, , , ,

Install and Setup FreeRADIUS on CentOS 5/6 and Ubuntu 11.10

 A simple tutorial to setup and configure FreeRADIUS on CentOS 5/6 and Ubuntu 11.10.

Just follow the instructions below to have your FreeRADIUS setup ready to go when used along with our WHMCS module, we have distinguished the difference between CentOS commands and Ubuntu commands:

CentOS 5:

yum install freeradius2 freeradius2-mysql freeradius2-utils mysql-server -y

CentOS 6:

yum install freeradius freeradius-mysql freeradius-utils mysql-server -y

Ubuntu:

apt-get install freeradius freeradius-mysql freeradius-utils mysql-server

They should install without any problems.

To setup MySQL run the following to set your password:

/usr/bin/mysql_secure_installation

Common problems usually arise on cPanel servers but please check our knowldgebase for fixing issues on cPanel servers, next we need to create the radius database, type:

mysql

or

mysql -uroot -p

Then enter your mysql root password to continue…

Now create the database and grant all privileges to user radius:

CREATE DATABASE radius;
GRANT ALL PRIVILEGES ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
flush privileges;

In certain situations you may need to grant remote access to mysql, to do this please follow the guide below:

Now thats done we want to import the tables for radius:

mysql> use radius;

CentOS:

SOURCE /etc/raddb/sql/mysql/schema.sql

Ubuntu:

SOURCE /etc/freeradius/sql/mysql/schema.sql
exit

Now open up CentOS:/etc/raddb/sql.conf Ubuntu: /etc/freeradius/sql.conf and enter your mysql database details you just created, Example:

# Connection info:
server = "localhost"
#port = 3306
login = "radius"
password = "radpass"

# Database table configuration for everything except Oracle
radius_db = "radius"

In /etc/raddb/radiusd.conf ensure that the line saying:

$INCLUDE sql.conf

is uncommented.

Edit /etc/raddb/sites-available/default and uncomment the line containing ‘sql’ in the authorize{} section and ‘sql’ in the accounting {} section, also uncomment ‘sql’ under session {}.

Additionally, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line containing ‘sql’ under “authorize {}” and under session {}.

Open up /etc/raddb/clients.conf set your secret to something a bit more random, example:

Change:

secret = testing123

To something like:

secret = 3c23498n349c3yt290y93b4t3

Now check to see if Radius is working ok:

CentOS:

service radiusd restart
service radiusd stop

Ubuntu:

service freeradius restart
service freeradius stop

To add clients (External VPN Servers) you would edit CentOS: /etc/raddb/clients.conf Ubuntu:/etc/freeradius/clients.conf and directly under this line:

# coa_server = coa
}

Add a block such as this:

client VPN_SERVER_IP {
secret = YOUR SECRET HERE
shortname = yourVPN
nastype = other
}

To allow external servers and software to authenticate off your FreeRADIUS, this has to be done every time you setup an external server to use this FreeRADIUS database.

Everytime you add a client or change a value in the config files you need to restart radius like this:

CentOS:

service radiusd restart

Ubuntu:

service freeradius restart

Add a test user to the radius database, first you need to login to your mysql radius database:

mysql -uroot -pyourrootpass

Switch to the radius database:

use radius;

Once there execute the below commands:

mysql> INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES (1,'test','User-Password',':=','test');

Next test the test user with radtest.

radtest test test 127.0.0.1 0 mysecret

If you see “rad_recv: Access-Accept” then your installation is working fine.

If you have any problems with FreeRADIUS you can run FreeRADIUS in debug mode to help pinpoint any issues, to do that just do the following:

CentOS:

service radiusd stop
radiusd -X

Ubuntu:

service freeradius stop
freeradius -X

Now you can see in realtime if your authentication queries are actually reaching the server or the reasons why some users may be rejected authentication.

Continue reading Install and Setup FreeRADIUS on CentOS 5/6 and Ubuntu 11.10
, ,

Install FTP service on CentOS 6 – vsftpd

 The first two letters of vsftpd stand for "very secure" and the program was built to have strongest protection against possible FTP vulnerabilities.

 

Install vsftpd

  1. Update our packages with the following command:

  yum -y update

  1. Install vsftpd and any required packages with one of the following commands:

sudo yum install vsftpd

  1. Install the FTP client, so that we can connect to an FTP server:

sudo yum install ftp

  

Configure vsftpd

  1. Once VSFTP is installed, you can adjust the configuration. Open up the configuration file:

sudo vi /etc/vsftpd/vsftpd.conf

  1. Change the Anonymous_enable to No:

anonymous_enable = NO

You need to use the letter “i” to insert/edit text, navigating with your keyboard arrows.

Prior to this change, vsftpd allowed anonymous, unidentified users to access the server files. This is useful if you are seeking to distribute information widely, but may be considered a serious security issue in most other cases.

  1. Set the local_enable option to yes.

local_enable = YES

  1. Set chroot_local_user to Yes. When this line is set to Yes, all the local users will be jailed within their chroot and will be denied access to any other part of the server.

chroot_local_user=YES

  1. Finish up by restarting vsftpd

sudo service vsftpd restart

  1. In order to ensure that vsftpd runs at boot running chkconfig:

chkconfig vsftpd on

  

Access the FTP server

You can reach an FTP server in the browser by typing the domain name into the address bar and logging in with the appropriate ID. Keep in mind, you will only be able to access the user's home directory.

ftp://example.com

Alternatively, you can reach the FTP server through the command line by typing:

 ftp example.com

Then you can use the word, "exit," to get out of the FTP shell.

Continue reading Install FTP service on CentOS 6 – vsftpd

Get time difference between two times in PHP using DateTime class

 Today in this post, we are going to see how to calculate and then get the time difference between two times in PHP.

You may notice on social media network like Facebook shows a post published “1 hour ago” or “2 minutes ago” or something like that. In that case, also, it is actually calculating the time difference. now I am going to see the easiest way of getting the time difference in PHP.

Let’s follow me…

Getting the difference between two times is a quite easy task. PHP already has the in-built DateTime class that can do it.

Below is an example where we have taken two date time string and showing it:

$time1 = new DateTime('2017-01-23 18:16:25');
$time2 = new DateTime('2019-01-23 11:36:28');
$timediff = $time1->diff($time2);
echo $timediff->format('%y year %m month %d days %h hour %i minute %s second')."<br/>";

The above PHP code will print the result that we can see below:

1 year 11 month 30 days 17 hour 20 minute 3 second

You can also print second, minutes, hours, day, month and year separately just by calling like methods from the DateTime class:

echo $timediff->s."<br/>";
echo $timediff->i."<br/>";
echo $timediff->h."<br/>";
echo $timediff->d."<br/>";
echo $timediff->m."<br/>";
echo $timediff->y."<br/>";

 

Continue reading Get time difference between two times in PHP using DateTime class

Example # date() Formatting

 <?php

// Assuming today is March 10th, 2001, 5:16:18 pm, and that we are in the
// Mountain Standard Time (MST) Time Zone

$today date("F j, Y, g:i a");                 // March 10, 2001, 5:16 pm
$today date("m.d.y");                         // 03.10.01
$today date("j, n, Y");                       // 10, 3, 2001
$today date("Ymd");                           // 20010310
$today date('h-i-s, j-m-y, it is w Day');     // 05-16-18, 10-03-01, 1631 1618 6 Satpm01
$today date('\i\t \i\s \t\h\e jS \d\a\y.');   // it is the 10th day.
$today date("D M j G:i:s T Y");               // Sat Mar 10 17:16:18 MST 2001
$today date('H:m:s \m \i\s\ \m\o\n\t\h');     // 17:03:18 m is month
$today date("H:i:s");                         // 17:16:18
$today date("Y-m-d H:i:s");                   // 2001-03-10 17:16:18 (the MySQL DATETIME format)
?>
Continue reading Example # date() Formatting
,

How to fix yum after CentOS 6 went EOL

 If for whatever reason, you are stuck with the now EOL version of the CentOS operating system, you can no longer run yum upgrade successfully. Running yum upgrade in CentOS 6 will yield the following results:

Setting up Upgrade Process
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/repo/arch combination/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/base/mirrorlist.txt
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again

Rightfully so, as the YUM repository was removed from the main CentOS update servers, no security or feature upgrades are provided.

However, not all the repositories have halted their support for CentOS 6. The GetPageSpeed repository still provides up-to-date NGINX builds and its module packages.

This may be one reason why you want yum upgrade to still work. Or simply, you are not ready to move on with a newer operating system, and willing to take the security risks associated with using the older version.

How to fix yum upgrade then?

Use the CentOS Vault repository

The CentOS Vault repositories have been around for a long time and allow you to stick to a specific CentOS x.y release even while newer ones are available. Now that there will be no newer 6.x, you can simply point your yum repository configuration to the latest 6.x that will ever be, which is 6.10.

To use the Vault repository, set up its repo configuration instead of the now defunct repositories configuration:

curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo

That’s it, everything should be functional.

Alternatively, you can manually replace the contents of the file /etc/yum.repos.d/CentOS-Base.repo with the necessary configuration.

Copy-paste the entire snippet below and hit Enter:

cat <<-'EOF' > /etc/yum.repos.d/CentOS-Base.repo
[C6.10-base]
name=CentOS-6.10 - Base
baseurl=http://vault.centos.org/6.10/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
enabled=1
metadata_expire=never

[C6.10-updates]
name=CentOS-6.10 - Updates
baseurl=http://vault.centos.org/6.10/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
enabled=1
metadata_expire=never

[C6.10-extras]
name=CentOS-6.10 - Extras
baseurl=http://vault.centos.org/6.10/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
enabled=1
metadata_expire=never

[C6.10-contrib]
name=CentOS-6.10 - Contrib
baseurl=http://vault.centos.org/6.10/contrib/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
enabled=0
metadata_expire=never

[C6.10-centosplus]
name=CentOS-6.10 - CentOSPlus
baseurl=http://vault.centos.org/6.10/centosplus/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
enabled=0
metadata_expire=never
EOF

Now you can run yum upgrade without problems. This also allows you to get to the latest release 6.10 even if you were left behind at, e.g. 6.7.

Not only yum upgrade works, but you can also install arbitrary packages as usual.

Fixing EPEL repository

curl https://www.getpagespeed.com/files/centos6-epel-eol.repo --output /etc/yum.repos.d/epel.repo

Fixing SCLO repositories

The repositories containing newer compilation software like gcc is available via Software Collections.
However, its repositories are likewise gone. Use Vault repositories instead:

yum -y install centos-release-scl
curl https://www.getpagespeed.com/files/centos6-scl-eol.repo --output /etc/yum.repos.d/CentOS-SCLo-scl.repo
curl https://www.getpagespeed.com/files/centos6-scl-rh-eol.repo --output /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo

Continue reading How to fix yum after CentOS 6 went EOL