VPS Murah Server IIX - USA - Singapore

[tutorial] web,vpn,ssh server on one port

Bagaimana sih supaya web, vpn dan ssh bisa menggunakan satu port.

contoh kasus:

punya vps / dedicated server, ingin install webserver, openvpn, dan openssh di port 80



masalah:

webserver. openvpn, dan openssh tidak bisa listen di port yang sama



pemecahan:

sslh - ssl/ssh multiplexer

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port



so,

webserver listen di 81

openvpn listen di 82

openssh listen di 22

sslh listen di 80

command:

sslh -u nobody -f -n -p 0.0.0.0:80 --ssh 127.0.0.1:22 --openvpn 127.0.0.1:82 --ssl 127.0.0.1:81



ref:

http://www.rutschle.net/tech/sslh.shtml


wah salah command, harusnya:

sslh -u nobody -f -n -p 0.0.0.0:80 --ssh 127.0.0.1:22 --openvpn 127.0.0.1:82 --ssl 127.0.0.1:81


yup, skrng coba

ssh -p 80 127.0.0.1

Arie Wijayanto 1.
jalankan "screen", klo blum ada install dulu, nanti muncul terminal baru

2.
jalankan sslh nya

3.
pencet CTRL+a trus "d", nanti balik lagi ke terminal awal

4.
silahkan "exit"

Patch SSH

mv openssh-5.5p1 openssh-5.5p1-hpn13v9 && cd openssh-5.5p1-hpn13v9

zcat ../openssh-6.1p1-hpn13v14.diff.gz | patch

apt-get install zlib1g-dev

apt-get install libssl-dev openssl

apt-get install build-essential


apt-get update
apt-get upgrade
apt-get install zlib-bin libpam-dev openssl libssl-dev gcc patch

download source-nya

cd /tmp

wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-6.1p1.tar.gz

wget http://www.psc.edu/networking/projects/hpn-ssh/openssh-6.1p1-hpn13v14.diff.gz

extract
tar -xzvf openssh-5.9p1.tar.gz

cd openssh-5.9p1

apply patch HPN SSH

zcat /tmp/openssh-5.9p1-hpn13v12.diff.gz | patch

configure SSH

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam

hapus config

rm /etc/ssh/ssh_config

rm /etc/ssh/sshd_config

install hpn ssh

make && make install

restart ssh service


CENTOS

yum apdate

yum install build-essential && install zlib1g-dev && install libssl-dev openssl

ktik :

cd /tmp

lanjut ktik(buat donlod source openssh dan hpn patchnya) :

wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz

wget http://www.psc.edu/networking/projects/hpn-ssh/openssh-5.9p1-hpn13v12.diff.gz

extract openssh nya :

tar -xzvf openssh-5.9p1.tar.gz

cd openssh-5.9p1

apply patch HPN SSH :

zcat /tmp/openssh-5.9p1-hpn13v12.diff.gz | patch

configure SSH :

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam

jgn lupa hapus config biar gak tabrakan :

rm /etc/ssh/ssh_config

rm /etc/ssh/sshd_config

install hpn ssh :

make && make install

ubah port nya :

nano /etc/ssh/sshd_config

kl nano blum ada,instal dl pake printah :

yum install nano

restart ssh service :

service sshd restart

cek port terbuka pake printah :

netstat -ntlp atau netstat -ntulp

slesai = ganteng,ahahaha


CENTOS(lg)

nstall aplikasi yang kita butuhkan untuk mencompile dan patch SSH agar menjadi HPN SSH
#yum install zlib zlib-devel pam pam-devel openssl openssl-devel gcc patch
              
Sekarang kita pindah ke direktori /usr/src terus download bahan yang mau diinstall
#cd /usr/src
#wget http://www.mirrorservice.org/sites/www.ibiblio.org/gentoo/distfiles/openssh-5.5p1.tar.gz
#wget http://www.mirrorservice.org/sites/www.ibiblio.org/gentoo/distfiles/openssh-5.9p1-hpn13v12.diff.gz
              
Selanjutnya kita extract SSH mentahan, terus masuk ke direktorynya.
#tar -xzvf openssh-5.5p1.tar.gz
#cd openssh-5.5p1
              
Setelah itu kita apply patch HPN SSH nya
#zcat /usr/src/openssh-5.5p1-hpn13v9.diff.gz | patch
              
Proses patching sedang berjalan, nggak lama lama amat kok om. Kalau udah, kita configure SSH yang telah di patch tadi.
#./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam
              
Jangan cuman pake ./configure , soalnya ujungnya failed biasanya rolling on the floor.
Jangan langsung di make dan make install. Kita hapus dulu config SSH sebelumnya biar nggak conflict.
#rm /etc/ssh/ssh_config
#rm /etc/ssh/sshd_config
              
Nah, sekarang baru kita make terus make install.
#make
#make install
              
Langkah terakhir kita restart SSH nya
#service sshd restart
              
Done, coba logout terus login lagi. Versi SSH nya bakalan berubah jadi SSH-2.0-OpenSSH_5.5p1-hpn13v9.

http://download.openpkg.org/components/cache/openssh/openssh-5.9p1-hpn13v12.diff.gz

Panduan patch HPN di CentOS 32bit



Install hpn ssh di vps/server centos ternyata tidaklah susah asal cermat dalam melakukannya.

Buat seluruh orang yang punya server VPS pasti tau yang namanya SSH. Dan bagi beberapa orang menggunakan SSH untuk tunneling agar IP addres mereka tersembunyi. Tapi tau tidak kalau kecepatan tunneling SSH itu hanya 1 Mbps..?

Akan tetapi ada patchnya agar SSH menjadi kenceng dengan menggunakan HPN SSH.

Tanpa basa – basi lagi, langsung kita praktekin aja ya..


Sebelumnya update dulu centosnya dengan comand : yum update

1. Install aplikasi yang kita butuhkan untuk mencompile dan patch SSH agar menjadi HPN SSH

yum install zlib zlib-devel pam pam-devel openssl openssl-devel gcc patch


2. Sekarang kita pindah ke direktori /usr/src terus download bahan yang mau diinstall



cd /usr/src

wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz

donlod manual hpn path nya lalu uplod mlalui sftp di tunnelier,taruh dlm 1 folder dg openssh yg akan kita path dan install

http://www.psc.edu/networking/projects/hpn-ssh/ (di sini donlod pilih openssh-5.9p1-hpn13v12.diff.gz)
http://www.psc.edu/index.php/component/remository/HPN-SSH/OpenSSH-5.9-patches/OpenSSH-5.9-Kitchen-sink-patch/

upload hasil download tsb openssh-5.9p1-hpn13v12.diff.gz ke dis /usr/src
(biasanya saat masuk ke sftp lewat tunnelier langsung ke folder root - klik gambar folder untuk up direktori)

3. Kembali ke putty masih di direktori usr/src.Selanjutnya kita extract SSH mentahan kita, terus masuk ke direktorynya

tar -xzvf openssh-5.9p1.tar.gz

cd openssh-5.9p1

4. Setelah itu kita apply patch HPN SSH nya

zcat /usr/src/openssh-5.9p1-hpn13v12.diff.gz | patch
Proses patching sedang berjalan, nggak lama kok.

5. Kalau udah, kita configure SSH yang telah di patch tadi

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam
(Jangan cuman pake ./configure , soalnya ujungnya failed biasanya rolling on the floor)

6. Jangan langsung di make dan make install. Kita hapus dulu config SSH sebelumnya biar tidak konflik

rm /etc/ssh/ssh_config
rm /etc/ssh/sshd_config

7. Nah, sekarang baru kita make terus make install.

make
make install
Nanti bakalan ada beberapa file exist, biarin aja soalnya beberapa file seharusnya tidak di replace

8. Selanjutnya menambahkan port untuk port yg akan kita gunakan, baca selengkapnya disini Add Openport

Langkah terakhir kita restart SSH nya

service sshd restart

Sekarang coba logout terus login lagi. Versi SSH nya bakalan berubah jadi SSH-2.0-OpenSSH_5.9p1-hpn13v12

Untuk step selanjutnya adalah memanage user di ssh, baca selengkapnya disini Manage user ssh



