Index: openacs-4/packages/acs-core-docs/www/install-redhat.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/install-redhat.adp,v diff -u -r1.5.2.11 -r1.5.2.12 --- openacs-4/packages/acs-core-docs/www/install-redhat.adp 13 Jul 2023 12:43:20 -0000 1.5.2.11 +++ openacs-4/packages/acs-core-docs/www/install-redhat.adp 1 Aug 2024 08:03:40 -0000 1.5.2.12 @@ -38,10 +38,10 @@ Unplug the network cable from your computer. We don't want to connect to the network until we're sure the computer is secure. - (Wherever you see the word secure, you -should always read it as, "secure enough for our purposes, -given the amount of work we're willing to exert and the -estimated risk and consequences.")

  • Insert Red Hat 8.0 or 9.0 Disk 1 into the CD-ROM and reboot the + (Wherever you +see the word secure, you should always read it as, "secure +enough for our purposes, given the amount of work we're willing +to exert and the estimated risk and consequences.")

  • Insert Red Hat 8.0 or 9.0 Disk 1 into the CD-ROM and reboot the computer

  • At the boot: prompt, press Enter for a graphical install. The text install is fairly different, so if you need to do that instead proceed with @@ -76,11 +76,10 @@ screen

  • -

    Configure Networking. Again, if you -know what you're doing, do this step yourself, being sure to -note the firewall holes. Otherwise, follow the instructions in this -step to set up a computer directly connected to the internet with a -dedicated IP address.

      +

      Configure Networking. Again, if you know what you're doing, do this +step yourself, being sure to note the firewall holes. Otherwise, +follow the instructions in this step to set up a computer directly +connected to the internet with a dedicated IP address.

      1. DHCP is a system by which a computer that joins a network (such as on boot) can request a temporary IP address and other network information. Assuming the machine has a dedicated IP address (if it @@ -105,8 +104,9 @@ development server we'll be setting up.

    1. -Select any additional languages you want -the computer to support and then click +Select any +additional languages you want the computer to support and then +click Next

    2. Choose your timezone and click Next.

    3. Type in a root password, twice.

    4. @@ -121,12 +121,11 @@ web server, because that would conflict with the database and web server we'll install later.

      check Editors -(this installs emacs),
      click Details next +(this installs emacs),
      click Details next to Text-based Internet, check lynx, and click OK;
      check Authoring and -Publishing (this installs -docbook),
      uncheck Server Configuration +Publishing (this installs docbook),
      uncheck Server Configuration Tools,
      uncheck Web Server,
      uncheck Windows File Server,
      check SQL Database @@ -150,7 +149,7 @@ will appear.

      uncheck apmd (monitors power, not very useful for servers),
      check ImageMagick -(required for the photo-album packages,
      uncheckisdn4k-utils +(required for the photo-album packages,
      uncheckisdn4k-utils (unless you are using isdn, this installs a useless daemon),
      check mutt (a mail program that reads Maildir),
      uncheck nfs-utils (nfs is a major security risk),
      uncheck pam-devel (I @@ -197,12 +196,12 @@

      Lock down SSH

      1. - SSH is the protocol we use to connect -securely to the computer (replacing telnet, which is insecure). -sshd is the daemon that listens for incoming ssh connections. As a -security precaution, we are now going to tell ssh not to allow -anyone to connect directly to this computer as root. Type this into -the shell:

        emacs /etc/ssh/sshd_config
        + SSH is the +protocol we use to connect securely to the computer (replacing +telnet, which is insecure). sshd is the daemon that listens for +incoming ssh connections. As a security precaution, we are now +going to tell ssh not to allow anyone to connect directly to this +computer as root. Type this into the shell:

        emacs /etc/ssh/sshd_config

      2. Search for the word "root" by typing C-s (that's emacs-speak for control-s) and then root.

      3. Make the following changes: