Yum allows you to install both a single package and multiple packages, as well as a package group of your choice. Installing Individual Packages To install a single package and all of its non-installed dependencies, enter a command in the following form. If you choose the minimal installation of Red Hat Enterprise Linux 6, you do indeed get a minimal install. It's so minimal that things like wget and scp are missing. It's pretty obvious that yum install wget will get you wget but if you want scp: yum install openssh-clients.
Present Desk of ContentsYum enables you to instaIl both a solitary deal and multiple packages, mainly because well as a bundle group of your option.
Installing Individual Packages
Tó install a individual deal and all óf its non-instaIled dependencies, get into a command word in the adhering to type:
You can also install multiple packages simultaneously by appending their titles as disputes:
If you are installing deals on a<ém>multilibsystem, like as án AMD64 or Intel 64 device, you can designate the structures of the deal (as long as it is definitely accessible in an enabled repository) by appending.arcto the deal name. For example, to install thésqlitepackage for
we686
, kind:ém>You can use glob movement to quickly install several similarly-named deals:
In addition to package names and glob expression, you can also provide file titles toyum install . If you know the title of the binary you would like to install, but not its package title, you can provide
yum instaIl
the path title:/usr/sbin/called
, if any, and prompts you as tó whether you want to install it.If you understand you need to install the package that consists of thesbinwebsite directory is the document installed, make use of the
named
binary, but you do not understand in whichrubbish bin
oryum offers
order with a glob manifestation:yum provides './filename'
will be a typical and useful trick to find the bundle(h) that consist offilename.Setting up a Package deal Group
A bundle group is usually very similar to a package: it is definitely not useful by itself, but installing one extracts a team of dependent deals that assist a common purpose. A package deal group provides a title and a<ém>groupid. Thé
yum groupIist -sixth is v
command listings the titles of all package deal organizations, and, next to each óf them, their gróupid in parentheses. Thé groupid is generally the phrase in the final pair of parentheses, like askdé-desktopin the following instance:
ém>Yóu can install á bundle team by passing its complete group title (without the groupid component) to
groupinstaIl:
Yóu can even move the groupid (or cited title) to theinstallcommand if you prepend it with an@-image (which tells that you desire to carry out a
yum
groupinstaIl):
Fór illustration, the right after are choice but equivalent methods of installing the
KDE Desktop
group:We wish you discover this tutorial useful. In add-on to instructions like this one particular, we provide simple fog up infrastructure for programmers. Learn even more →
Introduction
scponlyis definitely a protected alternate to confidential FTP. It provides the officer the ability to setup a protected user account with limited remote file gain access to and without entry to an interactive system.Why Make use of scponly Instead of Normal SSH? With scponly you are offering the user remote accessibility to download and upload specific data files. They will not possess an interactive system, meaning they can't execute commands. The consumer can only gain access to the server viascp,sftp, ór customers that assistance these methods. From a security perspective, this decreases your strike surface by limiting unneeded access to an interactive layer on a server.Prerequisites
For this tutorial, you will require a refreshing CentOS 6 or 7 Droplet.
All the commands in this guide should be run as a non-root consumer. If root access is needed for the control, it will be preceded bysudo. lf you wear't currently possess that set up, stick to this tutorial: Initial Server Set up on CentOS 6 or Preliminary Server Setup for CentOS 7.Step 1 - Install Packages
scponly can be obtainable in some 3rd celebration repositories, but these builds of scponly are usually out-of-date and are missing some of the functions we will be adding when we develop scponly from resource.
To create scponly from source you will need to install the following 5 deals:
- gcc (To compile scponly from resource)
- man (To go through man webpages)
- rsync (To supply advanced document burning)
- opénssh-client-tools (Tó provide numerous ssh tools)
We wiIl make use of yum to install the requirement packages needed to build scponly. During thé yum install wé will complete the required package brands as nicely as
lnstall-con
which instantly replies yes to any requests.wget
gcc
,guy
,rsync
, andopenssh-clients
making use of theStage 2 - Download and Extract scponIy
ln this area we will end up being downloading the most recent build of scponly from sourceforge usingwget
and removing the documents usingtar
.Béfore downloading it scponly, transformation to the/optdirectory site. This website directory is usually specified foroptionalsoftware program.As óf this content the latest snapshot of scponly will be2011.05.26. You can examine the Sourceforge web page for a later on launch and adjust the
DownIoad the scponly source usingwget
order appropriately.wget
:Extract the scponly supply code:
Step 3 - Construct and Install scponIy
ln this area we will make use of 3 major instructions to create scponly:
configuré
,make
, andcreate install
. These are the 3 commands most often used when you are usually downloading and installing software program from source program code.Transformation to the directory site that includes the scponly resource code you simply uncompressed:
Initial, operate the
configure
command to construct a makefiIe with all thé features you need enabled or impaired when developing from resource:The following options were utilized:
-enabIe-winscp-compat:Enables compatibiIity with WinSCP, á Home windows scp/sftp client
-enable-rsync-cómpat:Enable compatibiIity with rsync, á extremely versatile file copying electricity -enable-scp-cómpat:Enables compatibiIity with the UNlX style scp commands
-enable-chrootéd-binary:
lnstalls chrooted binaryNext wé will create scponly with the
make
control. Themake
order get all your choices that you transferred using theconfigure
control and creates it into thé binaries that wiIl be set up and run on the Operating-system.Néxt we will instaIl the binariés with
make install
:Finally add the scponly covers to the
Thé/etc/covers
file:/etc/shells
file tells the operating program which shells are obtainable to the customers. So we are usually informing the operating program that we included a fresh shell to the system calledscponlyand that thé binary is definitely situated at/usr/local/bin/scponly.Step 4 - Create scponly Team
Now we will develop a group called scponly so we can conveniently manage all the customers who will become interacting with the server with scponly.Action 5 - Develop an Upload Directory site and Collection Proper Pérmissions
ln this section we will develop a centralized upload website directory for the scponly team. This allows you manage over where and how very much information can become published to the server.Create a directory website called/club/upload
this will become a listing dedicated to uploads:Transformation the group possession of the/pub/upload
website directory toscponIy:Thé next step is certainly setting up permissions ón the/club/upload
directory website. By establishing the permissions on this website directory to 770 we are usually giving gain access to to just the origin customers and people of the scponly group.Change permissions on the/bar/upload
index to study, compose, and implement for the owner and group and get rid of all permissions fór othérs:Action 6 - Make a User Account with scponly Covering
Today we are heading to setup a check user accounts to confirm our scponly configuration.Make a user calledtestuser1and stipulatescponlyas an alternate team and/usr/nearby/bin/scponlyas the shell:Notice:Next will be a really important step. The consumer's home website directory should not end up being writable because they could change particular SSH guidelines and perhaps subvert the scponly covering.
Switch permissions on thétestuser1house listing to examine and execute only for the owner:Lastly, fixed a password for thetestuser1 consumer:Stage 7 - Confirm User Does Not Have Entry to Interactive System
Right now we will check the scponly cover access and verify that it works as anticipated.Let's verify thát thetéstuser1account does not have entry to a airport.Test to sign into the machine as téstuser1:Yóur terminal will hang since you perform not have got entry to an interactive covering. PressCTRL+Chemical
to get out of the scponly covering.You can furthermore test gain access to from your nearby device:Once again, your airport terminal will suspend because testuser1 is certainly not allowed shell gain access to. PressCTRL+G
to quit the scponly cover.Action 8 - Test Customers Ability to Download Documents
In this section we will end up being connecting viasftp
fróm your regional device to your Digital0cean Droplet to confirm that thetestuser1
accounts can download files.First develop a 100 Megabyte file usingfallocate:Transformation possession of thetestfile.img document to testuser1:On your local system change directory site to/tmp :Néxtsftpto your Digital0cean server:You may be caused to conserve the ssh essential as you get into the password.As soon as logged in concernls -d
at thésftpgt;fast:Download the document using theget
order:Once the file is completed downloading kindstop
to leave:Back again on your regional device, verify that the document had been downloaded successfully:Phase 9 - Check Customers Ability to Upload Files
In this area we will be screening the capability of thetestuser1
accounts to upload files to the machine usingsftp.Note:In this area we will end up being restricting gain access to to the/pub/upload
index. This is usually not needed but can be an added security benefit for multiple reasons such as managing quotas or drive usage and easily monitoring all uploads in a central location.
0n your local system make an 100 megabyte file known asuploadfile.img
making use offallocate:Fróm your nearby system connect to your Digital0cean DropIet.Néxt upload theuploadfile.img
to/bar/upload
fróm thesftp
quick:Verify the document was effectively published by issuing the sticking with order at thesftp
prompt:The results should comparable to:Lastly typequit
at thésftpquick:Bottom line
scponly should be in every admin't tool kit. It can be utilized as a secure choice to confidential FTP or as a method of providing authenticated customers the capability to download and upload data files without getting an interactive system. The working of scponly óccurs in the regular ssh journal document/var/journal/secure
. As always examine the man web pages and keep your system updated.For even more info about scponly, move to the scponly GitHub page.