/[ddp]/manuals/trunk/quick-reference/asciidoc/06_netapp.txt
ViewVC logotype

Contents of /manuals/trunk/quick-reference/asciidoc/06_netapp.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 6914 - (show annotations) (download)
Tue Sep 1 15:09:08 2009 UTC (3 years, 8 months ago) by osamu
File MIME type: text/plain
File size: 58128 byte(s) 
updated Japanese URLs

I also adjusted English URL for internationalization.
Updated README.source and urls-check target
1 == Network applications
2
3 // vim: set sts=2 expandtab:
4 // Use ":set nowrap" to edit table
5
6 After establishing network connectivity (see <<_network_setup>>), you can run various network applications.
7
8 === Web browsers
9
10 There are many http://en.wikipedia.org/wiki/Web_Browsers[web browser] packages to access remote contents with http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol[Hypertext Transfer Protocol] (HTTP).
11
12 .List of web browsers
13 [grid="all"]
14 `------------------`-------------`------------`--------`---------------------------------------------------------------------------------
15 package popcon size type description of web browser
16 -----------------------------------------------------------------------------------------------------------------------------------------
17 `iceweasel` @-@popcon1@-@ @-@psize1@-@ X http://en.wikipedia.org/wiki/Mozilla_Corporation_software_rebranded_by_the_Debian_project[unbranded] http://en.wikipedia.org/wiki/Mozilla_Firefox[Mozilla Firefox]
18 `iceape-browser` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/Mozilla_Corporation_software_rebranded_by_the_Debian_project[unbranded] http://en.wikipedia.org/wiki/Mozilla[Mozilla], removed due to security concerns http://bugs.debian.org/505565[bug#505565]
19 `epiphany-browser` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/GNOME[GNOME], http://en.wikipedia.org/wiki/Human_interface_guidelines[HIG] compliant, http://en.wikipedia.org/wiki/Epiphany_(browser)[Epiphany]
20 `galeon` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/GNOME[GNOME], http://en.wikipedia.org/wiki/Galeon[Galeon], superseded by http://en.wikipedia.org/wiki/Epiphany_(browser)[Epiphany]
21 `konqueror` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/KDE[KDE], http://en.wikipedia.org/wiki/Konqueror[Konqueror]
22 `w3m` @-@popcon1@-@ @-@psize1@-@ text http://en.wikipedia.org/wiki/W3m[w3m]
23 `lynx` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/Lynx_(web_browser)[Lynx]
24 `elinks` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/ELinks[ELinks]
25 `links` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/Links_(web_browser)[Links] (text only)
26 `links2` @-@popcon1@-@ @-@psize1@-@ graphics http://en.wikipedia.org/wiki/Links_(web_browser)[Links] (console graphics without X)
27 -----------------------------------------------------------------------------------------------------------------------------------------
28
29 // Although I tend to drop reference to removed packages, I keep mozilla as an exception !
30
31 ==== Browser configuration
32
33 You may be able to use following special URL strings for some browsers to confirm their settings.
34
35 - "`about:`"
36 - "`about:config`"
37 - "`about:plugins`"
38
39 Debian offers many free browser plugin packages in the main component which can handle not only http://en.wikipedia.org/wiki/Java_(software_platform)[Java (software platform)] and http://en.wikipedia.org/wiki/Adobe_Flash[Flash] but also http://en.wikipedia.org/wiki/MPEG-1[MPEG], http://en.wikipedia.org/wiki/MPEG-2[MPEG2], http://en.wikipedia.org/wiki/MPEG-4[MPEG4], http://en.wikipedia.org/wiki/DivX[DivX], http://en.wikipedia.org/wiki/Windows_Media_Video[Windows Media Video (.wmv)], http://en.wikipedia.org/wiki/QuickTime[QuickTime (.mov)], http://en.wikipedia.org/wiki/MP3[MP3 (.mp3)], http://en.wikipedia.org/wiki/Vorbis[Ogg/Vorbis] files, DVDs, VCDs, etc. Debian also offers helper programs to install non-free browser plugin packages as contrib or non-free components.
40
41 .List of browser plugin packages
42 [grid="all"]
43 `------------------------`-------------`------------`---------`---------------------------------------------------------------------------
44 package popcon size component description
45 ------------------------------------------------------------------------------------------------------------------------------------------
46 `icedtea-gcjwebplugin` @-@popcon1@-@ @-@psize1@-@ main Java plugin using Hotspot JIT
47 `sun-java6-plugin` @-@popcon1@-@ @-@psize1@-@ non-free Java plugin for Sun@@@sq@@@s Java SE 6 (i386 only)
48 `swfdec-mozilla` @-@popcon1@-@ @-@psize1@-@ main Flash plugin based on libswfdec
49 `mozilla-plugin-gnash` @-@popcon1@-@ @-@psize1@-@ main Flash plugin based on Gnash
50 `flashplugin-nonfree` @-@popcon1@-@ @-@psize1@-@ contrib Flash plugin helper to install Adobe Flash Player (i386, amd64 only)
51 `mozilla-bonobo` @-@popcon1@-@ @-@psize1@-@ main Mozilla plugin support for GNOME Bonobo components
52 `mozilla-plugin-vlc` @-@popcon1@-@ @-@psize1@-@ main Multimedia plugin based on http://en.wikipedia.org/wiki/VLC_media_player[VLC media player]
53 `totem-mozilla` @-@popcon1@-@ @-@psize1@-@ main Multimedia plugin based on http://en.wikipedia.org/wiki/Totem_(media_player)[GNOME@@@sq@@@s Totem media player]
54 `gecko-mediaplayer` @-@popcon1@-@ @-@psize1@-@ main Multimedia plugin based on (GNOME) http://en.wikipedia.org/wiki/MPlayer[MPlayer]
55 `nspluginwrapper` @-@popcon1@-@ @-@psize1@-@ contrib A wrapper to run i386 Netscape plugins on amd64 architecture
56 ------------------------------------------------------------------------------------------------------------------------------------------
57
58 // JAVA: FREE: 1.4 CONTRIB: 1.6 NONFREE >>1.6
59 // FLASH: YOUTUBE=YES, GOOGLE STREET VIEW: only NON=FREE
60 // GRAPHICS: in order of formats.
61
62 // RC buggy and about to be removed.
63 // || {{{libflash-mozplugin}}} || - || - || main || Flash plugin based on libflash ||
64 // removed
65 //|| {{{gcjwebplugin}}} || - || - || main || Java plugin using Free Java Virtual Machine ||
66 //|| {{{sun-java5-plugin}}} || - || - || non-free || Java plugin for Sun's Java SE 5.0 (i386 only) ||
67
68 TIP: Although use of above Debian packages are much easier, browser plugins can be still manually enabled by installing "\*.so" into plugin directories (e.g., "`/usr/lib/iceweasel/plugins/`") and restarting browsers.
69
70 Some web sites refuse to be connected based on the user-agent string of your browser. You can work around this situation by http://www.mozilla.org/unix/customizing.html#prefs[spoofing the user-agent string]. For example, you can do this by adding following line into user configuration files such as "`\~/.gnome2/epiphany/mozilla/epiphany/user.js`" or "`\~/.mozilla/firefox/\*.default/user.js`".
71
72 --------------------
73 user_pref{"general.useragent.override","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)"};
74 --------------------
75
76 Alternatively, you can add and reset this variable by typing "`about:config`" into URL and right clicking its display contents.
77
78 CAUTION: Spoofed user-agent string may cause https://bugzilla.mozilla.org/show_bug.cgi?id=83376[bad side effects with Java].
79
80 === The mail system
81
82 CAUTION: If you are to set up the mail server to exchange mail directly with the Internet, you should be better than reading this elementary document.
83
84 ==== Modern mail service basics
85
86 In order to contain spam (unwanted and unsolicited e-mail) problems, many ISPs which provide consumer grade Internet connection are implementing counter measures.
87
88 - The smarthost service for their customers to send message uses the message submission port (587) specified in http://tools.ietf.org/html/rfc4409[rfc4409] with the password (http://en.wikipedia.org/wiki/SMTP-AUTH[SMTP AUTH] service) specified in http://tools.ietf.org/html/rfc4954[rfc4954].
89 - The http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol[SMTP] port (25) connection from their internal network hosts (except ISP@@@sq@@@s own outgoing mail server) to the Internet are blocked.
90 - The http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol[SMTP] port (25) connection to the ISP@@@sq@@@s incoming mail server from some suspicious external network hosts are blocked. (The connection from hosts on the dynamic IP address range used by the dial-up and other consumer grade Internet connections are the first ones to be blocked.)
91
92 When configuring your mail system or resolving mail delivery problems, you must consider these new limitations.
93
94 In light of these hostile Internet situation and limitations, some independent Internet mail ISPs such as Yahoo.com and Gmail.com offer the secure mail service which can be connected from anywhere on the Internet using http://en.wikipedia.org/wiki/Transport_Layer_Security[Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL)].
95
96 - The smarthost service for their customers to send message uses the SMTP/SSL port (465) or the message submission port (587) with the password (SMTP AUTH service).
97 - The incoming mail is accessible at the TLS/POP3 port (995) with http://en.wikipedia.org/wiki/Post_Office_Protocol[POP3].
98
99 CAUTION: It is not realistic to run SMTP server on consumer grade network to send mail directly to the remote host reliably. They are very likely to be rejected. You must use some smarthost services offered by your connection ISP or independent mail ISPs. For the simplicity, I assume that the smarthost is located at "`smtp.hostname.dom`", requires http://en.wikipedia.org/wiki/SMTP-AUTH[SMTP AUTH], and uses the message submission port (587) in the following text.
100
101 ==== The mail configuration strategy for workstation
102
103 The most simple mail configuration is that the mail is sent to the ISP@@@sq@@@s smarthost and received from ISP@@@sq@@@s POP3 server by the MUA (see <<_mail_user_agent_mua>>) itself. This type of configuration is popular with full featured GUI based MUA such as `icedove`(1), `evolution`(1), etc. If you need to filter mail by their types, you use MUA@@@sq@@@s filtering function. For this case, the local MTA (see <<_mail_transport_agent_mta>>) need to do local delivery only.
104
105 The alternative mail configuration is that the mail is sent via local MTA to the ISP@@@sq@@@s smarthost and received from ISP@@@sq@@@s POP3 by the mail retriever (see <<_the_remote_mail_retrieval_and_forward_utility>>) to the local mailbox. If you need to filter mail by their types, you use MDA with filter (see <<_mail_delivery_agent_mda_with_filter>>) to filter mail into separate mailboxes. This type of configuration is popular with simple console based MUA such as `mutt`(1), `gnus`(1), etc., although this is possible with any MUAs (see <<_mail_user_agent_mua>>). For this case, the local MTA (see <<_mail_transport_agent_mta>>) need to do both smarthost delivery and local delivery.
106
107 === Mail transport agent (MTA)
108
109 For normal workstation, the popular choice for Mail transport agent (MTA) is either `exim4-\*` or `postfix` packages. It is really up to you.
110
111 .List of basic mail transport agent related packages for workstation
112 [grid="all"]
113 `--------------------`-------------`------------`--------------------------------------------------------------------
114 package popcon size description
115 ---------------------------------------------------------------------------------------------------------------------
116 `exim4-daemon-light` @-@popcon1@-@ @-@psize1@-@ Exim4 mail transport agent (MTA: Debian default)
117 `exim4-base` @-@popcon1@-@ @-@psize1@-@ Exim4 documentation (text) and common files
118 `exim4-doc-html` @-@popcon1@-@ @-@psize1@-@ Exim4 documentation (html)
119 `exim4-doc-info` @-@popcon1@-@ @-@psize1@-@ Exim4 documentation (info)
120 `postfix` @-@popcon1@-@ @-@psize1@-@ Postfix mail transport agent (MTA: alternative)
121 `postfix-doc` @-@popcon1@-@ @-@psize1@-@ Postfix documentation (html+text)
122 `sasl2-bin` @-@popcon1@-@ @-@psize1@-@ Cyrus SASL API implementation (supplement postfix for SMTP AUTH)
123 `cyrus-sasl2-doc` @-@popcon1@-@ @-@psize1@-@ Cyrus SASL - documentation
124 ---------------------------------------------------------------------------------------------------------------------
125
126 Although the popcon vote count of `exim4-\*` looks several times popular than that of `postfix`, this does not mean `postfix` is not popular with Debian developers. The Debian server system uses both `exim4` and `postfix`. The http://wiki.debian.org/DefaultMTA[mail header analysis] of mailing list postings from prominent Debian developers also indicate both of these MTAs are as popular.
127
128 The `exim4-\*` packages are known to have very small memory consumption and very flexible for its configuration. The `postfix` package is known to be compact, fast, simple, and secure. Both come with ample documentation and are as good in quality and license.
129
130 There are many choices for mail transport agent (MTA) packages with different capability and focus in Debian archive.
131
132 .List of choices for mail transport agent (MTA) packages in Debian archive
133 [grid="all"]
134 `--------------------`-------------`------------`---------------------------------------------------
135 package popcon size capability and focus
136 ----------------------------------------------------------------------------------------------------
137 `exim4-daemon-light` @-@popcon1@-@ @-@psize1@-@ full
138 `postfix` @-@popcon1@-@ @-@psize1@-@ full (security)
139 `exim4-daemon-heavy` @-@popcon1@-@ @-@psize1@-@ full (flexible)
140 `sendmail-bin` @-@popcon1@-@ @-@psize1@-@ full (only if you are already familiar)
141 `nullmailer` @-@popcon1@-@ @-@psize1@-@ strip down, no local mail
142 `ssmtp` @-@popcon1@-@ @-@psize1@-@ strip down, no local mail
143 `nbsmtp` @-@popcon1@-@ @-@psize1@-@ ?
144 `courier-mta` @-@popcon1@-@ @-@psize1@-@ very full (web interface etc.)