Ok sekian dulu tutorial Patch HPN di CentOS, semoga sukses semua.cybernetwork-vps.blogspot.com

Apa itu VPS?

ini ane kutip dari wiki
Server maya terdedikasi
Dari Wikipedia bahasa Indonesia, ensiklopedia bebas
Belum Diperiksa
Langsung ke: navigasi, cari

Server maya terdedikasi, (bahasa Inggris: Virtual Dedicated Server; VDS) adalah teknologi server side tentang sistem operasi dan perangkat lunak yang memungkinkan sebuah mesin dengan kapasitas besar dibagi ke beberapa virtual mesin. Tiap virtual mesin ini melayani sistem operasi dan perangkat lunak secara mandiri dan dengan konfigurasi yang cepat.
Solusi
Berbagi-pakai secara tradisional hos yang biasa kita kenal memiliki sangat banyak keterbatasan terhadap aplikasi yang berjalan karena pengguna hanya mempunyai hak akses sebagai level user biasa. Apabila pengguna ingin mendapatkan akses terhadap aplikasi dan resource yang lebih dari sekedar level pengguna biasa maka pengguna harus menggunakan ke server terdedikasi', hal ini membuat dana melonjak sangat tinggi seiring dengan mahalnya harga dedicated perangkat keras dan sewa lokasi data center. Dengan menggunakan teknologi Virtual Private Server memberikan solusi jembatan penghubung antara budget financial, resource system dan level pengguna.
Penggunaan
Sangat besar manfaat yang bisa didapatkan dengan Virtual Private Server ini, berikut hanya sedikit contoh penggunaan secara efisien dan tepat guna:
  • Web Hosting Salah satu penggunaan yang populer adalah untuk menyediakan web hosting. Virtual Private Server sangat tepat untuk level menengah dan situs web perusahaan, dimana aplikasi membutuhkan konfigurasi yang spesifik dan hanya bisa dilakukan oleh Superuser. Penggunaan ini juga cocok untuk memulai bisnis web hosting dengan anggaran yang terbatas namun layanan dengan yang berkualitas. Variasi paket Virtual Private Server memungkinkan untuk bisnis web hosting bisa dengan mudah melakukan upgrade sejalan dengan bertumbuhnya pelanggan baru.
  • Application Hosting Dengan Virtual Private Server, memungkinkan untuk membangun custom mission critical software tanpa harus mengeluarkan biaya yang terlalu mahal. Melakukan outsource development aplikasi juga sudah menjadi trend untuk menghemat biaya sehingga investasi jauh lebih efisien.
  • Development/Test Environments Virtual Private Server juga membantu untuk melakukan serangkaian development testing secara efisien, beberapa sistem operasi dan alamat IP publik dengan mudah bisa dilakukan, koneksi secara remote untuk reboot dan penggantian interface cukup dilakukan dengan cepat, sama seperti halnya mempunyai 1 rak yang penuh dengan server testing.
  • Educational Outpost Virtual Private Server menjadikan ajang untuk bereksperimen UNIX Operating System dengan berbagai macam distribusi sekaligus. Membuat proses ekperimen lebih beragam dan lebih mudah membandingkannya.
  • Backup Server Kebutuhan backup server untuk menjamin layanan selalu berjalan normal adalah sangat penting. Backup server ini bisa meliputi situs web, surel, berkas, dan basis data. Semua layanan ini berada dalam kondisi fisik dan logical yang terpisah sehingga meminimalisasi kerusakaan atau kehilangan data.

Instal Openvpn di Debian


[Debian] How to install OpenVPN on your VPS
This how to will take you through installing OpenVPN onto your VPS. This example has been done with Debian Lenny 5.0.6 and the following should be noted:
is where you should put your VPS name.
is where you should put your VPN user's name

Server Configuration

Log in to your VPS via SSH
Type "su" or "sudo -s" whichever you prefer to gain root access

To install OpenVPN:
Type "apt-get update" to ensure that the package list is up to date on the system
Type "apt-get install openvpn"

To install OpenSSL:
Type "apt-get install openssl"
Type "mkdir /etc/openvpn/easy-rsa" to make new directory
Type "cp -rp /usr/share/doc/openvpn/
examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa" to copy the files to the new folder
Type "cp -rp /usr/share/doc/openvpn/examples/sample-config-files/ /etc/openvpn/sample"

Edit vars and change variable
Type "cd /etc/openvpn/easy-rsa/" to change directory into that folder
Type "ls" to list all files in that folder
Type "nano vars" to edit the file named "vars"
Hold down Ctrl and press "w" to bring up the search function
Type "1024" and then press enter to search the file
Change "1024" to "2048"
Press "Page Down" and change the last five lines in the file which start with "export" so that your details are there
Once this is complete hold down Ctrl and press "x" to exit and when it asks if you would like to save press "y" and then enter to keep the name of the file as vars here is how mine looks:

Quote:# Increase this to 2048 if you
# are paranoid. This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=2048

# In how many days should the root CA key expire?
export CA_EXPIRE=3650

# In how many days should certificates expire?
export KEY_EXPIRE=3650

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY="GB"
export KEY_PROVINCE="London"
export KEY_CITY="London"
export KEY_ORG="All Simple"
export KEY_EMAIL="info@.allsimple.net"

Run vars to export variable "sh vars"
Type "sh vars" Run the vars script
Type "source ./vars" to execute vars script

Quote:euq1nu:/etc/openvpn/
easy-rsa# sh vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
euq1nu:/etc/openvpn/easy-rsa# source ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys

Make the certificate authority
Type "./clean-all" To remove any previous keys
Type "./build-ca" to build the certificate authority.
Press enter for each line it asks to confirm your details, but where it asks for "Common Name" this may need changing to your server name

Quote:euq1nu:/etc/openvpn/
easy-rsa# ./clean-all
euq1nu:/etc/openvpn/easy-rsa# ./build-ca
Generating a 2048 bit RSA private key
.....................+++
....................+++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:
State or Province Name (full name) [London]:
Locality Name (eg, city) [London]:
Organization Name (eg, company) [All Simple]:
Organizational Unit Name (eg, section) [euq1nu]:
Common Name (eg, your name or your server's hostname) [All Simple CA]:euq1nu
Email Address [info@.allsimple.net]:

Type "./build-key-server
Press enter for fields to confirm and leave the "A challenge password" and "An optional company name" fields blank
Answer "y" to the next two questions to sign the certificate

Quote:euq1nu:/etc/openvpn/
easy-rsa# ./build-key-server euq1nu
Generating a 2048 bit RSA private key
..............................
.........+++
..........................................................................................
.+++
writing new private key to 'euq1nu.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:
State or Province Name (full name) [London]:
Locality Name (eg, city) [London]:
Organization Name (eg, company) [All Simple]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) [euq1nu]:
Email Address [info@.allsimple.net]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/
openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'GB'
stateOrProvinceName :PRINTABLE:'London'
localityName :PRINTABLE:'London'
organizationName :PRINTABLE:'All Simple'
commonName :PRINTABLE:'euq1nu'
emailAddress :IA5STRING:'info@.allsimple.ne
t'
Certificate is to be certified until Jan 5 13:07:40 2021 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

Add VPN clients
Type "./build-key "
Press enter again for fields to confirm and leave the "A challenge password" and "An optional company name" fields blank. A different key is needed for each VPN client
Answer the two questions with "y" to sign the certificate

Quote:euq1nu:/etc/openvpn/
easy-rsa# ./build-key charlotte
Generating a 2048 bit RSA private key
....+++
..............................
...............+++
writing new private key to 'charlotte.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:
State or Province Name (full name) [London]:
Locality Name (eg, city) [London]:
Organization Name (eg, company) [All Simple]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) [charlotte]:
Email Address [info@.allsimple.net]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/
openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'GB'
stateOrProvinceName :PRINTABLE:'London'
localityName :PRINTABLE:'London'
organizationName :PRINTABLE:'All Simple'
commonName :PRINTABLE:'charlotte'
emailAddress :IA5STRING:'info@.allsimple.ne
t'
Certificate is to be certified until Jan 5 14:46:49 2021 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

Create Diffie-Hellman (DH) settings for key exchange
Type "./build-dh" This allows sharing between peers. This will take a long time to complete, depending on your amount of memory

Quote:euq1nu:/etc/openvpn/
easy-rsa# ./build-dh
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
........................................................................................................+............+......................................................................................................................+...
...........
....................................................................................................................................................+...........................................................................................
.............
.........................................................................................................................................+...+................................................+..........+......................................
..........
..............................+........................................................+........................................................................................................................................................
............
.........+..............................................................................+...............................+.......................................................................................................................
.........+.
.............................................+............................................................................................................................................................+..........................+..........
...........
............................................................................................................................+................................+.........................................................................+........
...........
...................................................................................................................................................................................+...+........................................................
............
.............................................................................................+..................................................................................................................................................
.............
...........................................................................+..................................................................................................+......+...............................+..........................
...........
................................+..........................................................................+....................................................................................................................................
..+.........
.........................................................+..........................................+.....+.................................................................+...................................................................
...........
........+.....................................................................+...............................................................+.............................+........................+..........................................
..........
.....................................................................................+.............................................................................................................+........+...................................
...........
..+..............................+.....................................................................................................................+...........................................................++*++*

Now copy relevant files and place in the correct folder

Type "cd keys" to change directory into that folder
Type "ls" to list the files in that folder
Type "cp .key /etc/openvpn/"
Type "cp .crt /etc/openvpn/"
Type "cp ca.crt /etc/openvpn/"
Type "cp dh2048.pem /etc/openvpn/"
Type "cd ../.." to change up two directories

Create OpenVPN config and edit
Type "cd sample" to change directory
Type "gunzip server.conf.gz"
Type "nano server.conf" to edit that file

Hold Ctrl and press "w" to search
Type "server.crt" to search
Change "server.crt" to ".crt"
On the line below change "server.key" to ".key"

Hold Ctrl and press "w" to search
Type "dh dh" to search
On that line change "dh1024.pem" to "dh2048.pem"

Quote:# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see "pkcs12" directive in man page).
ca ca.crt
cert euq1nu.crt
key euq1nu.key # This file should be kept secret

# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh1024.pem 1024
# Substitute 2048 for 1024 if you are using
# 2048 bit keys.
dh dh2048.pem

Hold Ctrl and press "w" to search
Type "client-to" to search
Remove the ";" from the start of that line

Quote:# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
client-to-client

Hold Ctrl and press "w" to search
Type "max-" to search
Remove the ";" from the start of that line
Hold Ctrl and press "x" to exit and press "y" and enter to save file as "server.conf"
Type "cp server.conf /etc/openvpn" to copy that file to that folder

Quote:# The maximum number of concurrently connected
# clients we want to allow.
max-clients 100

Create client config and edit
Type "nano client.conf" to edit file
Hold Ctrl and press "w" to search
Type "-1" to search
On the line below, change "my-server-1" to your IP address of your VPS

Quote:# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 92.48.64.128 1194
;remote my-server-2 1194

Hold Ctrl and press "w" to search
Type "client.crt" to search
Change "client.crt" to ".crt"
On the line below change "client.key" to ".key"
Hold Ctrl and press "x" to exit and press "y" and enter to save file as "client.conf"

VPN Client Configuration

Below is the configuration on setting up your VPN client on Linux.
If you have disabled root login, then you should copy the following files to your user, and use instead of , or temporarily allow root login

Type "apt-get install openvpn" and press enter to accept
Type "cd /etc/openvpn" to go to that directory
Type "scp root@:/etc/openvpn/easy-rsa/keys/.crt ." and answer yes to both questions and type the root password for the server

Each copy should look like this:

Quote:internal:/etc/openvpn# scp root@92.48.64.128:/etc/openvpn/easy-rsa/keys/
charlotte.key .
root@92.48.64.128's password:
charlotte.key 100% 1675 1.6KB/s 00:00

Type "scp root@:/etc/openvpn/
easy-rsa/keys/.key ." and type password
Type "scp root@:/etc/openvpn/
easy-rsa/keys/ca.crt ." and type password
Type "scp root@:/etc/openvpn/sample/client.conf ." and type password again

Test that the VPN can be connected to
Go back to your VPN server terminal and
Type "openvpn server.conf" to start up the VPN so it can be connected to

It should show similar to this:

Quote:euq1nu:/etc/openvpn# openvpn server.conf
Sat Jan 8 16:45:15 2011 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Sat Jan 8 16:45:15 2011 Diffie-Hellman initialized with 2048 bit key
Sat Jan 8 16:45:15 2011 /usr/bin/openssl-vulnkey -q -b 2048 -m
Sat Jan 8 16:45:15 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Jan 8 16:45:15 2011 ROUTE default_gateway=92.48.64.128
Sat Jan 8 16:45:15 2011 TUN/TAP device tun0 opened
Sat Jan 8 16:45:15 2011 TUN/TAP TX queue length set to 100
Sat Jan 8 16:45:15 2011 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sat Jan 8 16:45:15 2011 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Sat Jan 8 16:45:15 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jan 8 16:45:15 2011 Socket Buffers: R=[110592->131072] S=[110592->131072]
Sat Jan 8 16:45:15 2011 UDPv4 link local (bound): [undef]:1194
Sat Jan 8 16:45:15 2011 UDPv4 link remote: [undef]
Sat Jan 8 16:45:15 2011 MULTI: multi_init called, r=256 v=256
Sat Jan 8 16:45:15 2011 IFCONFIG POOL: base=10.8.0.4 size=62
Sat Jan 8 16:45:15 2011 IFCONFIG POOL LIST
Sat Jan 8 16:45:15 2011 Initialization Sequence Completed

Go to your client and
Type "openvpn client.conf" to allow the client to access the VPN. This should start the communication between the two.

Installing for client use with Windows
Download OpenVPN GUI (http://openvpn.se/) and install
Download the following four files:

client.conf
ca.crt
.crt
.key

to your computer into Program Files\OpenVPN\Config and rename to client.conf to client.ovpn
Then you should be able to connect to the VPN

 http://cybernetwork-vps.blogspot.com

Menambah port di VPS


sdikit info buat kalian yg sudah atau akan memakai layanan vps dr kami,ini langkah2 dasar untuk merubah port2 tertentu dr service ssh di vps.

1.login root ssh melalui ssh client smacam tunnelier atau putty.

2.lalukan update dan uprade vps dg cara ketik : apt-get update && apt-get upgrade (debian)
yum update (centos)
biarkan proses berlangsung,bila ada pesan Y/N pilih Y dan biarkan proses berlangsung sampe sukses.

3.ketik lg nano /etc/ssh/sshd_config
cari baris Port 22
masukkan Port 443 atau brapa pun port yg di mau di bawah Port 22.

*untuk HPN perhatikan gambar dibawah ini, perhatikan yg tidak ada tanda # didepannya yg mana aja


4.tekan tombol Ctrl dan X lalu Y dan enter buat save hasil settingan sshd_config td.


4.restart ssh dg cara ketik printah service sshd restart

-5.cek apakah port2 yg kita buka sudah benar2 terbuka dg cara ketik printah netstat -ntlp
perhatikan port2 yg muncul itu adalah port yg terbuka di vps tersebut.

N.B

vps ner os centos biasanya tidak menyediakan text editor nano sebagai bawaan,jd harus di install manual dl dg printah
yum install nano
baru nan bisa leluasa di pae buat edit2

---semoga info ini bisa membantu bagi kalian yg belum memahami cara merubah port ssh di vps----
http://cybernetwork-vps.blogspot.com 

Manajemen user SSH di VPS


1.seperti biasa,lakukan login root melalui ssh lalu buat group ssh nya dg cara ketik : addgroup nama_grupnya
misal addgroup cybernetwork atau groupadd cybernetwork

2.setelah group tercipta,saatnya memasukkan user2 nya ke dalam group itu dg cara ketik :
useradd -G groupnya usernya
misal : useradd -G cybernetwork cyb
lalu
usermod -s /bin/false

3.buatkan password untuk sang user dg cara : passwd usernya
misal : passwd cyb
masukkan passwordnya lalu masukkan ulang kembali passwordnya,biarkan same kluar pesan update password succesfully.

4.selesai.

N.B
buat ngecek apakah user sudah berada di group yg kita buat atau tidak, ketik aja id usernya,misal id cyb lau enter
bila keluar pesan bla bla bla cyb group cybernetwork,selamat anda sudah sukses.
atau bisa jg dengan command
cat /etc/group
untuk melihat group dan usernya

mudah bukan melakukan majamen user ssh di vps??
smoga tutorial sederhana ini bisa membantu

http://cybernetwork-vps.blogspot.com

Panduan patch hpn SSH di Debian


1.rubah repo dg cara nano /etc/apt/sources.list
kasih tanda # di 2 baris repo paling atas.

2.copas ini ke bawah nya :

deb http://ftp.us.debian.org/debian squeeze main contrib non-free
deb http://ftp.us.debian.org/debian squeeze-updates main contrib non-free
deb http://security.debian.org/ squeeze/updates main contrib non-free

lalu save

3.lakukan apt-get update && apt-get upgrade

4.install dependency :

apt-get install zlib1g-dev libpam-dev libssl-dev openssl build-essential

5.ktik cd /root

6.donlod source :

wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-5.5p1.tar.gz

donlod manual hpn patch nya lalu uplod mlalui sftp di tunnelier,taruh dlm 1 folder dg openssh yg akan kita patch dan install

http://www.psc.edu/networking/projects/hpn-ssh/

pilih yg : openssh-5.5p1-hpn13v9.diff.gz
kl sudah slesai sgera uplod,lalu lanjut langkah

7.ekstrak openssh source tarball dg cara :

tar -xzvf openssh-5.5p1.tar.gz

8.masuk ke directory hasil ekstrakan :

cd openssh-5.5p1

9.apply patch HPN SSH :

zcat ../openssh-5.5p1-hpn13v9.diff.gz | patch

10.configure SSH :

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam

hapus config

rm /etc/ssh/ssh_config

rm /etc/ssh/sshd_config

11.install hpn ssh

make && make install

12.restart ssh service

13.rubah port ssh lg krna bgitu instalasi sukses mk port kembali ke 22 :

nano /etc/ssh/sshd_config

tambahin aja Port2 yg di butuhin,biarin port 22 ada tanda # di depannyahapus tanda # di depan bagian tcp bufering,hpn disable no dan buffering 2048
lalu save

14.restart ssh :

service ssh restart

15.cek open port :

netstat -ntlp atau netstat -ntulp

16.login kl berhasil ada kata2 openssh-5.5p1-hpn13v9 = gant3nk 8)

Mengganti password root

Bagaimana cara mengganti password root dengan perintah SSH

Jika kita punya Dedicated Server atau Virtual Dedicated Server ataupun Virtual Private Server (VPS) yang sudah terinstall OS, misalkan Linux centOS. Kemudian root password nya ingin diganti dengan password yang baru. Berikut adalah cara mengganti root password VPS / Dedicated Server melalui SSH command.
Setelah anda login root SSH:
root[~]# passwd
enter
kemudian masukkan password root baru , enter
masukkan lagi password konfirmasi ulang, enter
Demikian selesai sudah mengganti root Password Server anda.

Cara mengganti port SSH linux centOS

Cara mengganti port SSH sebagai berikut :

1. Login ke SSH dengan menggunakan putty
2. Ketikkan perintah : nano /etc/ssh/sshd_config
 #       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
3. Dari contoh di atas, Anda cukup perhatikan yang saya beri warna merah. Anda cukup ganti “#Port 22” dengan “Port 505” jika Anda ingin mengubahnya menjadi port 505. Seperti contoh di bawah ini :
#       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.
Port 505
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
Kemudian tekan tombol CTRL + X untuk menyimpan.
4. Lalu restart SSH dengan perintah : /etc/init.d/sshd restart
5. Tutup Putty Anda, lalu cobalah login lagi ke SSH dengan port 505.
Demikian selesai sudah kita mengganti port default SSH menjadi custom port SSH yang kita inginkan pada VPS atau Dedicated Server sendiri. Selamat Mencoba pada akun VPS anda!