Month: February 2021

How to setup ftp server on CentOS 7?

  • To setup ftp server on CentOS 7, perform following steps:
  • Install vsftpd package with yum -y install vsftpd
  • Edit the range of ports that is to be used by ftp service in /etc/vsftpd/vsftpd.conf

pasv_min_port=3000
pasv_max_port=3500

  • Use systemctl command to enable vsftpd at boot time:

systemctl enable vsftpd.service
systemctl start vsftpd.service

  • Open ftp port in firewall with:

firewall-cmd --add-port=21/tcp --add-port=3000-3500/tcp --permanent
systemctl restart firewalld.service

  • To set selinux which will allow regular uer to get and put files to server:

setenforce 1
setsebool -P ftpd_full_access 1

Performance testing and benchmarking tools for Linux

Disclaimer: Links given on this page to external websites are provided for convenience only. SeiMaxim has not checked the following external links and is not responsible for their content or link availability. The inclusion of any link on this page to an external website does not imply endorsement by SeiMaxim of the website or their entities, products, or services. You must agree that SeiMaxim is not responsible or liable for any loss or expenses that may result due to your use of the external site or external content.

The following Linux benchmarking and performance tools are available from external sources:

  • Unixbench
  • sysbench
  • tiobench
  • ttcp
  • sockperf
  • siege
  • nuttcp
  • seeker
  • nfsometer
  • kcbench
  • lmbench
  • netpipe
  • netperf
  • iperf3
  • iozone
  • httperf
  • fio
  • dnsperf
  • bonnie++
  • aio-stress
  • bandwidth
  • dbench
  • nuttcp

Configure sftp server with restricted chroot users with ssh keys without affecting normal user access

  • Login on the Linux server (sftp) as root and create a new user account with the following Shell commands:

useradd seimaxim-user
passwd seimaxim-user

  • On the client system copy the ssh keys to the server:

ssh-copy-id seimaxim-user@seimaxim-server

  • On the client system verify the ssh keys so that a password-less login can be made to the server:

ssh seimaxim-uer@seimaxim-server

  • Verify sftp connection is working passwordless from the client system to server:

sftp seimaxim-user@seimaxim-server

  • At this stage, seimaxim-user from client system can ssh and sftp with entering password and have access to all directories. Now make necessary changes to chroot seimaxim-user caged to a specific directory.
  • On Linux server create a new group to add chroot seimaxim-user with groupadd sftpuser
  • Make a directory for chrooot seimaxim-user with mkdir /files
  • Make a subdirectory for seimaxim-user that has to be chroot with mkdir /files/seimaxim-user
  • Create a home directory for seimaxim-user with mkdir /files/seimaxim-user/home
  • Add seimaxim-user to new group you added in previous steps which sftpuser in our case with usermod -aG sftpuser seimaxim-user
  • Modify permissions of home directory /files/seimaxim-user/home of seimaxim-user with chown seimaxim-user:ftpuser /files/seimaxim-user/home
  • Open /etc/ssh/sshd_config in text editor like vi and add following code:

Subsystem sftp internal-sftp -d /home
Match Group sftpuser
ChrootDirectory /files/%u

  • Restart sshd service with systemctl restart sshd
  • Now try to connect via ssh and as user seimaxim-user from the client system to the server. You will not be able to connect via ssh but only through sftp. Also, try connecting with sftp which will be connected to the server without any issue. This solution will allow other users to connect through ssh to the server.

When connecting to VNC either screen is black or icons are shown but no menu or screen background

  • This issue occurs due to changes in the default service unit file. The changed file which is causing the error is given below;

[Service]
Type=forking
User=<USER>

# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=-/usr/bin/vncserver -kill %i
ExecStart=/usr/bin/vncserver %i
PIDFile=/home/<USER>/.vnc/%H%i.pid
ExecStop=-/usr/bin/vncserver -kill %i

  • The correct file is shown below;

[Service]
Type=forking

# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"
PIDFile=/home/<USER>/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

  • To resolve this error, apply the latest OS updates.

 

How to limit per user VNC sessions count?

You can use the following PERL script to limit VNC sessions per user.

  • Create a new file name vncserver and add the following content.

# Start the VNC Server
# Maximum sessions is limited to 2 per user in server.
&vnclimit();
}
}

sub vnclimit {
$countoutput = `ps -u $ENV{USER} | grep -i Xvnc | wc -l`;
if ($countoutput >= 1) {
print "Your vncsession is $ENV{USER} user. Maximum sessions is limited to 2 per user only!\n";
print "Execute 'vncserver -list' to list the current session\n\n";
print "Contact your server admin to increase the number of sessions.\n";
exit;
}
}

  • After creating the file, run it as vncserver on the command line.

How to configure virtual network computing [vncserver] in Linux CentOS Server 7 and 8?

  • In Linux CentOS 7 and 8 install tigervnc-server using yum with yum install tigervnc-server tigervnc
  • Install X Window System on CentOS 8 with yum group install GNOME base-x or yum groupinstall "Server with GUI".  On CentOS 7 install X Window System with yum groupinstall gnome-desktop x11 fonts or yum groupinstall "Server with GUI"
  • Set the Linux server to boot directly into the graphical user interface systemctl start graphical.target
  • After installing X Window System configure the VNC service by creating a VNC user account with useradd <yourusername> and set a password with passwd <yourusername>
  • Login to the server and create VNC password with vncpasswd
  • Create a VNC configuration file for the user <yourusername> with cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
  • Edit the /etc/systemd/system/vncserver@:1.service file and replace option “USER” with VNC user <yourusername>
  • Change 1 in /etc/systemd/system/vncserver@:1.service for every next VNC user. You should create one file for each user instance.
  • To change color depth, resolution, and other remote desktop options, add required values in ExecStart= as ExecStart=/sbin/runuser -l testuser1 -c "/usr/bin/vncserver %i -geometry 1024x768 -depth 24"
  • You must open VNC port in firewall with firewall-cmd --permanent --zone=public --add-port 5901/tcp and then reload firewall with firewall-cmd reload
  • Reload configuration with sytemctl daemon-reload
  • Enable the VNC service and make sure it starts at your next boot with systemctl enable vncserver@:1.service and systemctl start vncserver@:1.service
  • To configure the desktop environment for VNC on the server look xstartup file in ~/.vnc/xstartup. Following is on Gnome desktop;For KDE, xstartup is

# cat ~/.vnc/xstartup

#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
vncconfig -iconic &
dbus-launch --exit-with-session gnome-session &

  • For KDE, xstartup is;

# cat ~/.vnc/xstartup

#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#vncconfig -iconic &
#dbus-launch --exit-with-session gnome-session &
startkde &

  • The last step is to install vncviewer on your local PC and adding IP address::port number of the remote server with vncviewer vncserver-ipaddress::59XX or vncviewer vncserver-ipaddress::5901
  • Note that 1 in 5901 will have to be changed for each instance of vncserver as in vncserver@:1.service
  • For any queries, chat with us or leave a comment. We will be happy to help to troubleshoot your server.