145 `xmail` @-@popcon1@-@ @-@psize1@-@ light
146 `masqmail` @-@popcon1@-@ @-@psize1@-@ light
147 `esmtp` @-@popcon1@-@ @-@psize1@-@ light
148 `esmtp-run` @-@popcon1@-@ @-@psize1@-@ light (sendmail compatibility extension to `esmtp`)
149 `msmtp` @-@popcon1@-@ @-@psize1@-@ light
150 `msmtp-mta` @-@popcon1@-@ @-@psize1@-@ light (sendmail compatibility extension to `msmtp`)
151 ----------------------------------------------------------------------------------------------------
152
153 //|| {{{smail}}} || 25 || 1769 || full (old) ||
154
155 ==== The configuration of exim4
156
157 For the Internet mail via smarthost, you (re)configure `exim4-\*` packages as the following.
158
159 --------------------
160 $ sudo /etc/init.d/exim4 stop
161 $ sudo dpkg-reconfigure exim4-conf
162 --------------------
163
164 Chose "mail sent by smarthost; received via SMTP or fetchmail".
165
166 Set "IP address or host name of the outgoing smarthost:" to "smtp.hostname.dom:587".
167
168 Reply to "Keep number of DNS-queries minimal (Dial-on-Demand)?" as one of the following.
169
170 - "No" if the system is connected to the Internet while booting.
171 - "Yes" if the system is **not** connected to the Internet while booting.
172
173 Create password entries for the smarthost by editing "` /etc/exim4/passwd.client`"
174
175 --------------------
176 $ sudo vim /etc/exim4/passwd.client
177 ...
178 $ cat /etc/exim4/passwd.client
179 ^smtp.*\.hostname\.dom:username@hostname.dom:password
180 --------------------
181
182 Start `exim4` by the following.
183
184 --------------------
185 $ sudo /etc/init.d/exim4 start
186 --------------------
187
188 The host name in "`/etc/exim4/passwd.client`" should not be the alias. You check the real host name with the following.
189
190 --------------------
191 $ host smtp.hostname.dom
192 smtp.hostname.dom is an alias for smtp99.hostname.dom.
193 smtp99.hostname.dom has address 123.234.123.89
194 --------------------
195
196 I use regex in "`/etc/exim4/passwd.client`" to work around the alias issue. SMTP AUTH probably works even if the ISP moves host pointed by the alias.
197
198 CAUTION: You must execute `update-exim4.conf`(8) after manually updating `exim4` configuration files in "`/etc/exim4/`".
199
200 CAUTION: Starting `exim4` takes long time if "No" (default value) was chosen for the debconf query of "Keep number of DNS-queries minimal (Dial-on-Demand)?" and the system is **not** connected to the Internet while booting.
201
202 NOTE: Please read the official guide at: "`/usr/share/doc/exim4-base/README.Debian.gz`" and `update-exim4.conf`(8).
203
204 TIP: Local customization file "`/etc/exim4/exim4.conf.localmacros`" may be created to set MACROs. For example, http://www.yahoo.com/[Yahoo]@@@sq@@@s mail service is said to require "`MAIN_TLS_ENABLE = true`" and "`AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = yes`" in it.
205
206 ==== The configuration of postfix with SASL
207
208 For the Internet mail via smarthost, you should first read http://www.postfix.org/documentation.html[postfix documentation] and key manual pages.
209
210 .List of important postfix manual pages
211 [grid="all"]
212 `--------------`----------------------------------
213 command function
214 --------------------------------------------------
215 `postfix`(1) Postfix control program
216 `postconf`(1) Postfix configuration utility
217 `postconf`(5) Postfix configuration parameters
218 `postmap`(1) Postfix lookup table maintenance
219 `postalias`(1) Postfix alias database maintenance
220 --------------------------------------------------
221
222 You (re)configure `postfix` and `sasl2-bin` packages as follows.
223
224 --------------------
225 $ sudo /etc/init.d/postfix stop
226 $ sudo dpkg-reconfigure postfix
227 --------------------
228
229 Chose "Internet with smarthost".
230
231 Set "SMTP relay host (blank for none):" to "`[smtp.hostname.dom]:587`" and configure it by the following.
232
233 --------------------
234 $ sudo postconf -e 'smtp_sender_dependent_authentication = yes'
235 $ sudo postconf -e 'smtp_sasl_auth_enable = yes'
236 $ sudo postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'
237 $ sudo postconf -e 'smtp_sasl_type = cyrus'
238 $ sudo vim /etc/postfix/sasl_passwd
239 --------------------
240
241 Create password entries for the smarthost.
242
243 --------------------
244 $ cat /etc/postfix/sasl_passwd
245 [smtp.hostname.dom]:587 username:password
246 $ sudo postmap hush:/etc/postfix/sasl_passwd
247 --------------------
248
249 Start the `postfix` by the following.
250
251 --------------------
252 $ sudo /etc/init.d/postfix start
253 --------------------
254
255 Here the use of "`[`" and "`]`" in the `dpkg-reconfigure` dialog and "`/etc/postfix/sasl_passwd`" ensures not to check MX record but directly use exact hostname specified. See "Enabling SASL authentication in the Postfix SMTP client" in "`usr/share/doc/postfix/html/SASL_README.html`".
256
257 ==== The mail address configuration
258
259 There are a few http://www.debian.org/doc/debian-policy/ch-customized-programs#s-mail-transport-agents[mail address configuration files for mail transport, delivery and user agents].
260
261 .List of mail address related configuration files
262 [grid="all"]
263 `----------------------`-------------------------------------`----------------------------------------------------------------------
264 file function application
265 ------------------------------------------------------------------------------------------------------------------------------------
266 `/etc/mailname` default host name for (outgoing) mail Debian specific, `mailname`(5)
267 `/etc/email-addresses` host name spoofing for outgoing mail `exim`(8) specific, `exim4-config_files`(5)
268 `/etc/postfix/generic` host name spoofing for outgoing mail `postfix`(1) specific, activated after `postmap`(1) command execution.
269 `/etc/aliases` account name alias for incoming mail general, activated after `newaliases`(1) command execution.
270 ------------------------------------------------------------------------------------------------------------------------------------
271
272 The **mailname** in the "`/etc/mailname`" file is usually a fully qualified domain name (FQDN) that resolves to one of the host@@@sq@@@s IP addresses. For the mobile workstation which does not have a hostname with resolvable IP address, set this **mailname** to the value of "`hostname -f`". (This is safe choice and works for both `exim4-\*` and `postfix`.)
273
274 TIP: The contents of "`/etc/mailname`" is used by many non-MTA programs for their default behavior. For `mutt`, set "`hostname`" and "`from`" variables in `\~/muttrc` file to override the **mailname** value. For programs in the `devscripts` package, such as `bts`(1) and `dch`(1), export environment variables "`$DEBFULLNAME`" and "`$DEBEMAIL`" to override it.
275
276 When setting the **mailname** to "`hostname -f`", the spoofing of the source mail address via MTA can be realized by the following.
