Debian web server question

[Varun]

I have an old computer that I want to set up as a simple web server. It is a K6-2 500 with 192MB RAM.

I've run slackware on it before but I find slackware pretty hard to do anything in, although you do have complete control over the OS. Can anyone recommend a better OS for such an old computer that is a bit more user friendly?

Obviously I'll be running Apache on it, and not much else.

I don't have an extra monitor in my house for it, and even if I did I would rather just tuck away the case in the basement and not worry about it. Is there any software to allow me to console into the server to administrate it, like say Remote Desktop in XP?

Thanks!

 

[n0cmonkey]

Debian.

Use OpenSSH to control it. There isn't anything better.

 

[Varun]

Thanks!

I'll download and burn it right away.

 

[delroy]

i agree with n0cmonkey, Debian with OpenSSH really works well.

 

[KoolDrew]

Originally posted by: delroy
i agree with n0cmonkey, Debian with OpenSSH really works well.

 

[Varun]

This is an OLD bump.

I finnaly got my webserver running yesterday. I'm still having a hard time with Linux but I'm sure it will come around.

As I stated in the original post, I want to have this as a headless computer, and connect to it over my home network to control it. I was going to try OpenSSH as was suggested, however I don't see a Windows client.

Maybe I don't understand the basis of the program. The computer I want to console into the webserver is an XP box. Do I need a client on the Windows box to connect to the Linux box, or is it purely HTTP?

Also, can someone give me a quick new user guide in steps to set up the Debian box with ssh? ssh is installed already - at least when I type apt-get install ssh it tells me the newest version is already installed.

Thanks so much. Hopefully with some help I'll start to understand the commands and basis of Linux so I can work with it a bit easier.

 

[Varun]

bump

 

[drag]

Well ssh is it's own protocol seperate from http. It's sole purpose is to provide a secure and encrypted way to access a shell on a unix box.

It's a secure replacement for telnet and rsh.

It's flexible beyond that though, it can tunnel other protocols for VPNs, and can be used for uploading or downloading files securely. However it's primary purpose is just so you can log into a remote shell (aka command line) safely.

A nice windows client for ssh is called putty.exe and is aviable at:
http://www.chiark.greenend.org.uk/~sgtatham/putty/

There are also a couple other usefull utilities from their.

If your not at home and can't install stuff on your computer there are also java applet based ssh clients that can be used over a webbrowser like mindterm, but putty.exe is by far superior.

 

[Varun]

wow that was easier than I thought, thanks for the link drag. I guess ssh was already running, as I was able to connect to it with no problems.

 

[sourceninja]

You can also use filezilla to do sftp to upload files over ssh.

 

[nweaver]

depending on your setup...

I always change the default port for SSH to something else. Either leave it at 22, and do port translation at the router, or change it and do port forwarding at the router. There are/(were?) lots of ssh script kiddies hammering my boxes before I changed.

 

[bersl2]

Originally posted by: nweaver
depending on your setup...

I always change the default port for SSH to something else. Either leave it at 22, and do port translation at the router, or change it and do port forwarding at the router. There are/(were?) lots of ssh script kiddies hammering my boxes before I changed.

-m recent and -j TARPIT ftw. Well, almost. The iptables chain I use doesn't quite distinguish successful connections from failed attempts.

 

[drag]

It doesn't realy matter a whole lot what port you use. Unless you just want to use a different port so that your logs don't get messy.

The main part is to use strong passwords.

There is a nice little program called pwgen. What it does is to generate psuedo-random passwords that are designed to be more or less easily mesmorizable. There was a study or something like that done a while ago on what makes rememberable passwords. It's kinda interesting.

But to get it in Debian go:
apt-get install pwgen

To run it go:
pwgen

But i don't think those paswords are paticularly secure.. I like to use some options like
pwgen -cy1 12 12

and out of the twelve results pick one or two good ones.

It's kinda interesting.. try pwgen with the 'secure' option for realy random passwords, then you'll see why it's usefull for trying to get usable passwords...

pwgen -1s 12 12

 

[nweaver]

I use strong passwords (meaning 8+ digits, letters and numbers, uppercase and lowercase). I also don't allow root access. The I just hated seeing all those attempts in my logs. Now, instead I see them hit port 22, and my firewall drops and logs it. I had several thousand attempts in a week before moving. Now I have had 0 attempts in 9 months.

 

[bersl2]

It also helps that they don't know what usernames to hit up, other than the usual system ones that you shouldn't be able to log into anyway, and the common ones like first names. What good is the password if you don't know the username?---and of course, they don't know the password either. Search space squared.

 

[Varun]

Originally posted by: nweaver
depending on your setup...

I always change the default port for SSH to something else. Either leave it at 22, and do port translation at the router, or change it and do port forwarding at the router. There are/(were?) lots of ssh script kiddies hammering my boxes before I changed.

I understand why you would want to change the port number. In my case however, the computer that I will use to console into the debian box is on my home network. There are no ports forwarded from outside my router other than my Remote Desktop (with a good password), port 80 for the webserver, and another port for my Teamspeak server.