[svlug] SSL Setup

Dan Martinez dfm at area.com
Tue Jul 3 15:45:02 PDT 2001


> I want to setup and learn SSL on my linux
> server. I tried to look for a site to simple and
> dirty way to setup the SSL on apache. So far, I
> haven't found any one yet.
> 
> Would any body know the site or any good book
> recommend on setting up the SSL and other
> security issue. I just want a simple and easy
> one.

Unfortunately, security is never simple and rarely easy. "Anyone who
says differently", as the line goes, "is selling something."

You didn't specify what protocol you wanted to use over an SSL socket.
I'll presume that you meant HTTP, since that's the most popular. I'll
further presume that you're using Apache. (And if I assumed
incorrectly on any count: your fault for not being more specific.)

mod_ssl is probably the most widely-used package for adding SSL
support to Apache:

http://www.modssl.org/

It requires the OpenSSL toolkit:

http://www.openssl.org/


Bruce Schneier's Counterpane Labs is a good source of security- and
cryptography-related news:

http://www.counterpane.com/labs.html

Schneier has also written two of the definitive books on cryptography
and security: "Applied Cryptography" and "Secrets and Lies":

http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0471117099&vm=
http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0471253111&vm=


> Also the samba configuration, I tried different
> ways, but never able to make it work.
>
> Why do I need to put a /home/userdir into fstab
> to mount the directory?
> 
> Please provide me the site URL or name of the
> book.


This is not remotely enough information for anyone to help you. It's
not even clear that these questions are necessarily about the same
subject. In requesting help on the net, it is essential that you
provide descriptions of three things:

  1. What you're attempting to do.

     Are you trying to share home directories to Windows machines?
     Specific directories? Printers?

  2. How you're attempting to do it.

     Posting excerpts of your configuration files, optionally
     supplemented by your comments, is one of the most common ways of
     describing this.

  3. What you're seeing instead of what you expected.

     Describe the problems you encounter in detail. Excerpts of
     relevant log files are frequently helpful here.

Repeated iterations of 2 and 3 are not uncommon, and describing them
all in detail is usually a productive endeavor. ("So then I tried X,
which produced behavior Y, which led me to try Z...", etc.)

As you advance, you may well find that in the course of amassing this
information, you accumulate the means to answer your own question.
That's the idea, and it's a Good Thing.

Dan




More information about the svlug mailing list