it can show