277
278 - "`/etc/email-addresses`" file for `exim4`(8) as explained in the `exim4-config_files`(5)
279 - "`/etc/postfix/generic`" file for `postfix`(1) as explained in the `generic`(5)
280
281 For `postfix`, the following extra steps are needed.
282
283 --------------------
284 # postmap hash:/etc/postfix/generic
285 # postconf -e 'smtp_generic_maps = hash:/etc/postfix/generic'
286 # postfix reload
287 --------------------
288
289 You check filters using the following.
290
291 - `exim`(8) with `-brw, -bf, -bF, -bV, ...` options
292 - `postmap`(1) with `-q` option.
293
294 TIP: Exim comes with several utility programs such as `exiqgrep`(8) and `exipick`(8). See "`dpkg -L exim4-base|grep man8/`" for available commands.
295
296 ==== Basic MTA operations
297
298 There are several basic MTA operations. Some may be performed via `sendmail`(1) compatibility interface.
299
300 .List of basic MTA operation
301 [grid="all"]
302 `---------------------`-----------------------------------------`---------------------------------------------------------------
303 exim command postfix command description
304 --------------------------------------------------------------------------------------------------------------------------------
305 `sendmail` `sendmail` read mails from standard input and arrange for delivery (`-bm`)
306 `mailq` `mailq` list the mail queue with status and queue ID (`-bp`)
307 `newaliases` `newaliases` initialize alias database (`-I`)
308 `exim4 -q` `postqueue -f` flush waiting mails (`-q`)
309 `exim4 -qf` `postsuper -r ALL deferred; postqueue -f` flush all mails
310 `exim4 -qff` `postsuper -r ALL; postqueue -f` flush even frozen mails
311 `exim4 -Mg queue_id` `postsuper -h queue_id` freeze one message by its queue ID
312 `exim4 -Mrm queue_id` `postsuper -d queue_id` remove one message by its queue ID
313 N/A `postsuper -d ALL` remove all messages
314 --------------------------------------------------------------------------------------------------------------------------------
315
316 TIP: It may be a good idea to flush all mails by a script in "`/etc/ppp/ip-up.d/*`".
317
318 === Mail user agent (MUA)
319
320 If you subscribe to Debian related mailing list, it may be a good idea to use such MUA as `mutt` and `gnus` which are the de facto standard for the participant and known to behave as expected.
321
322 .List of mail user agent (MUA)
323 [grid="all"]
324 `-----------`-------------`------------`--------------------------------------------------------------------------------------------------
325 package popcon size type
326 ------------------------------------------------------------------------------------------------------------------------------------------
327 `iceweasel` @-@popcon1@-@ @-@psize1@-@ X GUI program (http://en.wikipedia.org/wiki/Mozilla_Corporation_software_rebranded_by_the_Debian_project[unbranded] http://en.wikipedia.org/wiki/Mozilla_Firefox[Mozilla Firefox])
328 `evolution` @-@popcon1@-@ @-@psize1@-@ X GUI program (part of a groupware suite)
329 `icedove` @-@popcon1@-@ @-@psize1@-@ X GUI program (http://en.wikipedia.org/wiki/Mozilla_Corporation_software_rebranded_by_the_Debian_project[unbranded] http://en.wikipedia.org/wiki/Mozilla_Thunderbird[Mozilla Thunderbird])
330 `mutt` @-@popcon1@-@ @-@psize1@-@ character terminal program probably used with `vim`
331 `gnus` @-@popcon1@-@ @-@psize1@-@ character terminal program under `(x)emacs`
332 ------------------------------------------------------------------------------------------------------------------------------------------
333
334 ==== Basic MUA -- Mutt
335
336 Customize "`\~/.muttrc`" as the following to use `mutt` as the mail user agent (MUA) in combination with `vim`.
337
338 --------------------
339 # use visual mode and "gq" to reformat quotes
340 set editor="vim -c 'set tw=72 et ft=mail'"
341 #
342 # header weeding taken from the manual (Sven's Draconian header weeding)
343 #
344 ignore *
345 unignore from: date subject to cc
346 unignore user-agent x-mailer
347 hdr_order from subject to cc date user-agent x-mailer
348 set hostname=spoof.example.org
349 set from="First Last <username@example.org>"
350 ....
351 --------------------
352
353 Add the following to "`/etc/mailcap`" or "`\~/.mailcap`" to display HTML mail and MS Word attachments inline.
354
355 --------------------
356 text/html; lynx -force_html %s; needsterminal;
357 application/msword; /usr/bin/antiword '%s'; copiousoutput; description="Microsoft Word Text"; nametemplate=%s.doc
358 --------------------
359
360 === The remote mail retrieval and forward utility
361
362 Although `fetchmail`(1) has been de facto standard for the remote mail retrieval on GNU/Linux, the author likes `getmail`(1) now. If you want to reject mail before downloading to save bandwidth, `mailfilter` or `mpop` may be useful. Whichever mail retriever utilities are used, it is good idea to configure system to deliver retrieved mails to MDA, such as `maildrop`, via pipe.
363
364 .List of remote mail retrieval and forward utilities
365 [grid="all"]
366 `------------`-------------`------------`-------------------------------------------------------------------
367 package popcon size description
368 -------------------------------------------------------------------------------------------------------------
369 `fetchmail` @-@popcon1@-@ @-@psize1@-@ mail retriever (POP3, APOP, IMAP) (old)
370 `getmail4` @-@popcon1@-@ @-@psize1@-@ mail retriever (POP3, IMAP4, and SDPS) (simple, secure, and reliable)
371 `mailfilter` @-@popcon1@-@ @-@psize1@-@ mail retriever (POP3) with with regex filtering capability
372 `mpop` @-@popcon1@-@ @-@psize1@-@ mail retriever (POP3) and MDA with filtering capability
373 -------------------------------------------------------------------------------------------------------------
374
375 ==== getmail configuration
376
377 `getmail`(1) configuration is described in http://pyropus.ca/software/getmail/documentation.html[getmail documentation]. Here is my set up to access multiple POP3 accounts as user.
378
379 Create "`/usr/local/bin/getmails`" as the following.
380
381 --------------------
382 #!/bin/sh
383 set -e
384 rcfiles="/usr/bin/getmail"
385 for file in $HOME/.getmail/config/* ; do
386 rcfiles="$rcfiles --rcfile $file"
387 done
388 exec $rcfiles $@
389 --------------------
390
391 Configure it as the following.
392
393 --------------------
394 $ sudo chmod 755 /usr/local/bin/getmails
395 $ mkdir -m 0700 $HOME/.getmail
396 $ mkdir -m 0700 $HOME/.getmail/config
397 $ mkdir -m 0700 $HOME/.getmail/log
398
399 --------------------
400
401 Create configuration files "`$HOME/.getmail/config/pop3_name`" for each POP3 accounts as the following.
402
403 --------------------
404 [retriever]
405 type = SimplePOP3SSLRetriever
406 server = pop.example.com
407 username = pop3_name@example.com
408 password = secret
409
410 [destination]
411 type = MDA_external
412 path = /usr/bin/maildrop
413 unixfrom = True
414
415 [options]
416 verbose = 0
417 delete = True
418 delivered_to = False
419 message_log = ~/.getmail/log/pop3_name.log
420 --------------------
421
422 Configure it as the following.
423
424 --------------------
425 $ chmod 0600 $HOME/.getmail/config/*
426 --------------------
427
428 Schedule "`/usr/local/bin/getmails`" to run every 15 minutes with `cron`(8) by executing "`sudo crontab -e -u <user_name>`" and adding following to user's cron entry.
