Telnet Configure in Linux

rpm -qa grep xinetd
rpm -qa grep telnet-server
rpm -qa grep telnet

# chkconfig telnet on
# service xinetd reload
Reloading configuration: [ OK ]

Simply edit the file /etc/securetty and add the following to the end of the file:

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9

rpm -qa |grep vnc

[root@sys46 ~]# rpm -qa |grep vnc
vnc-server-4.0-11.el4
vnc-4.0-11.el4



chkconfig --level 345 vncserver on

[root@sys46 ~]# chkconfig --level 345 vncserver on

==================================================
edit /etc/sysconfig/vncservers

uncomment
------
VNCSERVERS="1:root 2:oracle"
VNCSERVERARGS[1]="-geometry 800x600"

------

[root@sys46 .vnc]# cat /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the line below to start a VNC server on display :1
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see
# .

VNCSERVERS="1:root"
VNCSERVERARGS[1]="-geometry 800x600"

======================================================

[root@sys46 .vnc]# vncserver :1

You will require a password to access your desktops.

Password:
Verify:

New 'sys46.doyen.in:1 (root)' desktop is sys46.doyen.in:1

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/sys46.doyen.in:1.log

=======================================================
edit $HOME/.vnc/xstartup

Uncomment
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc


Add following lines
xhost +
gnome-session &
------------------------------

[root@sys46 .vnc]# cat xstartup
#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
xhost +
gnome-session &
twm &

=========================================================
[root@sys46 .vnc]# vncserver -kill :1
Killing Xvnc process ID 21329


[root@sys46 .vnc]# vncserver :1

New 'sys46.doyen.in:1 (root)' desktop is sys46.doyen.in:1

Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/sys46.doyen.in:1.log

==========================================================

download http://www.realvnc.com/download.html

FTP configure in Linux
rpm -qa grep vsftprpm -qa grep xinetd
chkconfig --level 345 vsftpd on
# /etc/init.d/vsftpd startStarting vsftpd for vsftpd: [ OK ]
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.

Installing Step Oracle Red hat Linux 4.x
1. Boot the server using the first CD.
You may need to change your BIOS settings to allow booting from the CD.
2. The boot screen appears with the boot: prompt at the bottom of the screen.
Select Enter to continue with a graphical install on the console
The installer scans your hardware, briefly displays the Red Hat splash screen, and then begins a series of screen prompts.
3. Language Selection
Accept the default.
4. Keyboard Configuration
Accept the default.
5. Welcome Screen
Click on Next.
6. Disk Partitioning Setup
Manual Partitions(160 GB HDD,RAM 2GB)
- swap 4GB
- /boot 1GB
- / (Balance)
7. Boot Loader Configuration
Accept the default.
8. Network Configuration
Check the Configure using DHCP box,
9. Firewall Configuration
For the purposes of this walk-through, no firewall is configured. Select No firewall
Select Disabled on the "Enable SELinux" drop down list.
Click on Proceed when the "Warning - No Firewall" window appears.
10. Additional Language Support
Accept the default.
11. Time Zone Selection
Asia Calcutta.
12. Set Root Password
Enter a password for root, redhat.
13. Package Installation Defaults
Select Customize software packages to be installed.
14. Package Group Selection
Select only the package sets shown here and leave all others unselected.
Desktop
X Window System
Gnome
Applications
Graphical Internet (optional)
Servers
Do not select anything in this group.
Development
Development Tools
System
Administration Tools
System Tools
Add the package 'sysstat' by clicking on the Details link and selecting "sysstat - The sar an iostat system monitoring commands."
Miscellaneous
Do not select anything in this group.
Click on Next to proceed.
15. Installing Packages
Software will be copied to the hard disk and installed. Change disks as prompted.
16. Congratulations
Remove the installation media from the system, and click on Reboot .
17. The system automatically reboots and presents a new welcome screen.
Click on Next.
18. License Agreement
select Yes, I agree to the License Agreement and click on Next.
19. Date and Time
Set the Date and Time.
20. Display
Accept the defaults or change as required.
21. Red Hat Login
Enter your Red Hat Network login and password or create a new one.
22. System User
Create an account for yourself (User Name : sysadmin Password : sys@admin).
23. Additional CDs
Click on Next.
24. Finish Setup
Click on Next.
25. A graphical login screen appears.
26. Congratulations! Your RHEL4 software is now installed.

Refer to the Red Hat Installation Guide.)

Create Certificate and Configuring SSL in Oracle Apps 11i


OS : Redhat Linux 4.5
Apps : 11i(11.5.10.2)
Webserver : Apache

Set ths following environment varibles
export SCRIPT_TOP=$COMMON_TOP/admin/scripts/sar_sys45
export APACHE_TOP=/oracle/app/apps/sarora/iAS/Apache
export OPENSSL_TOP=/oracle/app/apps/sarora/iAS/Apache/open_ssl
export OPENSSL_CONF=$OPENSSL_TOP/bin

Edit in XML file ===> APPL_TOP/admin
set the %s_url_protocol variable to https
set the %s_local_url_protocol variable to https
set the %s_webentryurlprotocol variable to https
set the %s_frmConnectMode variable to https
set the %s_webssl_port variable to the Apache SSL port required
set the %s_active_webport variable to the same value as that for the %s_webssl_port variable
set the %s_webport variable to the same value as that for the %s_webssl_port variable
set the %s_web_ssl_directory variable to point to the full directory path of the directory that is to contain the .crt and .key files that you are using for Apache
eg <$COMMON_TOP>/admin/certs/apache
set %s_apps_portal_url variable to https

Stop Apps services

Run AutoConfig

mkdir sslcert
chmod 0700 sslcert
cd sslcert
mkdir certs private
echo '100001' >serial
touch certindex.txt


openssl req -x509 -newkey rsa:1024 -keyout private/cakey.pem -out cacert.pem -days 10000 -config openssl.cnf

ls -lrt
-rw-r--r-- 1 applmgr dba 963 Apr 17 20:24 cakey.pem
-rw-r--r-- 1 applmgr dba 1273 Apr 17 20:24 cacert.pem
openssl req -nodes -new -x509 -keyout apache.key -out apache_request.pem -days 3650 -config openssl.cnf
# Note : give common name your url name (for example sys43.doyen.in)
-rw-r--r-- 1 applmgr dba 1273 Apr 17 20:26 apache_request.pem
-rw-r--r-- 1 applmgr dba 891 Apr 17 20:26 apache.key
openssl x509 -x509toreq -in apache_request.pem -signkey apache.key -out apache.csr
-rw-r--r-- 1 applmgr dba 2180 Apr 17 20:26 apache.csr
openssl ca -config openssl.cnf -policy policy_anything -out apache.crt -infiles apache.csr
-rw-r--r-- 1 applmgr dba 920 Apr 18 14:36 apache.crt


cp -f apache.crt /oracle/app/apps/testora/iAS/Apache/Apache/conf/ssl.crt/server.crt
cp -f apache.key /oracle/app/apps/testora/iAS/Apache/Apache/conf/ssl.key/server.key
cp -f cacert.pem /oracle/app/apps/testora/iAS/Apache/Apache/conf/ca.crt

Start apps services

Run root user for appache start for https

sh $COMMON_TOP/admin/scripts/_/adapcctl.sh start

ex : sh /oracle/app/apps/testcomn/admin/scripts/TEST_sys43/adapcctl.sh start

----------------------------------------------------------------------------------------
openssl x509 -subject -in apache.crt
openssl x509 -noout -text -in apache.crt
openssl s_client -connect host.domain:sslport

Refer Metalink Doc
123718.1 ==> 11i: A Guide to Understanding and Implementing SSL for Oracle Applications
300969.1 ==> Troubleshooting SSL with Oracle Applications 11i

Create Certificate and Configuring SSL in Redhat Linux 4.5

mkdir /sslcert
chmod 0700 sslcert
cd /sslcert
mkdir certs private
echo '100001' >serial
touch certindex.txt
touch openssl.conf
Edit openssl.cnf
Copy the bellow content of "###End openssl"
=====================================================================
#
# OpenSSL configuration file.
#

# Establish working directory.

dir = /sslcert

[ ca ]
default_ca = CA_default

[ CA_default ]
serial = $dir/serial
database = $dir/certindex.txt
new_certs_dir = $dir/certs
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match

[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req

[ req_distinguished_name ]
# Variable name Prompt string
#------------------------- ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64

# Default values for the above, for consistency and less typing.
# Variable name Value
#------------------------ ------------------------------
0.organizationName_default = My Company
localityName_default = My Town
stateOrProvinceName_default = State or Providence
countryName_default = US

[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always

[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash

#
###End openssl
#
=====================================================================

openssl req -x509 -newkey rsa:1024 -keyout private/cakey.pem -out cacert.pem -days 10000 -config openssl.cnf
openssl req -nodes -new -x509 -keyout apache.key -out apache_request.pem -days 3650 -config openssl.cnf
# Note : give common name your url name (for example sys43.doyen.in)
openssl x509 -x509toreq -in apache_request.pem -signkey apache.key -out apache.csr
openssl x509 -req -days 10 -in apache.csr -signkey apache.key -out apache.crt

/etc/httpd/conf

cp -f apache.crt /etc/httpd/conf/ssl.crt/server.crt
cp -f apache.key /etc/httpd/conf/ssl.key/server.key
cp -f cacert.pem /etc/httpd/conf/ca.crt

Restart Your Apache ....
==================================================
Check
openssl x509 -subject -in apache.crt
openssl x509 -noout -text -in apache.crt
openssl s_client -connect host.domain:sslport

kernel.shmall = 2097152
kernel.shmmax=4294967295
kernel.shmmni = 4096
kernel.sem = 256 32000 100 142
fs.file-max = 206173
kernel.msgmnb=65535
kernel.msgmni=2878
net.ipv4.ip_local_port_range = 10000 65000
net.core.rmem_default=262144
net.core.wmem_default=262144
net.core.rmem_max=262144
net.core.wmem_max=262144