12. Setting Up a Linux-Based WAN
In the last chapter, you learned how to connect your Linux system to a local-
area network or, via an Internet Service Provider, to the Internet. By doing
so, you were able to access a plethora of services provided by others,
including file transfers via FTP, web pages, email, and telnet. In this chapter
you'll learn how to set up and use several Linux wide-area network servers,
including an FTP server, a web server (Apache), an email (SMTP/POP)
server, and a dial-in shell server. These applications let you and others
access data on your Linux system from anywhere in the world via the
Internet. These applications will be most useful if your system is connected
to the Internet 24 hours a day, 7 days a week. But, even if your connection is
intermittent, you and others can access the services these applications
provide whenever the connection is active.
12.1 An FTP Server
An FTP server lets you transfer files from one system to another, via a
network. When two computers are connected to the Internet, you can use
FTP to transfer files from one to the other even though the computers are not
directly connected.
An FTP server attempts to authenticate users that request to use it. You can
configure your FTP server to accept requests only from users who have an
account on the system running the FTP server. Alternatively, you can
configure the FTP server to accept requests from anyone, via a facility
known as anonymous FTP. It's fairly simple to install and configure an
anonymous FTP server; however, hackers regularly exploit vulnerabilities in
anonymous FTP servers, breaking into systems and causing manifold
mischief. Because it's difficult to protect a system running anonymous FTP
from attack, this section does not describe the process for installing and
configuring anonymous FTP.
Selecting the Basic profile during Debian GNU/Linux installation causes
installation of a standard FTP server.
12.1.1 Testing the FTP Server

Displays the contents of the current directory of the remote
Table 12.1: Important FTP Subsystem Commands
Command Function
system.
get file
Retrieves the specified file from the remote system.
help
Displays command help information.
lcd
directory
Changes to the specified directory of the local system.
mkdir
directory
Creates the specified directory on the remote system.
put file
Stores the specified local file on the remote system.
pwd
Displays the current working directory on the remote
system.
Table 12.1: Important FTP Subsystem Commands
Command Function
quit
Exits the FTP subsystem.
rmdir
directory
Removes the specified directory from the remote system.
If your FTP server fails to respond properly, check the line you added to the
inetd.conf file. If you're unable to find an error, reboot your system. If that
fails to solve the problem, post a message to the comp.os.linux.setup
newsgroup.

Specifies what hosts and users are allowed access to what documents
and services
httpd.conf
Specifies options that govern the operation of the httpd daemon
srm.conf
Specifies how your server's documents and organized and formatted
Currently, you can place Apache configuration commands in any of these
files. However, each of these files must exist, even if it is empty; otherwise,
the httpd daemon will refuse to run. As distributed, the files contain a
default configuration. Before starting the web server, you should revise the
ServerName option of the httpd.conf file. The three following subsections
describe other options that you may wish to specify. You can scan them to
see what options are available and specify options that interest you. A more
complete description of the options is available in Apache's online
documentation. Also, the Apache web site (
provides a tutorial on Apache configuration. To change an option, simply
open the related file by using your favorite text editor, change the file as you
wish, and save the file.
The subsections assume some familiarity with HTML and web servers. If
you find that some options are obscure, don't fret; your web server will serve
ordinary HTML pages even if you set no options other than ServerName.
12.2.1.1 The access.conf file
The access.conf file specifies a default set of permissions that govern access
to documents and services. It then specifies sets of permissions that override
the default permissions for particular documents and services. The usual
practice is to specify a quite restrictive set of default permissions, relaxing
these permissions to provide access to particular documents and services.
The file contains a mixture of comments (lines beginning with #) and
directives. Comments are ignored by the server.
The default permissions are specified as follows:

Table 12.2: Special Server Features
Option Description
MultiViews
Content-negotiated MultiViews are
permitted in this directory. MultiViews
permit, for example, a client browser to
select a document in a particular language
from a set of documents.
SymLinksIfOwnerMatch
The server will follow symbolic links for
which the target file or directory has the
same owner as the link.
Unless the specification for a directory specifies AllowOverride None,
you can override the specified options by placing an .htaccess file in the
directory or one of its subdirectories. The .htaccess file can contain
specifications of the same sort as the access.conf file; the server applies the
specifications in the .htaccess file in preference to those specified in the
access.conf file.
After the restrictive default specifications come some more relaxed
specifications:
<Directory /home/httpd/html>
Options Indexes Includes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
</Directory>
These specifications apply to the directory /home/httpd/html and its
subdirectories. Here, the Indexes, Includes, and FollowSymLinks
options are specified. As for the root directory, use of .htaccess files is
forbidden, via AllowOverride None. Here, unlike the specification for