Solved

set linux box that only computer in the club can get the data

Posted on 2006-11-22
6
218 Views
Last Modified: 2010-04-20
I have mysql database and some file in folde /home/image that I want only computer of my staff can go to up date data, I have one computer that is a server install linux fedola 3 and 10 computer of mystaff  that i want 10 computer to update my sql data base and file in folder /home/image please suggest me the methodthat  only 10 computer of my staff can update data form the server the 10 computer will update automaticly every day with difference time
0
Comment
Question by:teera
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 14

Accepted Solution

by:
ppfoong earned 250 total points
ID: 17995944

For MySQL, you need to enable tcpip socket, as well as grant user access to the IP addresses of the 10 computers.

The MySQL command is:

GRANT ALL PRIVILEGES ON *.* TO 'root'@'ip.address.of.remote.host' IDENTIFIED BY 'thepassword';
 

For the server, it would be straightforward if you have shorewall and iptables installed.

Just edit the /etc/shorewall/rules file, add in:

ACCEPT  net:ip.address.of.remote.host1       fw             all
ACCEPT  net:ip.address.of.remote.host2       fw             all
ACCEPT  net:ip.address.of.remote.host3       fw             all

and restart the shorewall service.

All other IP addresses will be denied.
0
 

Author Comment

by:teera
ID: 17996133
Hi ppfoong
the problem is I use adsl for client
0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 100 total points
ID: 17999217
In fact you have supplied very less information.

Is your MySQL server open to internet via an ADSL line ?
What OS your 10 clients use ?
Do they have fixed IP addresses ?

In fact I will suggest you to use SSH on theclients. and do a port redirection on Shorewall Firewall to allow SSH connections
and You must do a port forwarding on SSH client side. This way you can both:
- be sure that only previously authorized users (by SSH) be able to access MySQL athus this will be preventing you from attacks to your MySQL port (3306)
- SSH suppors decre file transfers so you can automate transfers on a certain time.
0
The Orion Papers

Are you interested in becoming an AWS Certified Solutions Architect?

Discover a new interactive way of training for the exam.

 
LVL 8

Expert Comment

by:John Kawakami
ID: 18000534
If possible, tunnel your traffic through OpenVPN.  That will give you a stable IP address on a fake subnetwork.  You can then open a port from a single machine in your office that tunnels all mysql traffic to the server.
0
 
LVL 14

Assisted Solution

by:ppfoong
ppfoong earned 250 total points
ID: 18000657

jk2001 is right. OpenVPN will be a solution if your users are from remote network with dynamic IP address. With OpenVPN, you establish secured VPN tunnel to your HQ, and have the option to assigned specific local VPN IP address to the client.

There is a simple GUI OpenVPN configuration interface for Windows too.

http://www.itsatechworld.com/2006/01/29/how-to-configure-openvpn/


0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 18001447
It is OK to use OpenVPN but here the user will only need to uredirect a single port and it is obvious that setting-up OpenVPN much more harder than installing PuTTY on clients. Besides SSH server is already installed in all inux Distributions. With SSH they will have a fixed address to connect too.

So I still think that using SSH port redirection is simpler to implement yet as secure as the OpenVPN solution.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question