Security

Give this tiny 'out of the box' server suite a try

The Smallest Server Suite is free, easy to administer, and requires very little in the way of hardware. Your SMB can get TheSSS up and running in minutes.

If you need a web server, a secure shell server, or an ftp server up and running fast, you can't turn to a Microsoft product if speed and efficiency matter, or if you don't have the budget for it. In those cases, you turn to Linux. And when simplicity and speed are key, you can give The Smallest Server Suite (TheSSS) a try.

The tool is aptly named -- the entire distribution comes in at under 30 MB and includes:

  • Web server
  • SSH server
  • FTP server
  • Proxy server (Polipo)
  • Tor anonymizer
  • 4MLinux Firewall
  • Clam AntiVirus

You can have this server up and running in minutes. The best way to serve up TheSSS is either via a virtual machine or by putting the distribution on a flash drive and booting the server from that.

If you're interested in installing TheSSS on a USB drive, the best tool for that is UNetbootin. Download the ISO of TheSSS and then walk through the process of creating the bootable flash drive with UNetbootin.

If you'd rather virtualize an instance of TheSSS, you can create the virtual machine with the downloaded ISO. Regardless of the route you take, you'll have to download the ISO image and use that image for your instance of TheSSS.

Booting the image

No matter how you get your image booted, once the boot process is complete, you will be asked to set the root user password (Figure A). Figure A

Enter and then confirm your new root password for TheSSS. (Click the image to enlarge.)
After you set the root password, you will find yourself at a standard login prompt (Figure B). Figure B

TheSSS login includes a handy calendar. (Click the image to enlarge.)

Enter root as the username and the new password you set during boot. Upon successful authentication, you will be at a standard bash prompt. There is no fancy GUI or any web-based interface for TheSSS -- you're stuck with the command line. Tough it out.

Using TheSSS

Once the system is up and running and you've logged in to the server as the root user, you can start and stop services by using these commands:

  • httpd start - start the web server
  • httpd stop - stop the web server
  • httpd restart - restart the web server
  • httpd test - test the web server
  • sshd start - start the secure shell server
  • sshd stop - stop the secure shell server
  • sshd restart - restart the secure shell server
  • sshd test - test the secure shell server
  • ftpd start - start the ftp server
  • ftpd stop - stop the ftp server
  • ftpd restart - restart the ftp server
  • ftpd test - test the ftp server
  • serverd start - start all server services
  • serverd stop - stop all server services
  • serverd restart - restart all server services
  • firewall start - start the firewall
  • firewall stop - stop the firewall
  • firewall restart - restart the firewall
  • firewall test - test the firewall

Notes on specific servers

Apache
  • Files are all stored in /srv/www.
  • Point your browser to http://IP_OF_SERVER/test.php to find out what PHP modules are loaded.
  • If you run httpd test, you can test the following: Public HTML, Private HTML, CGI Script, PHP Info script.
FTP

Even after you start the ftp daemon, you won't be able to upload files (though you can download them). In order to enable the uploading of files, you must issue the command upload USERNAME (USERNAME is the actual username to be enabled for upload).

This also brings me to the issue of users. You can add new users to the system. TheSSS uses the useradd command to easily add a new user. The default command useradd USERNAME (USERNAME is the desired username) will not only add the user but the user's home directory. You will be prompted to create a password for the user upon running the command. This user's home will be in the standard /home/ directory. Once you add the new user, you can run the upload command to enable that user for uploading ftp files.

Firewall

The configuration for the firewall is handled in /etc/firewall/config. In that configuration file you can set:

  • Allow ping
  • Accept traceroute
  • Allow outgoing traffic
  • Allow incoming traffic on specific ports
  • Allow passive FTP connections
  • Configure blacklist file

The blocklist file, by default, is /etc/firewall/block.list. This file contains nothing more than a list of IP addresses you wish to block from accessing the system.

Note: The only text editor that comes with TheSSS is vi. When you need to edit a file (such as the block.list file), you will issue the command vi /etc/firewall/block.list. From that point, you need to know the basics of using the vi editor.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

2 comments
zk1234
zk1234

Nice article! One remark: TheSSS includes Midnight Commander, so no need to use vi to edit files :-)

jlwallen
jlwallen

I missed out on that fact. Good to know. Most people would have an easier time with Midnight Commander.

Editor's Picks