OpenSUSE is my personal favorite of all the Linux distributions. It’s easy enough for the beginner, but can nonetheless be used to build an enterprise-class Web server, router or firewall. The online support in their forums is excellent. The configuration tool (YaST, or “Yet Another Setup Tool”) is superb. Best of all, it’s free of charge. The only cost to you is the download time and a blank CD or DVD!
In this article, I’ll use OpenSUSE to set up a simple, easy-to-use, but very secure file-sharing server. If you don’t have something like this, I’ll bet that your sales staff and their clients are sending huge files via e-mail. This not only puts a heavy load on your mail server, it’s inefficient. I’ll show you a much better way to do the job, using free software.
Step One: A Little Planning
In previous articles, we’ve discussed obtaining a separate DSL (or equivalent) service with a static IP for server use. Now we start doing useful things with that access. You could register a domain name for the IP for this first exercise (e.g., “files.myradiostation.com”), but that’s not really necessary. For this file-sharing server our clients can simply connect with the “raw” IP address.
You’ll need a reasonably late-model spare or discarded PC that will boot from a CD/DVD. I recommend at least 512 MB of RAM and 100 GB of hard-drive space — the more, the merrier. If Windows or some other OS is already on there, make sure you back it up first. (Tip: Given that hard drives are dirt cheap nowadays, just buy a new hard drive for the server. Remove the old one and store it in a safe place as your backup.)
Step Two: Download the ISO, Burn to CD
On any Internet-connected machine with a CD/DVD burner, go to www.opensuse.org and click the “Get It” button. You could download the full 4.7 GB DVD, but I’m using the Live GNOME CD ISO (a little further down on the page) for this example. It’s a “try before install” version that is much smaller, and it fits on a single CD. Also, select “direct link”; you don’t want to set up a BitTorrent unless you want other people downloading the ISO from you later.
Burn the ISO image to CD. We’re going to test SUSE on the hardware first: temporarily connect the server PC to your office network for normal Internet access. Insert the CD and boot onto it. After a few minutes, you’ll be in the GNOME desktop. The equivalent of Windows’ Start Menu is the “Computer” button in the lower left corner. Assuming that DHCP on your office network is working properly, you should have Internet access. Click on “Computer” and start the Firefox Web browser.
Step Three: Install It on Your Server PC
Now move the network cable from the server PC over to the dedicated DSL connection. We’ll set up the networking in a moment. Click the “Live Installer” icon on the GNOME desktop to do the install. The defaults will work fine, and it’ll typically take less than 15 minutes.
One note: During the installation, on the page where you enter your name and password, you’ll see a checked box that says, “Use this password for system administration.” There are arguments for having a separate root (superuser/administrator) account, but just use a decent password and leave this checked. Make sure you write down the password somewhere.
Fig. 1: Opening the SSH service port in the firewall. The machine will reboot once the installation is done; remove the CD and put it away. On the first boot, it will finish the configuration. If a window appears with a question, just select the obvious or the default (in the unlikely event that there is no obvious choice, ask in the Forum online!). Once done, OpenSUSE is now installed, and you should again end up in the GNOME desktop.
Step Four: Open the Firewall for Secure Shell (SSH)
Click the “Computer” icon at the lower left of the desktop, then click YaST (in the right column). When the YaST window appears, scroll down to the “Security And Users” section, then click on “Firewall.”
In the firewall screen (Fig. 1), select “Allowed Services” in the left column. To the right, click the dropdown box and select “Secure Shell Server.” Click the “Add” button, then “Next.” On the next screen, click “Finish” and you’re done. SSH is now open for business.
Fig. 2: Adding a new user to the server. Step Five: Add Your Users
Still in the “Security And Users” section of YaST, now click on “User And Group Management.” Click the “Add” button in the window that appears (Fig. 2) to create new users. Give each a good password, then click “OK.” Repeat this for all users who should have access to this server.
Step Six: Set Up the Networking
As discussed in a previous article (“How to Set Up Your Own Domain,” RWEE, Dec. 8, 2010, or radioworld.com, keyword “Domain”), you’ll need the provisioning sheet from your Internet Service Provider (ISP) for this. In this example, I’m setting up the server on a local network for testing. Replace my values with the ones from the sheet. Contact your ISP if you’re missing a needed value.
Open YaST again, scroll down to “Network Devices” and click “Network Settings.” The window shown in Fig. 3 will appear. Note that there are four tabs across the top: “Global Options,” “Overview,” “Hostname/DNS” and “Routing.” We’ll do these one at a time.
Global Options: The defaults are fine; uncheck the IPV6 box unless your ISP has specifically said that you need it (and they probably haven’t, not at this writing).
Fig. 3: Setting up the network. Hostname/DNS: You can enter your hostname information here, if you’ve registered a domain. If you’ve chosen “files.mybroadcast.com,” for example, you’d put “files” in the hostname box on the upper left and “mybroadcast.com” in the domain name box to the right. Otherwise, just leave it at the default. At the bottom of this screen is where you enter your ISP’s DNS server information. Use the values from your provisioning sheet.
Routing: The main thing you’ll do here is set the default IPV4 gateway to the value on your provisioning sheet, and select “eth0” as the device. Overview: I’ve saved this one for last. Select your card (again, I assume you only have one, eth0) and click “Edit.” Enter your IP address from the provisioning sheet. (As discussed previously, if you have more than one, simply choose an unused one from the sheet.)
Speaking from experience, it’s easy to accidentally close the configuration before you’ve actually finished. Simply click on “Network Settings” again and correct the missing values. Once you’re done, click the “OK” button at the bottom right. The configuration will be applied, at which point you can try browsing the Web with Firefox. If you can’t access the Web, recheck your network settings. If you continue to have issues, post the contents of your provisioning sheet in the OpenSUSE forum, describe your problem, and the helpful folks there will walk you through a solution.
Fig. 4: Drag and drop files with WinSCP. Step Seven: The Windows Clients
We’ll assume that most of your clients will be accessing this file server with Windows. The easiest way is with a free program called WinSCP (which stands for Secure Copy). It’s a free download from winscp.net. Download the installer, run it, and you’ll have a WinSCP entry in your Start menu.
When you start WinSCP, it’ll ask for the server information. Enter the IP address of your server, your username and your password. Make sure the protocol is “SFTP” (Secure FTP is a built-in component of the Secure Shell Server). Click log-in and you should get a window like the one shown in Fig. 4. This allows you to drag and drop files directly between your PC and the remote machine. Nice!
Best of all, it’s extremely secure. SSH is called “Secure Shell” for a reason: Everything, from log-in to disconnect, is completely encrypted. Assuming you’ve used a good password, SSH is very difficult to crack too, so you could even place contracts and other sensitive items in there.
Continue to play with this and become comfortable with OpenSUSE. Learn its features; read the help files for ideas. Next time, we’ll set up a fairly advanced Web server on this same machine. Until then!
Find past Radio IT Management articles under the Business tab at radioworld.com.
Stephen M. Poole, CBRE-AMD, CBNT, is chief engineer for Crawford Broadcasting in Birmingham, Ala.