Log inUsernamePassword
Log me on automatically each visit    
Register
Register
Log in to check your private messages
Log in to check your private messages
SMS Forum Index » Tips, Tricks & Tutorials

Post new topic   This topic is locked: you cannot edit posts or make replies.
Securing and optimizing your SMS Server (CLI)
View previous topic :: View next topic  
Author Message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1727
Location: Greece

PostPosted: Mon Nov 12, 2012 4:51 pm    Post subject: Securing and optimizing your SMS Server (CLI) Reply with quote

SMS has a CLI wizard through smsconfig script to secure and optimize your SMS server.
The wizard intended for clean installations of SMS with default passwords, although some part or all might work in older installations.

1. To start the wizard issue from a terminal "smsconfig secure"

Code:
root@sms:~# smsconfig secure

+----------------------------------------------------+
|     SMS - Securing and Optimizing your Server      |
+----------------------------------------------------+
| This script will help you to change all default    |
| passwords for all default users and services.      |
| Press any key to continue or (Ctrl+C) to exit.     |
+----------------------------------------------------+



2. Next step the script ask you to change the password for user "administrator"

Code:
Changing password for administrator
Enter the new password (minimum of 5 characters)
Please use a combination of upper and lower case letters and numbers.
New password:


3. Next you will be asked to disable shell access to users (that is intended for old installations too).

Code:
+-------------------------------+
| Manage users login:           |
+-------------------------------+
spamduser
vmail
dovecot
administrator
Do you want to disable shell access to those users? (y/n):


4. The next screen ask you, how to treat default ftp accounts "ftpuser" and "webftp".

Code:
+-------------------------------+
| Manage ftp users:             |
+-------------------------------+
(Y)Change passwords (D)Delete all ftp users (S)Skip


5. If openldap is running, the wizard prompt you to change passwords for openldap root and uid=administrator


Code:
+-------------------------------+
| Manage OpenLDAP users:        |
+-------------------------------+
Enter new password for OpenLDAP's root:
Enter new password for uid=Administrator,ou=virtualusers,o=virtualmail,dc=sms,dc=org:


6. If MySQL is running the wizard ask you to manage MySQL users. The script search config files of weberp and sqlgey and if default passwords found, it will prompt you to change those too.

Code:
+-------------------------------+
| Manage MySQL users:           |
+-------------------------------+
Enter new password for MySQL's root:
Choose password for database sqlgrey:
Choose password for database weberp:



7. Next the wizard prompt you to change default Webmin admin password.

Code:
+-------------------------------+
| Manage Webmin login:          |
+-------------------------------+
Choose password for admin user:


8. Next screen you have to choose what to do, with web apps weberp and torrentflux.

Code:
+-------------------------------+
| Manage Web apps:              |
+-------------------------------+
Are you going to use Torrentflux? (y/n)
n
Are you going to use webERP? (y/n)
n


9. Next you have to manage samba network access, by default script search your subnet and apply it as default.

Code:
+-------------------------------+
| Manage Samba network access:  |
+-------------------------------+
Do you want to limit samba access to your network only [192.168.1.]? (y/n)


This is it, "smsconfig secure" is much simpler than sms_secure.kmdr GUI, but since you are already using a terminal, you might not need that anyway.
To disable services you can use smsconfig.

Code:
+----------------------------------------------------+
|            Configuration completed                 |
+----------------------------------------------------+



gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    SMS Forum Index » Tips, Tricks & Tutorials All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional