Differences

This shows you the differences between two versions of the page.

--- wiki:obsolete:lenny-complete-edition [2010/03/10 21:44]
romy
+++ — (current)
@@ Line 1: / Line 1: @@
-==== Installation ====
-=== Adding the needed Debian Repository to your system ===
-To get started you'll need to configure your local system to access the official X2go Debian repository. Please keep in mind that this installation manual will guide you through the installation on a Debian Lenny system. The repository will offer you packages for i386, amd64 and powerpc architectures.
-Commands printed inside the yellow boxes have to be entered in a command line client (please use /bin/bash as operating shell).
-Before starting to edit your system configuration, you'll need to add the needed GPG keys of the repository. Please switch to an user which has administrator privileges on your system in your preferred command line client:
-<code>
-# su
-</code>
-The following commands will ensure that your system will be able to work with the repository key:
-<code>
-# gpg --keyserver wwwkeys.eu.pgp.net --recv-keys C509840B96F89133
-# gpg -a --export C509840B96F89133 | apt-key add -
-</code>
-Please edit the file /etc/apt/sources.list with your preferred editor (in this example “vi”) and add the X2go repository as a new line:
-<code>
-# vi /etc/apt/sources.list
-</code>
-Dark blue boxes like the one below will show you the content of text files. In this case the lines which have to be added to “/etc/apt/sources.list”:
-<file>
-# X2go Repository
-deb http://x2go.obviously-nice.de/deb/ lenny main
-</file>
-Please perform an update on your debian package database:
-<code>
-# apt-get update
-</code>
-After the update you should be able to access the x2go packages via the apt command:
-<code>
-# apt-cache search x2go
-</code>
-Congratulations, you are now able to access the x2go packages. You may continue by installing x2goclient, x2goserver-one or x2goserver.
-=== Installing X2goserver-ONE (One Node Edition) ===
-X2goserver-ONE is a meta package which will install an x2goserver for a single host. This meta package will take care of configuring your system and you'll be able to use it after very short time. This “One Node Edition” fits perfectly inside virtual machines and on single PC's. An unlimited number of users can access this PC – but you won't be able to use multi server features like “load balancing”.
-<code>
-# apt-get install x2goserver-one
-</code>
-Depending on the already installed packages, this command will add additional software to your computer. Please make sure that the following packages are installed: SSHFS, FUSE and SQLIGHT3.
-Congratulations – you are now able to access your PC with the help of a  configured x2goclient.
-<code>
-# apt-get install sshfs
-</code>
-:!: **Warning!**
-> If you add further users to your system, please make sure that they are part of the posix group “x2gousers”, so that they are able to log into the X2go system.
-:!: **Warning!**
-> If you would like to use the file system sharing option of X2go, you'll need to make sure that those users also are part of the posix group “fuse”. This membership is also needed by x2goprint.
-=== Installing x2goprint (low bandwith capable print service) ===
-:!: **Warning!**
-> This print service is intended for use on low bandwith networks – like internet connections or GSM connections. You won't need it inside normal networks – except for the case that you want to use printers which are directly connected to the (thin-)clients. X2goprint can be used with x2goserver-one, x2goserver-home and x2goserver (full features).
-You'll need a running cups printing server to use X2goprint. You can use an existing cups server on your network or you can install a cups server on the same machine X2goserver is running on. The x2go cups engine is installed this way (in this example on the same machine):
-<code>
-# apt-get install cups-x2go
-</code>
-In any case, you'll need to install x2goprint on every server running X2goserver. You can install it by executing:
-<code>
-# apt-get install x2goprint
-</code>
-The package “x2goprint” will add an user to the system and will configure the sudoers daemon by extending the file /etc/sudoers. After the installation, you are able to add a new printer to the cups system named “x2goprinter”. As device you should select the “Virtual x2go Printer”(vendor: “generic”/model: “Generic CUPS-X2GO Printer”).
-You may configure further options by editing the file “/etc/cups/cups-x2go.conf”.
-== Using X2goprint on a centralized cups server ==
-If you would like to run X2goserver and the cups service on different machines, you'll need to generate a pair of SSH keys. Please make sure that you are logged in as user “root” on the system running the cups service and add the following folders:
-<code>
-# mkdirhier /root/.x2go/ssh/.x2goprint/
-</code>
-Now you can generate the keys:
-<code>
-# ssh-keygen -N "" -t dsa -f /root/.x2go/ssh/.x2goprint/id_dsa
-</code>
-The public part of the key (/root/.x2go/ssh/.x2goprint/id_dsa.pub) needs to be added to the x2goprint user's “authorized_keys” file on the x2goserver(s). You can do this with your favourite editor. Please make sure, that you've chosen the right user and system:
-<code>
-x2goprint@localhost:~$ cat id_dsa-pub >> ~/.ssh/authorized_keys
-</code>
-Every x2goserver running X2goprint needs to be known by the cups server. Regarding your name resolution type, you'll need to add the host names for example to the local /etc/hosts file. Please test if you are able to reach the x2goservers by entering the following command:
-<code>
-# ssh -i  /root/.x2go/ssh/.x2goprint/id_dsa x2goprint@x2goserver1
-# ssh -i  /root/.x2go/ssh/.x2goprint/id_dsa x2goprint@x2goserver2
-</code>
-=== Installing X2goserver (complete version)===
-If you would like to use the full featured version of x2goserver, you'll need to configure X2goserver by yourself. There are a lot of different possibilities to install X2goserver in a network of existing services. This manual will describe  the installation on clean and freshly installed systems. The full featured version of X2goserver is needed, if you are planing to use more than one server and those servers should be configured as a server group. This setup will need a PostgreSQL server to store X2go related session information. If you'll continue installation, you'll further need an LDAP server. You can start the installation by installing the base server package:
-<code>
-# apt-get install x2goserver
-</code>
-Depending on the already installed packages, this command will add additional software to your computer. Please make sure that the following packages are installed: SSHFS and FUSE. You'll further need a PostgreSQL server running in your network. You may use the same server you are installing X2goserver on. If you want to do so, please enter:
-<code>
-# apt-get install postgres
-</code>
-== Setting login permissions ==
-Please make sure that every user which should be able to log into the x2go system is part of the posix group “x2gousers”. You can add an user to the “x2gousers” group by executing following command:
-<code>
-# adduser username x2gousers
-</code>
-== Configuriung the file sharing option ==
-If you would like to use the file sharing option of x2go, you'll need to install SSHFS:
-<code>
-# apt-get install sshfs
-</code>
-You will also need to check the permissions an add the selected users to the “fuse” group.
-== Installing the database ==
-X2goserver will need a database to store session information. You'll only need one PostgreSQL server in your network to do this job. If you plan to run X2goserver and PostgreSQL on the same machine, you'll need to install PostgreSQL with the following command:
-<code>
-# apt-get install postgresql
-</code>
-The database itself will be installed by a simple shell script:
-<code>
-# cd /usr/lib/x2go/script
-# ./x2gocreatebase.sh
-</code>
-== Using an existent database server on the network ==
-If you want to use an already existent PostgreSQL database server in your network, you'll need to allow the x2goserver(s) access to the database server.
-First of all, you'll need to tell the address of the target server to every x2goserver:
-<code>
-# echo -n „address of postgres server“ > /etc/x2go/sql
-</code>
-Furthermore you'll need to allow “passwordless” authentication via SSH keys. Please don't add a “paraphrase” to the generated key:
-<code>
-# mkdirhier /root/.x2go/ssh/.pg
-# ssh-keygen -t das -f /root/.x2go/ssh/.pg/id_dsa
-</code>
-To copy the public part of the key to the PostgreSQL server, you may use the “ssh-copy-id” command to combine transfer and paste command, or you can paste the key after transferring it by yourself:
-<code>
-# cat id_dsa-pub >> ~postgres/.ssh/authorized_keys
-</code>
-You can test the needed connection by entering following command:
-<code>
-# ssh -i /root/.x2go/ssh/.pg/id_dsa postgres@server
-</code>
-You'll also need to run the “x2gocreatebase.sh” script as described before on the database server to create the needed instance.
-=== Installation of the LDAP Tools ===
-:!: **Warning!**
-> The following manual will guide you through the installation of the x2go LDAP tools. This will add multi server functionalities, a messaging service and other extensions to a x2goserver. You'll also be able to use additional graphical administration tools. Please be careful – the commands will alter your system configuration. Be prepared and backup your system!