429
430 --------------------
431 5,20,35,50 * * * * /usr/local/bin/getmails --quiet
432 --------------------
433
434 TIP: Problems of POP3 access may not come from `getmail`. Some popular free POP3 services may be violating the POP3 protocol and their SPAM filter may not be perfect. For example, they may delete messages just after receiving RETR command before receiving DELE command and may quarantined messages into Spam mailbox. You should minimize damages by configuring them to archive accessed messages and not to delete them. See also http://mail.google.com/support/bin/answer.py?answer=13291@@@amp@@@topic=1555["Some mail was not downloaded"].
435
436 ==== fetchmail configuration
437
438 `fetchmail`(1) configuration is set by "`/etc/default/fetchmail`", "`/etc/fetchmailrc`" and "`$HOME/.fetchmailrc`". See its example in "`/usr/share/doc/fetchmail/examples/fetchmailrc.example`".
439
440 === Mail delivery agent (MDA) with filter
441
442 Most MTA programs, such as `postfix` and `exim4`, function as MDA (mail delivery agent). There are specialized MDA with filtering capabilities.
443
444 Although `procmail`(1) has been de facto standard for MDA with filter on GNU/Linux, author likes `maildrop`(1) now. Whichever filtering utilities are used, it is good idea to configure system to deliver filtered mails to a http://en.wikipedia.org/wiki/Maildir[qmail-style Maildir].
445
446 .List of MDA with filter
447 [grid="all"]
448 `-----------`-------------`------------`--------------------------------------
449 package popcon size description
450 ------------------------------------------------------------------------------
451 `procmail` @-@popcon1@-@ @-@psize1@-@ MDA with filter (old)
452 `mailagent` @-@popcon1@-@ @-@psize1@-@ MDA with Perl filter
453 `maildrop` @-@popcon1@-@ @-@psize1@-@ MDA with structured filtering language
454 ------------------------------------------------------------------------------
455
456 ==== maildrop configuration
457
458 `maildrop`(1) configuration is described in http://www.courier-mta.org/maildrop/maildropfilter.html[maildropfilter documentation]. Here is a configuration example for "`$HOME/.mailfilter`".
459
460 --------------------
461 logfile $HOME/.maildroplog
462 # clearly bad looking mails: drop them into X-trash and exit
463 if ( /^X-Advertisement/ ||\
464 /^Subject:.*BUSINESS PROPOSAL/ ||\
465 /^Subject:.*URGENT.*ASISSTANCE/ ||\
466 /^Subject: *I NEED YOUR ASSISTANCE/ )
467 to "$HOME/Maildir/X-trash/"
468
469 # Delivering mailinglist messages using automatically generated mailbox
470 if ( /^Precedence:.*list/ || /^Precedence:.*bulk/ )
471 {
472 if ( /^List-Id:[ <]*([^<>]*)[ >]*/)
473 {
474 MAILBOX="$MATCH1"
475 }
476 else
477 {
478 if ( /^X-Loop: *(.*)@(.*)/)
479 {
480 MAILBOX="$MATCH1.$MATCH2"
481 }
482 else
483 {
484 if ( /Return-Path:.*\.debian\.org/ )
485 {
486 MAILBOX="automatic.debian.org"
487 }
488 else
489 {
490 MAILBOX="unknown-list"
491 }
492 }
493 }
494 `test -d $MAILROOT/$MAILBOX`
495 if ( $RETURNCODE == 1 )
496 `maildirmake $MAILROOT/$MAILBOX`
497 to "$MAILROOT/$MAILBOX/"
498 }
499 to "$HOME/Maildir/Inbox/"
500 exit
501 --------------------
502
503 WARNING: Unlike `procmail`, `maildrop` does not create missing maildir directories automatically. You must create them manually using `maildirmake`(1) in advance as in the example "`$HOME/.mailfilter`".
504
505 ==== procmail configuration
506
507 Here is an equivalent configuration with "`$HOME/.procmailrc`" for `procmail`(1).
508
509 --------------------
510 MAILDIR=$HOME/Maildir
511 DEFAULT=$MAILDIR/Inbox/
512 LOGFILE=$MAILDIR/Maillog
513 # clearly bad looking mails: drop them into X-trash and exit
514 :0
515 * 1^0 ^X-Advertisement
516 * 1^0 ^Subject:.*BUSINESS PROPOSAL
517 * 1^0 ^Subject:.*URGENT.*ASISSTANCE
518 * 1^0 ^Subject: *I NEED YOUR ASSISTANCE
519 X-trash/
520
521 # Delivering mailinglist messages
522 :0
523 * 1^0 ^Precedence:.*list
524 * 1^0 ^Precedence:.*bulk
525 * 1^0 ^List-
526 * 1^0 ^X-Distribution:.*bulk
527 {
528 :0
529 * 1^0 ^Return-path:.*debian-devel-admin@debian.or.jp
530 jp-debian-devel/
531
532 :0
533 * ^Resent-Sender.*debian-user-request@lists.debian.org
534 debian-user/
535
536 :0
537 * ^Resent-Sender.*debian-devel-request@lists.debian.org
538 debian-devel/
539
540 :0
541 * ^Resent-Sender.*debian-announce-request@lists.debian.org
542 debian-announce
543
544 :0
545 mailing-list/
546 }
547
548 :0
549 Inbox/
550 --------------------
551
552 ==== Redeliver mbox contents
553
554 You need to manually deliver mails to the sorted mailboxes in your home directory from "`/var/mail/<username>`" if your home directory became full and `procmail`(1) failed. After making disk space in the home directory, run the following.
555
556 --------------------
557 # /etc/init.d/${MAILDAEMON} stop
558 # formail -s procmail </var/mail/<username>
559 # /etc/init.d/${MAILDAEMON} start
560 --------------------
561
562 === POP3/IMAP4 server
563
564 If you are to run a private server on LAN, you may consider to run http://en.wikipedia.org/wiki/Post_Office_Protocol[POP3] / http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol[IMAP4] server for delivering mail to LAN clients.
565
566 .List of POP3/IMAP4 servers
567 [grid="all"]
568 `-----------------`-------------`------------`----`----------------------------------------------------------
569 package popcon size type description
570 -------------------------------------------------------------------------------------------------------------
571 `qpopper` @-@popcon1@-@ @-@psize1@-@ POP3 Qualcomm enhanced BSD POP3 server
572 `courier-pop` @-@popcon1@-@ @-@psize1@-@ POP3 Courier mail server - POP3 server (maildir format only)
573 `ipopd` @-@popcon1@-@ @-@psize1@-@ POP3 The University of Washington POP2 and POP3 server
574 `cyrus-pop3d-2.2` @-@popcon1@-@ @-@psize1@-@ POP3 Cyrus mail system (POP3 support)
575 `xmail` @-@popcon1@-@ @-@psize1@-@ POP3 ESMTP/POP3 mail server
576 `courier-imap` @-@popcon1@-@ @-@psize1@-@ IMAP Courier mail server - IMAP server (maildir format only)
577 `uw-imapd` @-@popcon1@-@ @-@psize1@-@ IMAP The University of Washington IMAP server
578 `cyrus-imapd-2.2` @-@popcon1@-@ @-@psize1@-@ IMAP Cyrus mail system (IMAP support)
579 -------------------------------------------------------------------------------------------------------------
580
581 === The print server and utility
582
583 In the old Unix-like system, the BSD http://en.wikipedia.org/wiki/Line_Printer_Daemon_protocol[Line printer daemon] was the standard. Since the standard print out format of the free software is PostScript on the Unix like system, some filter system was used along with http://en.wikipedia.org/wiki/Ghostscript[Ghostscript] to enable printing to the non-PostScript printer.
584
585 Recently, http://en.wikipedia.org/wiki/Common_Unix_Printing_System[Common UNIX Printing System] (CUPS) is the new de facto standard. The CUPS uses http://en.wikipedia.org/wiki/Internet_Printing_Protocol[Internet Printing Protocol] (IPP). The IPP is now supported by other OSs such as Windows XP and Mac OS X and has became new cross-platform de facto standard for remote printing with bi-directional communication capability.
586
587 The standard printable data format for the application on the Debian system is the http://en.wikipedia.org/wiki/PostScript[PostScript (PS)] which is a page description language. The data in PS format is fed into the Ghostscript PostScript interpreter to produce the printable data specific to the printer. See <<_ghostscript>>.
588
589 Thanks to the file format dependent auto-conversion feature of the CUPS system, simply feeding any data to the `lpr` command should generate the expected print output. (In CUPS, `lpr` can be enabled by installing the `cups-bsd` package.)
590
591 The Debian system has some notable packages for the print servers and utilities.
592
593 .List of print servers and utilities
594 [grid="all"]
595 `------------------------`-------------`------------`--------------`----------------------------------------------------------------------
596 package popcon size port description
597 ------------------------------------------------------------------------------------------------------------------------------------------
598 `lpr` @-@popcon1@-@ @-@psize1@-@ printer (515) BSD lpr/lpd (http://en.wikipedia.org/wiki/Line_Printer_Daemon_protocol[Line printer daemon])
599 `lprng` @-@popcon1@-@ @-@psize1@-@ , , , , (Enhanced)
600 `cups` @-@popcon1@-@ @-@psize1@-@ IPP (631) Internet Printing CUPS server
601 `cups-client` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/System_V_printing_system[System V printer commands] for CUPS: `lp`(1), `lpstat`(1), `lpoptions`(1), `cancel`(1), `lpmove`(8), `lpinfo`(8), `lpadmin`(8), ...
602 `cups-bsd` @-@popcon1@-@ @-@psize1@-@ , , http://en.wikipedia.org/wiki/Line_Printer_Daemon_protocol[BSD printer commands] for CUPS: `lpr`(1), `lpq`(1), `lprm`(1), `lpc`(8)
603 `cups-driver-gutenprint` @-@popcon1@-@ @-@psize1@-@ Not applicable printer drivers for CUPS
604 ------------------------------------------------------------------------------------------------------------------------------------------
605
606 TIP: You can configure CUPS system by pointing your web browser to "http://localhost:631/[http://localhost:631/]" .
607
608 === The remote access server and utility (SSH)
609
610 The http://en.wikipedia.org/wiki/Secure_Shell[Secure SHell] (SSH) is the **secure** way to connect over the Internet. A free version of SSH called http://www.openssh.org/[OpenSSH] is available as `openssh-client` and `openssh-server` packages in Debian.
611
612 .List of remote access server and utilities
613 [grid="all"]
614 `------------------------`-------------`------------`---------------------------`-------------------------------------------------
615 package popcon size tool description
616 ----------------------------------------------------------------------------------------------------------------------------------
617 `openssh-client` @-@popcon1@-@ @-@psize1@-@ `ssh`(1) Secure shell client
618 `openssh-server` @-@popcon1@-@ @-@psize1@-@ `sshd`(8) Secure shell server
619 `ssh-askpass-fullscreen` @-@popcon1@-@ @-@psize1@-@ `ssh-askpass-fullscreen`(1) asks user for a pass phrase for ssh-add (GNOME2)
620 `ssh-askpass` @-@popcon1@-@ @-@psize1@-@ `ssh-askpass`(1) asks user for a pass phrase for ssh-add (plain X)
621 ----------------------------------------------------------------------------------------------------------------------------------
622
623 CAUTION: See <<_extra_security_measures_for_the_internet>> if your SSH is accessible from the Internet.
624
625 TIP: Please use the `screen`(1) program to enable remote shell process to survive the interrupted connection (see <<_the_screen_program>>).
626
627 ==== Basics of SSH
628
629 WARNING: "`/etc/ssh/sshd_not_to_be_run`" must not be present if one wishes to run the OpenSSH server.
630
631 SSH has two authentication protocols.
632
633 .List of SSH authentication protocols and methods
634 [grid="all"]
635 `------------`-----------------------------------`----------------------------------------------------------------------------------------
636 SSH protocol SSH method description
637 ------------------------------------------------------------------------------------------------------------------------------------------
638 SSH-1 "`RSAAuthentication`" RSA identity key based user authentication
639 , , "`RhostsAuthentication`" "`.rhosts`" based host authentication (insecure, disabled)
640 , , "`RhostsRSAAuthentication`" "`.rhosts`" based host authentication combined with RSA host key (disabled)
641 , , "`ChallengeResponseAuthentication`" RSA challenge-response authentication
642 , , "`PasswordAuthentication`" password based authentication
643 SSH-2 "`PubkeyAuthentication`" public key based user authentication
644 , , "`HostbasedAuthentication`" "`\~/.rhosts`" or "`/etc/hosts.equiv`" based host authentication combined with public key client host authentication (disabled)
645 , , "`ChallengeResponseAuthentication`" challenge-response authentication
646 , , "`PasswordAuthentication`" password based authentication
647 ------------------------------------------------------------------------------------------------------------------------------------------
648
649 CAUTION: Be careful about these differences if you are using a non-Debian system.
650
651 See "`/usr/share/doc/ssh/README.Debian.gz`", `ssh`(1), `sshd`(8), `ssh-agent`(1), and `ssh-keygen`(1) for details.
652
653 Following are the key configuration files.
654
655 .List of SSH configuration files
656 [grid="all"]
657 `-------------------------`--------------------------------------------------------------------------------------------------
658 configuration file description of configuration file
659 -----------------------------------------------------------------------------------------------------------------------------
660 `/etc/ssh/ssh_config` SSH client defaults, see `ssh_config`(5)
661 `/etc/ssh/sshd_config` SSH server defaults, see `sshd_config`(5)
662 `\~/.ssh/authorized_keys` default public SSH keys that clients use to connect to this account on this SSH server
663 `\~/.ssh/identity` secret SSH-1 RSA key of the user
664 `\~/.ssh/id_rsa` secret SSH-2 RSA key of the user
665 `\~/.ssh/id_dsa` secret SSH-2 DSA key of the user
666 -----------------------------------------------------------------------------------------------------------------------------
667
668 TIP: See `ssh-keygen`(1), `ssh-add`(1) and `ssh-agent`(1) for how to use public and secret SSH keys.
669
670 TIP: Make sure to verify settings by testing the connection. In case of any problem, use "`ssh -v`".
671
672 TIP: You can change the pass phrase to encrypt local secret SSH keys later with "`ssh-keygen -p`".
673
674 TIP: You can add options to the entries in "`\~/.ssh/authorized_keys`" to limit hosts and to run specific commands. See `sshd`(8) for details.
