The e-smith server and gateway
I tried to use the gateway but to no avail. As it turns out, PCMCIA devices are not supported (at least as part of the installation), something that I failed to notice in the documentation. I could load the PCMCIA package and try to configure it manually. Instead, I decided the best approach would be to do this again with the type of hardware it was intended to support. So, I called a friend at a company I work with on a regular basis and asked if he had a spare server. He did (thanks, Frank).
This time, my test system was a SCSI desktop system with an external modem. The boot was automatic and did not require the diskette. The installation was going very smoothly until I got to the Ethernet card selection. Once again, my card, a Linksys LNE100TX, was not selected although it used a standard Red Hat tulip driver. No problem, I decided that I would not let that slow me down. After all, I could manually add the card later. I finished the configuration and rebooted. In my second experience, I was rather pleased with how well things had worked and how fast.
Here's a quick tip. If you want to get to the command line, log in as "root" and not "admin". After editing my /etc/modules.conf file to load the tulip driver, I discovered the supplied driver is out of date for the card I had purchased. An internet connection would be nice at this point and, as it turned out, I realized that my e-smith gateway was working just fine with the dial-up connection. No trouble there. In fact, it was downright slick. I used the lynx browser to access the Linksys web site in order to get the latest driver.
The excitement was building. I was almost there. I unpacked the source, ran the install script and discovered that I had no C compiler. Tech support informed me that they do not install the compiler for security reasons, and I could accept that, but it wasn't even on the disk. Finally I gave up, found an old ISA card, plugged it in and was able to get the gateway up and running perfectly with one last boot.
In some ways, having problems while doing a review is not such a bad thing. You get to call tech support which gives you a feel for how quickly your questions and concerns will be answered. I am happy to report that not only did I not have to wait in a queue, but the person I spoke with was knowledgeable, helpful and open to the suggestions I made regarding the whole installation process. Consequently, by the time you read this, the problems I experienced may well have been solved.
I've spent a lot of time talking about the installation because I wanted to convey the type of thing that can throw off a turnkey installation like e-smith. Now that the system was up and running, it was time to experience it from the customer's point of view.
As I mentioned, the modem dialer (which uses diald) worked flawlessly. I had some nice tests planned out for this phase of the operation, with my notebook already configured to take advantage of my e-smith gateway. The default installation makes access to the Internet easy with all the appropriate IP masquerading rules already in effect.
Security is a serious issue with e-smith and perhaps its greatest strength. The server does not boot up with a dozen services running and a dozen potential places for a cracker to get in. Even SSH isn't activated by default. This is a very secure system that nonetheless provides a number of services for its internal users. One of the many things that e-smith's browser-based administration interface does is allow you to modify (see Figure 1). This interface is one of e-smith's strengths. With it, a non-technical administrator can oversee an installation and attend to their users' needs.
Through the web interface, you can also set up e-mail using either individual accounts or a multidrop system using fetchmail. Easy to configure, it worked flawlessly on my test (see figure 2). If you want to create and deploy your own web site, there's a menu option for that as well. e-smith's dialog will take you through the configuration for a "starter" web (figure 3). For performance, e-smith even comes with a Squid proxy pre-installed and ready to go.
Did I mention secure services? Besides SSH for secure remote access, e-smith includes a secure Apache web server and secure web-based e-mail as well. Sticking with e-mail for a moment, e-smith also provides a network directory with LDAP.
To round out this package, e-smith provides workgroup and intranet tools with "i-bays", information sharing sites, document repositories, file services that can be configured for local, remote, shared or private access (see Figu>e 4). Once again, easy to set up and use. When you configure a user through the interface, each one magically gets their own file services area. I won't spoil your adventure of discovery, but I will tell you that these "i-bays" also provide ready access to the web site, making it easy to do web design with your favorite HTML editor.
The one qualm I have about the web interface is a minor one. The bright orange "e-smith" banner on each page takes up an awful lot of real estate on the screen. It could be trimmed without affecting the functionality.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
|diff -u: What's New in Kernel Development||Aug 20, 2014|
|Security Hardening with Ansible||Aug 18, 2014|
|Monitoring Android Traffic with Wireshark||Aug 14, 2014|
|IndieBox: for Gamers Who Miss Boxes!||Aug 13, 2014|
|Non-Linux FOSS: a Virtualized Cisco Infrastructure?||Aug 11, 2014|
|Linux Security Threats on the Rise||Aug 08, 2014|
- diff -u: What's New in Kernel Development
- Security Hardening with Ansible
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- Tech Tip: Really Simple HTTP Server with Python
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- New Products
- Monitoring Android Traffic with Wireshark
- Returning Values from Bash Functions
- RSS Feeds
- Raspberry Pi: the Perfect Home Server