All posts tagged Linux

NTP Installation & Configuration


What is NTP?

The Network Time Protocol (NTP) is used to synchronize a servers time with another reference time source. It will keep all your servers in same time. In linux you can use NTP or OpenNTPD server software. Both packages provide client and server application programs for time synchronization.

How to Install NTP

By using yum we can easily install the ntp package on linux machinie.

# yum install ntp

Steps to configure NTP Client

Here we are going to use the public ntp address (pool.ntp.org).

Step 1: Open the ntp.conf file under /etc directory and make sure the following line exists,

server ntp.server.com

Where,
• ntp.server.com : the hostname or IP address of the site NTP server.

Sometimes we have configured the ntp with LAN, For example, if you configure the ntp server at 192.168.1.5 then enter server 192.168.1.5. So that your client will communicate with 192.168.1.5 server for synchronization.

But in our example, we are using public ntp server “pool.ntp.org” right, so comment all the servers in /etc/ntp.conf and add our public ntp server address

server pool.ntp.org

Step 2: Schedule cron for time synchronize

30 * * * * /usr/sbin/ntpdate -u pool.ntp.org

The above command instructs crond to run ntpdate command to update the linux server time for every 30 minutes.

Step 3: Configure NTP at system boot

#chkconfig ntpd on

Steps to start, stop and restart NTP after booting.

#service ntpd start
#service ntpd stop
#service ntpd restart

Step 4: Testing NTP

After configuring and starting NTP, you should test it to make sure it is working. Here are some guidelines you can follow to get NTP working correctly.

Verifying NTP is Running

To test whether the NTP process is running use the command

# pgrep ntpd

You should get a response of plain old process ID numbers.

Troubleshooting

Doing an Initial Synchronization:

If the time on the local server is very different from that of its primary time server your NTP daemon will eventually terminate itself leaving an error message in the /var/log/messages file. You should run the ntpdate -u command to force your server to become instantly synchronized with its NTP servers before starting the NTP daemon for the first time.

# service ntpd stop
# ntpdate -u pool.ntp.org
# service ntpd start

The date is now corrected.
# date
Wed Jun 13 08:38:28 BST 2012

Determining if NTP is synchronized properly

Use the ntpq command to see the servers with which you are synchronized. It provided you with a list of configured time servers and the delay, offset and jitter that your server is experiencing with them. For correct synchronization, the delay and offset values should be non-zero and the jitter value should be under 100.

# ntpq -p

Leave a comment
by sysadmin on June 10, 2014  •  Permalink
Posted in CentOS/Fedora/Redhat
Tagged

Posted by sysadmin on June 10, 2014

https://linuxgurublog.wordpress.com/2014/06/10/ntp-installation-configuration/

Cups Web Interface Configuration


Create certificates first because operation site for Cups is required SSL connection.[root@node1 ~]# cd /etc/pki/tls/certs

[root@node1 certs]# make server.key
umask 77 ; \
/usr/bin/openssl genrsa -des3 1024 > server.key

Generating RSA private key, 1024 bit long modulus
………………………………………………++++++
………….++++++
e is 61251 (0x10001)
Enter pass phrase: # set passphrase
Verifying – Enter pass phrase: # verify

[root@node1 certs]# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: # input passphrase
writing RSA key

[root@node1 certs]# make server.csr
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]: IN # country
State or Province Name (full name) [Berkshire]: TN # state
Locality Name (eg, city) [Newbury]: Chennai # city
Organization Name (eg, company) [My Company Ltd]: Server Linux # company
Organizational Unit Name (eg, section) []:IT Solution # department
Common Name (eg, your server’s hostname) []: node1 # server’s FQDN
Email Address []: root@node1 # email address
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: # Enter
An optional company name []: # Enter

[root@node1 certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=IN/ST=TN/L=Chennai/O=Server Linux/OU=IT Solution/CN=www.node1/emailAddress=root@node1 Getting Private key

[root@node1 certs]# chmod 400 server.*

[root@node1 ~]# vi /etc/cups/cupsd.conf
Listen 631
<Location />
Order allow,deny
Allow localhost
Allow all
</Location>
<Location /admin>
Encryption Required
Order allow,deny
Allow localhost
Allow all
</Location>
<Location /admin/conf>
AuthType Basic
Require user @SYSTEM
Order allow,deny
Allow all
</Location>

# add at the bottom: specify certificates

ServerCertificate /etc/pki/tls/certs/server.crt
ServerKey /etc/pki/tls/certs/server.key

[root@node1 ~]# /etc/rc.d/init.d/cups restart

Leave a comment
by sysadmin on June 6, 2014  •  Permalink
Posted in CentOS/Fedora/Redhat
Tagged , ,

Posted by sysadmin on June 6, 2014

https://linuxgurublog.wordpress.com/2014/06/06/cups-web-interface-configuration/

Newer Posts »