675
676 The following starts an `ssh`(1) connection from a client.
677
678 .List of SSH client startup examples
679 [grid="all"]
680 `--------------------------------------------------------------------------`-------------------------------------------------
681 command description
682 -----------------------------------------------------------------------------------------------------------------------------
683 `ssh username@hostname.domain.ext` connect with default mode
684 `ssh -v username@hostname.domain.ext` connect with default mode with debugging messages
685 `ssh -1 username@hostname.domain.ext` force to connect with SSH version 1
686 `ssh -1 -o RSAAuthentication=no -l username hostname.domain.ext` force to use password with SSH version 1
687 `ssh -o PreferredAuthentications=password -l username hostname.domain.ext` force to use password with SSH version 2
688 -----------------------------------------------------------------------------------------------------------------------------
689
690 If you use the same user name on the local and the remote host, you can eliminate typing "`username@`". Even if you use different user name on the local and the remote host, you can eliminate it using "`\~/.ssh/config`". For http://alioth.debian.org/[Debian Alioth service] with account name "`foo-guest`", you set "`\~/.ssh/config`" to contain the following.
691
692 --------------------
693 Host alioth.debian.org svn.debian.org git.debian.org
694 User foo-guest
695 --------------------
696
697 For the user, `ssh`(1) functions as a smarter and more secure `telnet`(1). Unlike `telnet` command, `ssh` command does not bomb on the `telnet` escape character (initial default CTRL-]).
698
699 ==== Port forwarding for SMTP/POP3 tunneling
700
701 To establish a pipe to connect to port 25 of `remote-server` from port 4025 of `localhost`, and to port 110 of `remote-server` from port 4110 of `localhost` through `ssh`, execute on the local host as the following.
702
703 --------------------
704 # ssh -q -L 4025:remote-server:25 4110:remote-server:110 username@remote-server
705 --------------------
706
707 This is a secure way to make connections to SMTP/POP3 servers over the Internet. Set the "`AllowTcpForwarding`" entry to "`yes`" in "`/etc/ssh/sshd_config`" of the remote host.
708
709 ==== Connecting without remote passwords
710
711 One can avoid having to remember passwords for remote systems by using "`RSAAuthentication`" (SSH-1 protocol) or "`PubkeyAuthentication`" (SSH-2 protocol).
712
713 On the remote system, set the respective entries, "`RSAAuthentication yes`" or "`PubkeyAuthentication yes`", in "`/etc/ssh/sshd_config`".
714
715 Generate authentication keys locally and install the public key on the remote system by the following.
716
717 - "`RSAAuthentication`": RSA key for SSH-1 (deprecated because it is superseded.)
718
719 --------------------
720 $ ssh-keygen
721 $ cat .ssh/identity.pub | ssh user1@remote "cat - >>.ssh/authorized_keys"
722 --------------------
723
724 - "`PubkeyAuthentication`": RSA key for SSH-2
725
726 --------------------
727 $ ssh-keygen -t rsa
728 $ cat .ssh/id_rsa.pub | ssh user1@remote "cat - >>.ssh/authorized_keys"
729 --------------------
730
731 - "`PubkeyAuthentication`": DSA key for SSH-2 (deprecated because it is slow.)
732
733 --------------------
734 $ ssh-keygen -t dsa
735 $ cat .ssh/id_dsa.pub | ssh user1@remote "cat - >>.ssh/authorized_keys"
736 --------------------
737
738 TIP: Use of DSA key for SSH-2 is deprecated because key is smaller and slow. There are no more reasons to work around RSA patent using DSA since it has been expired. DSA stands for http://en.wikipedia.org/wiki/Digital_Signature_Algorithm[Digital Signature Algorithm] and slow. Also see http://www.debian.org/security/2008/dsa-1571[DSA-1571-1].
739
740 NOTE: For "`HostbasedAuthentication`" to work in SSH-2, you must adjust the settings of "`HostbasedAuthentication`" to "`yes`" in both "`/etc/ssh/sshd_config`" on the server host and "`/etc/ssh/ssh_config`" or "`\~/.ssh/config`" on the client host.
741
742 ==== Dealing with alien SSH clients
743
744 There are some free http://en.wikipedia.org/wiki/Secure_Shell[SSH] clients available for other platforms.
745
746 .List of free SSH clients for other platforms
747 [grid="all"]
748 `-----------------`-----------------------------------------------------------------
749 environment free SSH program
750 ------------------------------------------------------------------------------------
751 Windows puTTY (http://www.chiark.greenend.org.uk/\~sgtatham/putty/) (GPL)
752 Windows (cygwin) SSH in cygwin (http://www.cygwin.com/) (GPL)
753 Macintosh Classic macSSH (http://www.macssh.com/) (GPL)
754 Mac OS X OpenSSH; use `ssh` in the Terminal application (GPL)
755 ------------------------------------------------------------------------------------
756
757 ==== Setting up ssh-agent
758
759 It is safer to protect your SSH authentication secret keys with a pass phrase. If a pass phrase was not set, use "`ssh-keygen -p`" to set it.
760
761 Place your public SSH key (e.g. "`\~/.ssh/id_rsa.pub`") into "`\~/.ssh/authorized_keys`" on a remote host using a password-based connection to the remote host as described above.
762
763 --------------------
764 $ ssh-agent bash
765 $ ssh-add ~/.ssh/id_rsa
766 Enter passphrase for /home/<username>/.ssh/id_rsa:
767 Identity added: /home/<username>/.ssh/id_rsa (/home/<username>/.ssh/id_rsa)
768 --------------------
769
770 No remote password needed from here on for the next command.
771
772 --------------------
773 $ scp foo <username>@remote.host:foo
774 --------------------
775
776
777 Press \^D to terminating ssh-agent session.
778
779 For the X server, the normal Debian startup script executes `ssh-agent` as the parent process. So you only need to execute `ssh-add` once. For more, read `ssh-agent`(1)and `ssh-add`(1).
780
781 ==== How to shutdown the remote system on SSH
782
783 You need to protect the process doing "`shutdown -h now`" (see <<_how_to_shutdown_the_system>>) from the termination of SSH using the `at`(1) command (see <<_scheduling_tasks_once>>) by the following.
784
785 --------------------
786 # echo "shutdown -h now" | at now
787 --------------------
788
789 Running "`shutdown -h now`" in `screen`(1) (see <<_the_screen_program>>) session is another way to do the same.
790
791 ==== Troubleshooting SSH
792
793 If you have problems, check the permissions of configuration files and run `ssh` with the "`-v`" option.
794
795 Use the "`-P`" option if you are root and have trouble with a firewall; this avoids the use of server ports 1 -- 1023.
796
797 If `ssh` connections to a remote site suddenly stop working, it may be the result of tinkering by the sysadmin, most likely a change in "`host_key`" during system maintenance. After making sure this is the case and nobody is trying to fake the remote host by some clever hack, one can regain a connection by removing the "`host_key`" entry from "`\~/.ssh/known_hosts`" on the local host.
798
799 === Other network application servers
800
801 Here are other network application servers.
802
803 .List of other network application servers
804 [grid="all"]
805 `---------------------`-------------`------------`----------------------------------------------------------------------`--------------------------------------------------------------------------------------------------------------------------
806 package popcon size protocol description
807 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
808 `telnetd` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/TELNET[TELNET] TELNET server
809 `telnetd-ssl` @-@popcon1@-@ @-@psize1@-@ , , , , (SSL support)
810 `nfs-kernel-server` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Network_File_System_(protocol)[NFS] Unix file sharing
811 `samba` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Server_Message_Block[SMB] Windows file and printer sharing
812 `netatalk` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/AppleTalk[ATP] Apple/Mac file and printer sharing (AppleTalk)
813 `proftpd-basic` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/File_Transfer_Protocol[FTP] General file download
814 `wu-ftpd` @-@popcon1@-@ @-@psize1@-@ , , , ,
815 `apache2-mpm-prefork` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol[HTTP] General web server
816 `apache2-mpm-worker` @-@popcon1@-@ @-@psize1@-@ , , , ,
817 `squid` @-@popcon1@-@ @-@psize1@-@ , , General web http://en.wikipedia.org/wiki/Proxy_server[proxy server]
818 `squid3` @-@popcon1@-@ @-@psize1@-@ , , , ,
819 `slpd` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Service_Location_Protocol[SLP] http://www.openslp.org/[OpenSLP] Server as http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol[LDAP] server
820 `bind9` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Domain_Name_System[DNS] IP address for other hosts
821 `dhcp3-server` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol[DHCP] IP address of client itself
822 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
823
824 Common Internet File System Protocol (CIFS) is the same protocol as http://en.wikipedia.org/wiki/Server_Message_Block[Server Message Block (SMB)] and is used widely by Microsoft Windows.
825
826 TIP: Use of proxy server such as `squid` is much more efficient for saving bandwidth than use of local mirror server with the full Debian archive contents.
827
828 === Other network application clients
829
830 Here are other network application clients.
831
832 .List of network application clients
833 [grid="all"]
834 `--------------`-------------`------------`---------------------------------------------------------------------------------------------------------------------------`----------------------
835 package popcon size protocol description
836 ------------------------------------------------------------------------------------------------------------------------------------------
837 `netcat` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/TCP/IP[TCP/IP] TCP/IP swiss army knife
838 `stunnel4` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Transport_Layer_Security[SSL] universal SSL Wrapper
839 `telnet` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/TELNET[TELNET] TELNET client
840 `telnet-ssl` @-@popcon1@-@ @-@psize1@-@ , , , , (SSL support)
841 `nfs-common` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Network_File_System_(protocol)[NFS] Unix file sharing
842 `smbclient` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Server_Message_Block[SMB] MS Windows file and printer sharing client
843 `smbfs` @-@popcon1@-@ @-@psize1@-@ , , mount and umount commands for remote MS Windows file
844 `ftp` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/File_Transfer_Protocol[FTP] FTP client
845 `lftp` @-@popcon1@-@ @-@psize1@-@ , , , ,
846 `ncftp` @-@popcon1@-@ @-@psize1@-@ , , full screen FTP client
847 `wget` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol[HTTP] and http://en.wikipedia.org/wiki/File_Transfer_Protocol[FTP] web downloader
848 `curl` @-@popcon1@-@ @-@psize1@-@ , , , ,
849 `bind9-host` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Domain_Name_System[DNS] `host`(1) from bind9, "`Priority: standard`"
850 `dnsutils` @-@popcon1@-@ @-@psize1@-@ , , `dig`(1) from bind, "`Priority: standard`"
851 `dhcp3-client` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol[DHCP] obtain IP address
852 `ldap-utils` @-@popcon1@-@ @-@psize1@-@ http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol[LDAP] obtain data from LDAP server
853 ------------------------------------------------------------------------------------------------------------------------------------------
854
855 // removed
856 // || {{{cftp}}} || 23 || - || , , || , , ||
857
858 === The diagnosis of the system daemons
859
860 The `telnet` program enables manual connection to the system daemons and its diagnosis.
861
862 For example, try the following
863
864 --------------------
865 $ telnet mail.ispname.net pop3
866 --------------------
867
868 The following http://www.ietf.org/rfc.html[RFCs] provide required knowledge to each system daemon.
869
870 .List of popular RFCs
871 [grid="all"]
872 `-------------------------------------------------------------------------------------------`---------------------------------------------
873 RFC description
874 ------------------------------------------------------------------------------------------------------------------------------------------
875 http://tools.ietf.org/html/rfc1939[rfc1939] and http://tools.ietf.org/html/rfc2449[rfc2449] http://en.wikipedia.org/wiki/Post_Office_Protocol[POP3] service
876 http://tools.ietf.org/html/rfc3501[rfc3501] http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol[IMAP4] service
877 http://tools.ietf.org/html/rfc2821[rfc2821] (http://tools.ietf.org/html/rfc821[rfc821]) http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol[SMTP] service
878 http://tools.ietf.org/html/rfc2822[rfc2822] (http://tools.ietf.org/html/rfc822[rfc822]) Mail file format
879 http://tools.ietf.org/html/rfc2045[rfc2045] http://en.wikipedia.org/wiki/MIME[Multipurpose Internet Mail Extensions (MIME)]
880 http://tools.ietf.org/html/rfc819[rfc819] http://en.wikipedia.org/wiki/Domain_Name_System[DNS] service
881 http://tools.ietf.org/html/rfc2616[rfc2616] http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol[HTTP] service
882 http://tools.ietf.org/html/rfc2396[rfc2396] http://en.wikipedia.org/wiki/Uniform_Resource_Identifier[URI] definition
883 ------------------------------------------------------------------------------------------------------------------------------------------
884
885 The port usage is described in "`/etc/services`".
886
887 NOTE: For testing http://en.wikipedia.org/wiki/Transport_Layer_Security[TLS]/SSL services such as http://en.wikipedia.org/wiki/Https[HTTPS], you need TLS/SSL enabled `telnet` program.
888
  ViewVC Help
Powered by ViewVC 1.1.5