ssh installation, yast-gtk bug and iptables


The last few weeks have been particularly busy and distracting but I’m getting back on track now with testing and reporting. OpenSuSE is certainly powerful but as always, there is some room to improve. Especially from the perspective of a support person. Because of this, I have quite a lot to write about today.

About a month ago, I submitted a yast-gtk bug that described an issue that affected people who had accessibility support enabled and the Orca screen reader running while using Yast in Gnome. For some reason, yast modules were not loading and instead were reporting errors. Unfortunately, I have not had much time to follow up on this but it’s one of my priorities going forward for the next month. The bug number for anyone interested is: 346987.

For the past two weeks I have been working on a number of other projects all related to setting up a server for mail, ftp, http, imap, the squid proxy, routing via iptables and dhcp. All this is based on an OpenSuSE 10.3 installation. Aside from one remaining problem with iptables all is going very smoothly.

Iptables is currently routing all connections on port 80 passing through this server to port 3128 to allow squid to validate and cache them. Unfortunately, in the process of creating these rules, the machine is no longer excepting external connections to this machine via port 80. This should be resolved soon however it has involved a lot of research into iptables and due to obscure arguments passed on the command using! And other characters, bash history and scripting is also something that I’m learning a lot more about.

Finally, as I may have mentioned in a previous post, it is currently impossible for someone who is blind to independently install OpenSuSE unless they have a current Braille display. This is not entirely true if you have another computer connected via a network. Passing the simple command ssh=1 to the installation will start the text mode install and ask you a few straight forward questions.
1) What password do you want to use.
Simply type your password and press enter to move to the next screen.
2) What interface do you want to use.
Press enter to choose the default.
3) Do you want to use dhcp?
Press tab then enter to choose yes. Of course, you will need to know the IP address that you’re DHCP assigns to your computer. Usually, I just use ifconfig before the installation or look at the dhcp table on my router to see what IP address the machine has been reserved. Of course, this will depend on if your DHCP server has a reasonably long lease time but the majority does so it’s rarely anything to worry about.

After pressing enter you will be left at a prompt instructing you to log into the machine via ssh and run the yast2 command when ready.

The only minor aspect to watch out for is after the first part of the install, you will be asked to reboot. Before this reboot is run, a message will be displayed on your screen that will tell you to reconnect via ssh and run yast2 again to continue the installation. The first time I ran through this installation, I did not pay this message enough attention and was therefore stuck after the machine rebooted.

Note: when you reboot, the password you choose for log in will work here when you connect again to continue the install.

(Visited 1 times, 1 visits today)


  • doheiligh says:

    It’s funny but with Linux, you really do need to study the man pages first before you even start to use a command or implement a change. Not doing so will usually cause more problems than it’s worth and actually take more time to finish. That is why my Iptables rules did not work. 8 Rules that directed traffic to the server were replaced by one when I studdied the man page and a lot of online resources and came up with one rule that took care of everything. The result is that everything now works as expected and traffic passes thorugh the server faster because the firewall has less work to do. It should also reduce the worklode of the server as well. Next task is to reduce the work that the DHCP server is doing by optomizing it’s configuration. The first step will be to extend the address leace time so it doesn’t do so many refreshes. I also need to start to divide logs going to /var/log/messages into different sections: warnings, errors and major problems.

  • Leave a Reply

    Your email address will not be published. Required fields are marked *