-You can use every directory service which can handle InetOrgPerson, PosixAccount, and SambaAccount (optional) schemas. This manual describes the installation on OpenLDAP servers.
-You'll start the installation by installing the x2goldaptools package and the graphical administration modules:
-<code>
-# apt-get install x2goldaptools \
-x2gouseradministration x2gohostadministration \
-x2gosystemadministration x2gogroupadministration
-</code>
-As a dependency, openldap will be installed, too. You may ignore any configuration dialogues during the installation. You'll build new configuration files during the configuration process.
-== Configuring name resolution ==
-X2go uses the host name of the machines for identification. Please ensure that the command hostname, the env variable $HOSTNAME and other name resolution services return the same value:
-<code>
-# echo $HOSTNAME
-</code>
-Enter the host names and IP addresses of all servers into the /etc/hosts file (or the used name resolution service).
-<code>
-# echo "192.168.0.1 x2goserver.local x2goserver" >> /etc/hosts
-</code>
-== Installation of the samba schemata (optional) ==
-If you would like to use the OpenLDAP server also to store samba accounts, you should install the smb extension. You may use the graphical x2go administration tools to administrate the smb groups and the boolean permission of an account to allow smb login.
-<code>
-# cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz \
-/etc/ldap/schema
-# cd /etc/ldap/schema
-# gunzip samba.schema.gz
-</code>
-== Generate LDAP configuration ==
-:!: **Warning!**
-> The script “genconf” will produce a new LDAP configuration and will change existing configuration files. Please back up your /etc directory to avoid any problems. If you have an existing LDAP Server with existing users and groups – don't use this script!
-Change into the directory containing the “genconf” script:
-<code>
-# cd /usr/share/x2goldaptools/config/
-</code>
-The “genconf” script will create new configuration files for your /etc directory. If you execute it without any options, you'll get information about the command syntax:
-<code>
-#./genconf
-</code>
-//Output://
-Usage: ./genconf <LDAP URI> <organization> <country> <domain> <netbiosname> [LDAPMASTER URI]
-The script will accept the HOSTNAME of the LDAP server, the name of your organisation, your country shortcut, a name for the smb domain and a netbios name for the samba server configuration file.
-“LDAPMASTER URI” is an optional key to replicate a local LDAP server from a given master server. An example command could look like this:
-<code>
-# ./genconf elzar planetexpress de smbgroup elzar
-</code>
-“elzar” is the HOSTNAME of the local x2goserver and should be identical to the environment variable “$HOSTNAME”.
--O Before going on, you should make an backup of your /etc directory:
-<code>
-# tar cfvz backup_of_etc.tar.gz /etc/
-</code>
-Rename the file /etc/pam_ldap.conf (symbolic link):
-<code>
-# mv /etc/pam_ldap.conf /etc/pam_ldap.bak
-</code>
-The next step will copy the newly generated configuration files into your real /etc directory. **You should not do this without a valid backup!**
-<code>
-# cp -r /usr/share/x2goldaptools/config/etc/ /
-</code>
-== Generating SSL Certificates (for OpenLDAP) ==
-Change into the script directory:
-<code>
-# cd /usr/share/x2goldaptools/script/
-</code>
-Here you will find helper scripts for the creation of SSL certificates. Those are needed for secure LDAP communication between the clients and the LDAP server. Please take care when answering the questions after you'll run the makeCA command. You'll have to remember the “PEM phrase” to sign further certificates. The prompted question **“Common Name”** should be answered by the local **HOSTNAME**.
-<code>
-# ./makeCA
-</code>
-//Output / Input://
-Enter PEM pass phrase:*********
-Verifying - Enter PEM pass phrase:*********
------
-Country Name (2 letter code) [AU]:**de**
-State or Province Name (full name) [Some-State]:**bavaria**
-Locality Name (eg, city) []:**treuchtlingen**
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:**planetexpress**
-Organizational Unit Name (eg, section) []:**spacedelivery**
-Common Name (eg, YOUR name) []:**elzar**
-Email Address []:**prof.farnsworth@planetexpress.de**
-Please enter the following 'extra' attributes
-to be sent with your certificate request
-A challenge password []:
-An optional company name []:
-Using configuration from /usr/lib/ssl/openssl.cnf
-Enter pass phrase for ./demoCA/private/./cakey.pem:*********
-Check that the request matches the signature
-Signature ok
-Certificate Details:
-Serial Number: 0 (0x0)
-Validity
-...
-...
-Write out database with 1 new entries
-Data Base Updated

X2Go - everywhere@home

User Tools

Site Tools

Differences

Page Tools