CSC 175: Linux Installation Instructions This document applies only to the isolated network in Adams 019 Please Follow Carefully This guide is meant to accompany my in-class demonstration and other explanations. There is never any excuse for not attending a class. A small, private network has been created for half the workstations in Adams 019. A server-class machine in adams 017 has been configured as a router/firewall. This machine separates the outside Internet from the internal network. To the internal network this machine is known as 10.1.0.98 (starbase), while from outside it is known as 147.4.183.5 (the outside address may change during the semester). All machines on our private network use 10.1.0.98 as their "gateway" (and name server). 1. Form groups. There cannot be any groups with less than two people or more than three people. Elect a group spokesperson. Your group may be graded for collaboration, attendance, timeliness, and the ability to follow instructions. 2. Once your group has informed the professor of your members, you will be assigned a workstation in Adams 019 and be given a "password". You must set your system to use this root password when installing Linux. You will also be given an IP address - and you must set up your system to use that address. YOU MAY NOT CHANGE THE ROOT PASSWORD. 3. Pick a one-word "hostname" for your machine. A secret name domain, "secret.hofstra.edu" has been created for the purpose of our class. This domain is not visible to the outside Internet and anyone who reveals its existence will be quietly taken care of. For example, if you pick "machine3" as the name of your machine, then your machine's full hostname will be machine3.secret.hofstra.edu. You will be doing a network installation of Fedora 8 Linux. There are some unfixed errors with regard to manually configured networks in Fedora 10. The procedure described below applies only to machines in Adams 019, which are connected to the router/firewall named starbase.secret.hofstra.edu, and has an IP address 10.1.0.98 - this machine will also be your "default gateway". Essentially, your first assignment is to install Linux from the network. CAVEAT: the instructions below form a general *guide* - What you actually encounter may vary slightly. 4. The machine you've been assigned to is a 64 bit machine and you need to install the correct version of the operating system. You will find a link on the class web page to a "boot.iso" CD image. Burn this image onto a CD. If you don't have the ability to do that, please see me immediately. This CD does not contain the entire operating system, it only allows you to install Linux from a remote source. 5. Reboot your machine using the boot.iso CD (hit F12 during bootup). Hit Enter at the first prompt You'll be led through a series of simple questions. When asked to choose the installation method, select FTP. 6. The installation program will prompt you to set up the basic TCP/IP configuration. A. DO NOT SELECT automatical IP address assignment. You may select both ipv4 and ipv6 but for now we'll use only ipv4 B. Enter the IP (v4) address that I GAVE YOU. C. Enter 255.255.0.0 as the subnet mask (in the notation ip/mask) D. Enter 10.1.0.98 as the default gateway E. Enter 10.1.0.98 as the primary DNS (name server) F. Enter 147.4.30.2 as the secondary DNS (if ever prompted) G. Enter your hostname in the format whatever.secret.hofstra.edu If you mess up, start over. 7. Install linux from the anonymous ftp server at 10.1.0.98 (starbase). Enter "pub/fd8/x64" as the redhat directory. i386 is for traditional 32 bit, x64 is the newer 64 bit version. Note that this server is only accessable from within Hofstra University. 8. Another important part of the installation process is to partition your hard drive. SELECT THE CUSTOM PARTITIONING OPTION. DO NOT USE THE DEFAULT SETTINGS! Since some these machines were used by csc175 students during previous semesters, you may find that many partitions already exist. DO THIS PART VERY CAREFULLY: Delete the "swap" and "ext3" partitions Do NOT delete any FAT or NTFS partitions. However, you may see a 31 byte vfat partition. Delete that. 9. Create a swap partition of 512meg to 1gig (1024 megs) It is considered politically correct to create several different "ext3" partitions when you install linux. However, for beginners I suggest creating a single large "ext3" partition with mount point at "/". The size of the "/" paritition should be about 12 gigs. NOTE: DO NOT USE ALL AVAILABLE SPACE FOR YOUR LINUX INSTALLATION ** Show the instructor your partition settings before committing them. ** 10. Fedora would ask you if you want to do an "upgrade" or install a new system. Install a new system. Next you'll need to select the packages to install. Be sure to select the "Customize" option. Pick either KDE or Gnome (but not both). I like KDE but Redhat prefers Gnome. It's really a matter of personal taste. Check all the packages that sound like they have something to do with networking. Also select the "development" packages. But don't worry too much if you didn't install all the packages you needed because it's not hard to add them later. Do NOT install "Everything". Try to keep the total size of your installation to be less than 3 gigs. 11. When prompted, enter the root password I GAVE YOU. YOU MAY NOT EVER CHANGE the root password. Only the professor and the people in your group should know of this password. 12. Most of the rest of the steps are self-explanatory. The installation of the packages will take about half an hour and does not require monitoring. 13. After the packages have been installed, the system will reboot and you'll be asked some additional questions. 14. At some point during the initial boot, you'll also be asked to set up a firewall. IT IS PARAMOUNT THAT YOU DO NOT SET UP ANY FIREWALL. We will be learning how to set up firewalls, and setting it up here will interfere with that. Also, you are already behind the firewall at starbase. Also set "SELinux" to "permissive" THIS IS IMPORTANT. IF YOU DIDN'T READ THIS CAREFULLY AND MESS UP THIS PART, YOU'LL HAVE TO START THE INSTALLATION OVER. Again, don't set up any firewall. 15. You are required to set up a user account called "guest" with password "student". This is your public account. You'll be prompted to set up the X windows server. If Linux doesn't recognize your monitor, select Generic LCD panel 1280x1024, and set the resolution to be the same. 16. POST-INSTALLATION CONFIGURATION: there's a lot that can be done after installation, but for now, just insert the following line into the beginning of /etc/resolv.conf search secret.hofstra.edu hofstra.edu and change the "0" in /proc/sys/net/ipv4/ip_forward to "1" You can do this as follows by typing at the command prompt: echo 1 > /proc/sys/net/ipv4/ip_forward Also, you should be aware of the following graphical configuration tools: system-config-network : networking parameter setup (most useful, at first) system-config-services : configure what servers to run system-config-users : manage user accounts system-config-display : change display properties yum : install/upgrade packages You must run these tools as root. To install new software on Fedora, you should use either "up2date" or "yum". You should run up2date at least once to generate a security key. Type "yum install wireshark wireshark-gnome" to install the wireshark (formerly "ethereal") protocol analyser. Final words: Linux installation has become much easier compared to earlier days, but it still may require you to withstand a good deal of frustration. Be flexible and patient. ----- Remotely accessing your Linux workstation. All external access to the "secret" network is done through the starbase gateway. Starbase has IP address 10.1.0.98 internally and 147.4.183.5 externally. Access to starbase from outside is, however, severely restricted, and you are asked to not share the following information casually. The latest Linux systems all disable telnet - as it's very unsafe. You need to learn to use the "ssh" program. ssh works like telnet. For example, to remotely access your account on husun3, you would type ssh -l username husun3.hofstra.edu Normally, ssh accepts connections to port 22 (every tcp/ip server program is assigned a port number). However, to access your "secret" host you must ssh into a special port on starbase. starbase then redirects this connection to the appropriate "secret" host. The ports are assigned as follows: 10.1.0.1 19001 10.1.0.2 19002 10.1.0.3 19003 ... ... 10.1.0.12 19012 Use the -p option to ssh tells it to connect to a port other than 22. For example, if you want to access 10.1.0.8 from outside Hofstra, do ssh -p 19008 -l root 147.4.183.5 Recall that 147.4.183.5 is the Internet IP address of starbase (do not refer to this host as starbase or 10.1.0.98 from outside of Adams 019!). When using ssh with Fedora, you also need to use the -Y option in order to forward graphics. When you ssh this way, you may get a warning that says "someone may be trying to do something nasty". Nobody is doing anything nasty, so just do "rm ~/.ssh/known_hosts" and try again.