Index: openacs-4/packages/acs-core-docs/www/install-redhat.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/install-redhat.html,v diff -u -r1.13 -r1.13.2.1 --- openacs-4/packages/acs-core-docs/www/install-redhat.html 11 Nov 2003 10:28:27 -0000 1.13 +++ openacs-4/packages/acs-core-docs/www/install-redhat.html 14 Nov 2003 09:43:45 -0000 1.13.2.1 @@ -27,7 +27,7 @@

  1. Unplug the network cable from your computer. We don't want to connect to the network until we're sure the computer is secure. - + (Wherever you see the word secure, you should always read it as, "secure enough for our purposes, given the amount of work we're @@ -55,7 +55,7 @@ Review (and modify if needed) the partitions created and click Next

  2. On the pop-up window asking "Are you sure you want to do this?" click Yes - IF YOU ARE WIPING YOUR HARD DRIVE.

  3. Click Next on the boot loader screen

  • Configure Networking. + IF YOU ARE WIPING YOUR HARD DRIVE.

  • Click Next on the boot loader screen

  • Configure Networking. Again, if you know what you're doing, do this step yourself, being sure to note the firewall holes. Otherwise, follow the instructions in this step to set up a computer directly connected to the internet with a dedicated IP address.

    1. DHCP is a system by which a computer that @@ -76,7 +76,7 @@ Mail (SMTP). In the Other ports box, enter 443, 8000, 8443. Click Next. -Port 443 is for https (http over ssl), and 8000 and 8443 are http and https access to the development server we'll be setting up.

  • Select any additional languages you want the +Port 443 is for https (http over ssl), and 8000 and 8443 are http and https access to the development server we'll be setting up.

  • Select any additional languages you want the computer to support and then click Next

  • Choose your time zone and click Next.

  • Type in a root password, twice.

  • On the Package selection page, we're going to @@ -88,9 +88,9 @@ risk that's still screened by the firewall, or a resource hog. Just don't install a database or web server, because that would conflict with the database and web server we'll install later. -

    check�Editors�(this�installs�emacs),
    +

    check�Editors�(this�installs�emacs),
    click�Details�next�to�Text-based�Internet,�check�lynx,�and�click�OK;
    -check�Authoring�and�Publishing�(this�installs�docbook),
    +check�Authoring�and�Publishing�(this�installs�docbook),
    uncheck�Server�Configuration�Tools,
    uncheck�Web�Server,
    uncheck�Windows�File�Server,
    @@ -105,7 +105,7 @@ Flat View and wait. In a minute, a list of packages will appear.

    uncheck�apmd�(monitors�power,�not�very�useful�for�servers),�
    -check�ImageMagick�(required�for�the�photo-album�packages,�
    +check�ImageMagick�(required�for�the�photo-album�packages,�
    uncheckisdn4k-utils�(unless�you�are�using�isdn,�this�installs�a�useless�daemon),�
    check�mutt�(a�mail�program�that�reads�Maildir),
    uncheck�nfs-utils�(nfs�is�a�major�security�risk),�
    @@ -143,7 +143,7 @@ kernel and openssl/openssh root exploits, so you should be upgrading all of that. Since you are upgrading the kernel, reboot after this step. -

  • Lock down SSH

    1. +

    2. Lock down SSH

      1. SSH is the protocol we use to connect securely to the computer (replacing telnet, which is insecure). sshd is the daemon that listens for incoming