Best of Technical Support
I installed Red Hat Linux 5.0 on my system which has a Cirrus Logic VGA card. I installed the X Window System and am running it with success. In my office, most of the systems have SIS 6215 VGA cards, and Linux 5.0 does not support this. I downloaded SIS drivers from Red Hat's site. I am using the PC-quest Red Hat Linux 5.0 CD which does not have SIS drivers. How do I insert the SIS drivers during installation, since I am installing from CD? Please clarify my doubts on how third-party drivers should be installed without CD during installation. —Munnangi Reddy, firstname.lastname@example.org
You can't. However, the installation doesn't use graphics, so you can install the system anyway. After installing, you can upgrade your X packages by installing the new RPM file using
rpm -i package
—Alessandro Rubini, email@example.com
If you want to use new XFree86-supported cards, you should upgrade both the XFree86 server (XFree86-SVGA...) and the Xconfigurator utility, which is used in order to generate an XF86Config file. All these packages are available from the Red Hat FTP server. —Pierre Ficheux, firstname.lastname@example.org
I am using Red Hat version 6.0. I have PPP configured and working for dial-out to my ISP. It uses a dynamic IP address assigned by the server. I also wish to allow dial-in on the same system to allow for administration and tech support. The documentation states that you put the IP address you wish to assign to the port for dial-in users in the /etc/ppp/options.ttySx file. However, as long as I put an IP number in the file which corresponds with the dial-out port, my PPP dial-out fails. I know it is possible to support both dial-in and dynamic dial-out on the same port. The PPP HOWTOs state that it can be done. What do I have to do to get it to work?
Note: the options.ttySx file has only the single entry. All other options are in the options file. —Gerry George, email@example.com
Actually, you would do this only if you have multiple serial ports and modems and you want to assign IP addresses dynamically to your users. If you have only one modem, you can simply assign the IP on the PPP command line. You could create a PPP user in /etc/password which launches this script in lieu of a shell:
#!/bin/sh IFS=" " export IFS /usr/bin/mesg n stty -tostop -echo exec /usr/sbin/pppd modem crtscts proxyarp -d\ -detach moremagic:ppp-guest
—Marc Merlin, firstname.lastname@example.org
We have several labs of Linux boxes available for student use at the University of Arizona Physics Dept., as well as a couple of older SPARCs which we are bringing somewhat up to date with the latest Linux releases. We have some security concerns about LILO and SILO. Several of these machines' consoles are openly available to the students, and we have been worried about the students forcing a reboot and bringing up Linux in single-user mode, gaining total access to the system. Admittedly, not much damage can be done from most of the machines, as most simply map their drives to the user directory of a more secure machine, but it's still a concern.
We've added the “password=/password/” and “restricted” lines to the respective /etc/lilo.conf and /etc/silo.conf files on each machine (and naturally added password protection to the BIOS to not allow booting from floppy); however, both lilo.conf and silo.conf are still readable to the average user. We want to retain the single-user mode availability for the lab crew and keep items contained in these config files, such as the image locations, available to those lab crew members without the security to modify the files. Is there a way to do this and yet prevent anyone from reading the password lines in lilo.conf/silo.conf? Should we forego using LILO/SILO altogether and use something else? —Sam Hart, email@example.com
Using another boot loader would be a good idea, but there's an alternative. The LILO configuration file is used ONLY when you actually run the LILO command. It's not required at boot time. Thus, you could put the file onto a floppy that only your lab crew has access to. They can mount it when necessary and use the -C option to specify its location when updating a kernel or changing a boot option. —Chad Robinson, firstname.lastname@example.org
I would get the source code from SILO and LILO and hard-code the password in there (make sure, then, that the binary is a 700, so that a user cannot run strings on them). —Marc Merlin, email@example.com
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- May 2016 Issue of Linux Journal
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide