Linux Tutorials & Things linux

Install and Configure Exim4 for send-only email [Debian]

Set VPS Time

sudo dpkg-reconfigure tzdata

Check system FQDN

hostname -f

Set system IP & hostname

sudo nano /etc/hosts

        ...
        IPADDRESS   HOSTNAME.DOMAINNAME HOSTNAME
        ...

Install exim4 and mailutils

sudo apt-get install exim4-daemon-light mailutils

If exim4 config does not run or exim4 is already installed run;

sudo dpkg-reconfigure exim4-config

ScreenShots of config screens options not shown leave blank or as default. Change HOSTNAME to your systems hostname & set your own domain name

After configuration restart exim;

sudo service exim4 restart

Send a test email;

echo "This is a test." | mail -s "Testing" someone@somedomain.com

If errors or email not recieved check log;

sudo nano /var/log/exim4/mainlog 

Errors encountered

Error (-53): retry time not reached for any host;

/usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 1d /var/spool/exim reject > /dev/null
/usr/sbin/exim_tidydb -t 1d /var/spool/exim wait-remote_smtp > /dev/null

Error Permission Denied fix;

sudo chown -R Debian-exim /var/spool/exim4/
sudo chown -R Debian-exim /var/log/exim4

Check out the Exim4 Cheat Sheet

How to Install Baikal CalDav/CardDav Server on Debian [nginx]

This tutorial assumes you have configured NGINX and php as explained Here.

What is Baikal?

Baïkal offers ubiquitous and synchronized access to your calendars and address books over CalDAV and CardDAV. Baïkal implements the current IETF recommendation drafts of these industry standards for centralized calendar and address book collections.1

Baikal Admin Page

STEP1

Generate SSL Cert for new subdomain:
If you followed my Letsencrypt guide simply run;
Substitute YOURDOMAIN for the domain you will be using.

cd ~/letsencrypt/
sudo ./letsencrypt-auto certonly --standalone --standalone-supported-challenges http-01 -d dav.YOURDOMAIN --renew-by-default

STEP2

Install Dependencies;

sudo apt-get install sqlite3 sqlite php5-sqlite

STEP3

Configure Nginx Virtual-hosts file

sudo nano /etc/nginx/sites-available/dav.YOURDOMAINNAME

Check out my example file here

Link Virtual-hosts files;

sudo ln -s /etc/nginx/sites-available/dav.YOURDOMAINNAME /etc/nginx/sites-enabled/dav.YOURNOMAINNAME

STEP4

Make Dir and generate new dhparam (for improved SSL/TLS Security);

sudo mkdir /et/nginx/ssl/dav.YOURDOMAIN

sudo openssl dhparam -out /etc/nginx/ssl/dav.YOURDOMAIN/dhparam.pem 2048

Test Nginx Config for errors;

sudo service nginx configtest

STEP5

Make Directory ready for installing Baikal files;

sudo mkdir /var/www/dav.YOURDOMAIN

cd /var/www/dav.YOURDOMAIN

Download latest Baikal regular package;

sudo wget http://baikal-server.com/get/baikal-regular-0.2.7.tgz

sudo tar -xvzf baikal-regular-0.2.7.tgz

sudo mv baikal-regular/* .

sudo rm -rf baikal-regular

STEP6

Restart Nginx;

sudo service nginx restart

Navigate to https://dav.YOURDOMAIN/admin and complete setup;


Errors

Official Troubleshooting Document

If 403 permission errors;

    sudo chmod -R 770 /var/www/dav.YOURDOMAIN
    sudo chown www-data:www-data /var/www/dav.YOURDOMAIN -Rf

Generate SSH Key file and Configure OpenSSH

STEP 1:

Tip: Replace USERNAME with your systems user name.

Generate an Ed25519 key, and save the file as USERNAME_ssh;

ssh-keygen -t ed25519

ssh keygeneration example

Alternative - Generate a 8192bit rsa key;

ssh-keygen -t rsa -b 8192

STEP 2:

USERNAME_ssh= private key ( keep it secret, keep it safe )

USERNAME_ssh.pub= public key ( is seen by all )

Make a hidden directory in user home folder;

mkdir /home/USERNAME/.ssh

Move Public key file into the .ssh directory and name it as authorized_keys;

mv USERNAME_ssh.pub /home/USERNAME/.ssh/authorized_keys

Copy private key from current location to the users home folder ready for download;

cp USERNAME_ssh /home/USERNAME

Set owner permissions for the private key file;

chown USERNAME:USERNAME /home/USERNAME/USERNAME_ssh

Download private key file to your local machine;

SFTP COPY (run on local Linux Machine)

Copy private key to local machine;

sftp USERNAME@DOMAIN

get USERNAME_ssh

sftp login and get keyfile example

Note - Delete the private key file from the server after download;


SSH SERVER CONFIG:

We will disable root SSH logins, disable password only SSH access and define an alternative port number. Please change the port number to a random number between 20000 - 50000;

sudo nano /etc/ssh/sshd_config
  • Port XXXX
  • Protocol 2
  • RSAAuthentication yes
  • PubkeyAuthentication yes
  • PasswordAuthentication no
  • PermitRootLogin no
  • AllowUsers USERNAME
  • X11Forwarding no
  • PrintMotd yes
  • UsePAM no

These setting will not take effect until the sshd service is restarted

TEST SSH LOGON (run on local Linux Machine)

SSH Successful Login example

ssh -i PATHTOKEY USERNAME@DOMAIN -p PORTNUMBER

If logon is succesfull run;

service sshd restart

How to install Fish Shell and oh-my-fish

What is Fish ?

Fish is a fully-equipped command line shell (like bash or zsh) that is smart and user-friendly. fish supports powerful features like syntax highlighting, auto-suggestions, and tab completions that just work, with nothing to learn or configure. 1

STEP1

Install Fish from the Opensuse Debian Repo;
Check your OS version - the following commands are for Debian 8.x Jessie;

echo 'deb http://download.opensuse.org/repositories/shells:/fish:/release:/2/Debian_8.0/ /' >> /etc/apt/sources.list.d/fish.list 
apt-get update
apt-get install fish

STEP2

Change the current shell session from Bash to Fish;

fish

Set the default shell for the current user to Fish;

chsh -s /usr/bin/fish

OH-MY-FISH:

Run the following commands to Install oh-my-fish:

curl -L https://github.com/oh-my-fish/oh-my-fish/raw/master/bin/install > install

fish install

omf update

Install theme lolfish

omf install lolfish

For more information on oh-my-fish themes and other packages check out their github page

Fish shell with oh-my-fish