Linux in the Classroom: an Experience with Linux and Open-Source Software in an Educational Environment
The MATC main campus is in Orem, Utah, and we have a secondary campus in American Fork, Utah, approximately 10 miles away, that is connected to the main campus by a T1 line. We also have a lab in Park City, Utah, approximately 50 miles away, that we share through a partnership with the Park City School District.
During the 2003–2004 school year, the IT classroom at the American Fork campus was configured with a system running a Linux-based firewall and a separate server based on Fedora Core 2. That server hosted Linux distribution ISO images, pre-made VMware and VirtualPC images and files related to the courses the students were taking. It also provided some storage space for the students' work. The workstations ran Windows XP Pro, and all students logged in using a single user name and password local to the workstation.
Recently, during the 2004–2005 school year, the American Fork server has been upgraded to Fedora Core 3 with the latest versions of Samba, OpenLDAP and other software. The server now provides DNS and DHCP services, stores the home directories for the students that attend IT classes at that site and acts as the backup domain controller for the Windows clients in that lab. All course-related data is synchronized daily from the main server at our Orem campus using rsync. The firewall provides filtering and NAT masquerading and handles all of the Internet traffic for the workstations in that lab. Linux clients mount the home directories stored on the server using NFS. The main IT department server in Orem provides user authentication for all users.
All LDAP requests, generated either by the Linux clients or the Samba server on behalf of the Windows clients, are tunneled through OpenSSL to provide security. Although funneling all authentications back to our main campus is not an ideal solution, it has turned out to be surprisingly trouble free and highly reliable. We had to resort to this method because our attempts to use slapd to synchronize the LDAP servers between the Orem campus and American Fork campus often were interrupted due to circumstances beyond our control, such as high traffic volume and line unreliability. I must interject that we only provide computer services for our department and not the entire school. The result of these interruptions was the LDAP directory being out of sync between these servers.
The shared lab in Park City is located in the Park City Learning Center. As a member of the Park City School District (PCSD) network, the PCs and network are locked down tightly and administered by the highly competent PCSD IT staff. In discussions with the school district IT staff, we reviewed some issues with security that had impacted our ability to teach IT courses during the 2003–2004 school year. We jointly decided on a plan to include a Linux-based server that would provide Network Address Translation (NAT), DHCP and routing, along with hosting Linux distribution ISO images, pre-made VMware images and files related to the courses the students were enrolled in, plus some storage space for our students. Seventeen lab PCs were imaged to dual boot into Windows XP or Fedora Core 2. The PCSD IT staff, with the excellent help of Harold Hanson, provided a VLAN that isolated the Linux server, yet allowed us to change connections quickly so that Windows XP users still could authenticate into the PCSD Novell network. This enables us to provide authentication and other services for our students while they are in the lab, while not interfering with the PCSD IT staff's ability to maintain the network for their students.
The setup in the Park City lab is similar to that in the American Fork lab. The lab server provides file, print, name and address services as well as a mirror of the software and patch updates for the Linux clients. The main server at our Orem campus, using SSL to secure the transmissions, still provides all user authentications. Refer to Figure 2 to see our infrastructure template for remote campuses.
We have, over the past few years, developed a system based around Linux and open-source software that allows us to provide computing services for our students to enhance their learning experience in a manner that is both easy to maintain and simple to extend and replicate. It also has been quite inexpensive to implement, maintain and update. For those in the educational realm, cost is extremely important given the limited financial resources available to most secondary and post-secondary institutions. There is no doubt that more and more schools and businesses will move in a direction similar to ours as Linux and open-source software becomes more recognized and usable. This is one of the primary reasons that we are working so hard to provide Linux and open-source software training. All of our Linux courses have been influenced by our own experiences and include instruction in most if not all of the techniques that we have developed and refined.
Our journey with Linux and open-source software is far from over. We continue to refine and explore new areas to better meet our current and future needs. Things we are working on and plan for the future include:
Testing new groupware solutions, such as eGroupWare and OpenGroupWare.
Testing Windows applications integration with Linux, using products such as CodeWeavers CrossOver Office.
Testing and implementing new Linux distributions, such as Fedora Core 3 and future versions of Fedora.
Increasing use of OpenLDAP as a central user and service information database.
Using new features of OpenLDAP, including LDAP sync replication.
Perfecting software updates from our mirrored apt repositories.
Implementing other centralized administration and management techniques.
Creating, revising and deploying hardware and software templates for labs and remote campus sites.
Joseph Ruffolo (email@example.com) is a faculty member of Mountainland Applied Technology College. He has an IT career spanning 23 years, with expertise in software development, project management and system/software architecture. He currently teaches A+, networking and Linux courses. When he is not working, his hobbies include woodworking, rescuing neglected or abused animals and playing World of Warcraft.
Ron Terry (firstname.lastname@example.org) currently is serving as the Department Chair of the Information Technology Department of Mountainland Applied Technology College in Orem, Utah, where he also teaches Microsoft, Linux and networking courses. When not teaching, Ron runs a consulting business that specializes in implementing and supporting Linux. He also travels to provide Linux training to businesses and other organizations. When he is not working with computers, as seldom as that may be according to his wife, his hobbies include camping, woodworking and music.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide