Month: November 2014

   Yesterday morning WordPress 4.0.1 came. They say it is an update for fixing security issues, especially XSS. I encourage you to update to the version immediately if its not updated automatically. When I read “An extremely unlikely hash collision could allow a user’s account to be compromised, that also required that they haven’t logged in since 2008 (I wish I were kidding).”, I laughed despite myself. But I wouldn’t be laughing (Sigh).

   CentOS7 provides SSH feature by default. After changing OS, I connected to the VPS by SSH client named TeraTerm. Of course, you can use other SSH client software, for example, PuTTY, WinSCP, etc. The default SSH server version is 6.4p1-8 now.

   The default setting was less secure because I could connect to the VPS as a root user with root-password. So I changed the settings.

   Before this, I made a public key and a private key by TeraTerm. I set a passphrase to the private key. Of course, I can make the keys on the server, but in such a case I have to have the private key via the Internet. I hate this.

||First, to edit Sudoers File||

1. Log in VPS Control Panel and click “リモートコンソール”, and then click “VNCコンソールを開く”.
2. Click “HTML5モードで開く” within 60 seconds. QEMU pop-up in another window.
3. # usermod -G wheel centos　　<--- "centos" is one of normal users I add to the Sudoers File. # visudo
   The Sudoers File opens.
4. Search the line includes “wheel” by the command ‘/wheel’.
   If you find “#” at the head of “%wheel ALL=(ALL) ALL”, remove “#”. But I found no “#” with the head, so I had nothing to do.
   Note) How to use visudo is the same as how to use the vim editor.
5. Quit visudo.
6. # su - centos
7. $ sudo shutdown -h now
8. At the first time you use ‘sudo’, you have the followings.

   We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:

   #1) Respect the privacy of others.
   #2) Think before you type.
   #3) With great power comes great responsibility.

   And it requires your password like this.
   [sudo] password for centos:

9. You can confirm the server halted at the page “VPS ホーム”. Reboot the server.

||Second, to install the package policycoreutils-python||

1. Log on QEMU again. Install the package policycoreutils-python because I need the ‘semanage’ command for changing SSH port.
   # yum install policycoreutils-python

||Third, to change SSH settings||

1. Run TeraTerm (ttermpro.exe). Log in VPS as the user “centos” with password.
2. Drag&Drop the public key (id_rsa.pub) to TeraTerm Window. TeraTerm has SCP(Secure Copy Protocol) feature. Click “SCP” button.
3. $ mkdir .ssh
   $ chmod 700 .ssh
   $ cat id_rsa.pub > .ssh/authorized_keys
   $ chmod 600 .ssh/authorized_keys
   $ rm -f id_rsa.pub
4. $ su -
   Password:　　<--- Type the root password.
5. # vi /etc/ssh/sshd_config
   The sshd_config opens.
6. #Port22　　—>　　Port****
   #PermitRootLogin yes　　—>　　PermitRootLogin no
   PasswordAuthentication yes　　—>　　PasswordAuthentication no
    
   Overwrite and save the sshd_config.

   # systemctl restart sshd.service

   Note) **** is one of the numbers other than well-known ports. But the numbers are 0 – 65535.

7. # firewall-cmd --permanent --zone=public --add-port=****/tcp
   # firewall-cmd --reload
   # semanage port -a -t ssh_port_t -p tcp ****
8. # exit
   $ exit
   The connection is terminated.
9. Run TeraTerm (ttermpro.exe) again. Log in VPS as the user “centos” with key authentication. At the time, use the new SSH port (****) and you need the passphrase of the private key.
10. I used ‘sudo’ command via SSH.

    $ sudo firewall-cmd --list-all
    public (default, active)
    　　interfaces: eth0
    　　sources:
    　　services: dhcpv6-client ssh
    　　ports: ****/tcp
    　　masquerade: no
    　　forward-ports:
    　　icmp-blocks:
    　　rich rules:

   Mission complete!!

   By the way, I updated my PHP to 5.6.3 on Nov. 15th. ChangLog

   くりくりさん’s comment on the Japanese blog inspired me to use CentOS7 on さくらのVPS. I began to use a free trial for two weeks on 18th.

   Unfortunately, their service is only in Japanese and only for people who live in Japan. But, I think their service is well if you live in Japan. So, I’ll introduce how to register for it.

1. Go to さくらのVPS and click “お申し込み” (fig.1).
2. The page “さくら VPS のお申し込み” shows up. Click “利用規約の確認へ” (fig.2).
3. The page “以下の約款及び個人情報の取扱いについてよくご確認ください。” shows up. Print out “基本約款” and “個人情報の取扱いについて” and read them thoroughly. Check the radio button “同意する” and click “つぎへ –>” (fig.3).
4. The page “お客様の情報をご入力ください” shows up.

   

   
   Complete the forms about followings on the page. (*) things are required.
   • メールアドレス(*)：　　E-mail(*)：
   • ご契約者の種別(*)：　　Type of Contractant(*)：
   • ご契約者名(*)：　　Contractant Name(*)：　　<--- Last-name-first order.

   • 

     ご契約者名カナ(*)：　　Contractant Name カナ(*)：
   • 生年月日(*)：　　Birth Date(*)：
   • 性別(*)：　　Sex(*)：
   • 郵便番号(*)：　　Zip code(*)：
   • ご住所(*)：　　Prefecture(*)：
   • 街区名・番地等(*)：　　Address…(*)：
   • 建物名等：　　Building：
   • 電話番号(*)：（※携帯可）　　(Mobile) Phone #(*)：
   • FAX番号：　　FAX #：

   Click “つぎへ –>”.

5. The page “会員メニューへログインするためのパスワードを指定してください” shows up.
   • パスワード：　　Pasword:
   • 「ひみつ」の質問 ：　　Secret Question:　　<--- Select from the pull-down menu or you can make an original question.
   • 「ひみつ」の答え：　　Answer:

   Click “つぎへ –>”.

6. The page “サービスプラン” shows up.
   • Select さくらのVPS 1G　　<--- If you use a free trial for two weeks.
   • Select a residence 石狩/東京/大阪

   Click “つぎへ –>”.

7. The page “Payment” shows up.
   • Select 毎月払い/年払い　　monthly/yearly
   • There are several Payment Methods on the page but you can only use “クレジットカード (Credit Card)” if you use a free trial for two weeks.
   • There are some important notes on the page. Especially, the two written in red are very important.
     ・お申込から2週間後に自動で本登録になります。キャンセルの場合は、お客様にて行っていただく必要がございます。
     ・This temporary registration becomes a formally registration after 2 weeks from your application. If you want the cancellation within the trial period, you have to do it by yourself.
     ・会員メニューから「本登録」をするとキャンセルが行えなくなります。
     ・You can manually change the status of the registration from temporary to formally by your account menu. But if you did it, you lose your right about the cancellation even if your trial period doesn’t end.

   Click “つぎへ –>”.



8. The page “最終のご確認” shows up.
   This is a confirmation page. Print it out if you need.
9. The page “以下の通りお申込を受付いたしました” shows up. The page gives you the followings.
   • 会員ID　　User ID
   • プラン名　　Service Name
   • サービスコード　　Service ID
   • メールアドレス　　E-mail

   Click “会員メニューへお進みください” (fig.4).

   Now you reach your account page. Logout. The temporary registration completely.

||How to log in VPS Control Panel||

1. Go to VPSコントロールパネル and log in.
   You can find IPアドレス (IP address) and パスワード (Password) on the email “[さくらのVPS] 仮登録完了のお知らせ”.
2. パスワード変更　　Chage password　　<--- This password is for VPSコントロールパネル.

||How to install CentOS7||

1. The default OS is CentOS6, but I want to use CentOS7. So I installed it from “OS再インストール”.
2. Go to “OS再インストール” and click “カスタムOSインストールへ”.
3. Select “CentOS 7 x86_64” from the drop-down menu and click “確認 (confirm)”.
4. Click “実行 (execute)”.
5. Click “HTML5モードで開く” within 60 seconds. QEMU pop-up in another window.
6. About instllation, see CentOS 7.
   While the instillation you need to set up root-password and a normal user.
7. The instillation might take time. When it has finished, you have the message “Server disconnected…”. Buck to “VPSホーム” and boot the server (仮想サーバ操作:起動). The “ステータス (status)” is changed from “停止” to “稼働中”.
8. Now I have CentOS7 as VPS OS.

   It was in trouble during the installation that the bottom of QEMU did not appear at all. So I had to handle “Reclaim space” and “Begin Installation” with my intuition and [TAB] and [ENTER] keys. Oops!