nixCraft Linux Forum

nixCraft

Linux Tech Support Forum

Howto start usermin remotely to change password

This is a discussion on Howto start usermin remotely to change password within the Mail Servers forums, part of the Mastering Servers category; Hi folks, Ubuntu 7.04 server amd64 I can't figure out how users can start usermin remotely and login their account ...


Go Back   nixCraft Linux Forum > Mastering Servers > Mail Servers

Howto start usermin remotely to change password Howto start usermin remotely to change password

Register FAQ Members List Calendar Forgotten your password? Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 11-30-2007, 01:48 PM
Member
User
  
Join Date: Sep 2007
My distro: Debian
Posts: 90
Rep Power: 2
satimis is on a distinguished road
Default Howto start usermin remotely to change password
Hi folks,


Ubuntu 7.04 server amd64


I can't figure out how users can start usermin remotely and login their account to change password.


On server, user can start usermin locally running "https://mail:20000"
login in their account and change password.


However on remote PC;
User can browse the apache-default page on server with "https://domain.com" or "http://domain.com
(remark. homepage NOT hoisted yet)


Run
https://mail.domain.com:20000
Code:
Unable to connect
https://domain.com/mail:20000/
Code:
Not Found
The requested URL /mail:20000/ was not found on this server.
Please advise how to start usermin remotely for users changing their password. TIA


B.R.
satimis
Last edited by satimis; 11-30-2007 at 02:32 PM..
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 11-30-2007, 07:58 PM
rockdalinux's Avatar
Contributors
User
  
Join Date: May 2005
Location: Bangalore
My distro: RHEL, HP-UX, Solaris, FreeBSD, Ubuntu
Posts: 581
Rep Power: 7
rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough rockdalinux is a jewel in the rough
Default
#1, firewall may be blocking access to port 20000
Code:
sudo iptables -L -n
If so, open port 20000

#2, Webmin is bind to localhost only,
Code:
sudo netstat -tulpn | grep 20000
if so bind webbin to public IP
__________________
Rocky Jr.
You may have my body & soul, but you will never touch my pride!

If you have knowledge, let others light their candles at it.

Certified to work on HP-UX / Sun Solaris / RedHat
Reply With Quote
  #3 (permalink)  
Old 11-30-2007, 09:19 PM
Member
User
  
Join Date: Sep 2007
My distro: Debian
Posts: 90
Rep Power: 2
satimis is on a distinguished road
Default
Quote:
Originally Posted by rockdalinux View Post
#1, firewall may be blocking access to port 20000
Code:
sudo iptables -L -n
If so, open port 20000
Tried "sudo iptables -F" before w/o result.


$ sudo iptables -L -n
Code:
Password:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     0    --  0.0.0.0/0            220.232.213.178     state RELATED,ESTAB
LISHED 
ACCEPT     tcp  --  0.0.0.0/0            220.232.213.178     tcp dpt:22 
ACCEPT     tcp  --  0.0.0.0/0            220.232.213.178     tcp dpt:8222 
ACCEPT     tcp  --  0.0.0.0/0            220.232.213.178     tcp dpt:8333 
ACCEPT     tcp  --  0.0.0.0/0            220.232.213.178     tcp dpt:902 
REJECT     0    --  0.0.0.0/0            220.232.213.178     reject-with icmp-po
rt-unreachable 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     0    --  220.232.213.178      0.0.0.0/0           state RELATED,ESTAB
LISHED 
ACCEPT     udp  --  220.232.213.178      0.0.0.0/0           udp dpt:53 
REJECT     0    --  127.0.0.1            0.0.0.0/0           reject-with icmp-po
rt-unreachable 
REJECT     0    --  220.232.213.178      0.0.0.0/0           reject-with icmp-po
rt-unreachable
On remote PC

https://domain.com:20000
Code:
Unable to connect
Firefox can't establish a connection to the server at domain.com:20000
Quote:
#2, Webmin is bind to localhost only,
Code:
sudo netstat -tulpn | grep 20000
$ sudo netstat -tulpn | grep 20000
Code:
tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN     5
242/perl           
udp        0      0 0.0.0.0:20000           0.0.0.0:*                          5
242/perl
Quote:
if so bind webbin to public IP
Pls advise how to do it. TIA


B.R.
satimis
Reply With Quote
  #4 (permalink)  
Old 11-30-2007, 11:51 PM
monk's Avatar
Senior Member
User
  
Join Date: Jan 2005
Location: Tibet
My distro: Debian GNU/Linux
Posts: 482
Rep Power: 5
monk will become famous soon enough monk will become famous soon enough
Default
From output it is clear that firewall is block access to 20000, to open firewall, type

First save firewall, so that you can restore the same
Code:
sudo iptables-save > current.firewall.rules
To stop firewall you need to type all following commands:
Code:
sudo iptables -X
sudo iptables -t nat -F
sudo  iptables -t nat -X
sudo  iptables -t mangle -F
sudo  iptables -t mangle -X
sudo  iptables -P INPUT ACCEPT
sudo  iptables -P FORWARD ACCEPT
sudo  iptables -P OUTPUT ACCEPT
Now you should able to connect. I recommend opeing up tcp port 20000 and reloading firewall again.
__________________
May the force with you!
Reply With Quote
  #5 (permalink)  
Old 12-01-2007, 01:56 PM
Member
User
  
Join Date: Sep 2007
My distro: Debian
Posts: 90
Rep Power: 2
satimis is on a distinguished road
Default
Hi monk,


Thanks for you advice.


Problem solved. Nothing wrong. Only ISP block ports 10000 and 20000. After their uplift "https://domain.com:20000" connects the server with the screen "Webmin, Account Information" displayed. On the screen user can change password.


Quote:
First save firewall, so that you can restore the same
Code:
sudo iptables-save > current.firewall.rules
To stop firewall you need to type all following commands:
Code:
sudo iptables -X
sudo iptables -t nat -F
sudo  iptables -t nat -X
sudo  iptables -t mangle -F
sudo  iptables -t mangle -X
sudo  iptables -P INPUT ACCEPT
sudo  iptables -P FORWARD ACCEPT
sudo  iptables -P OUTPUT ACCEPT
Noted.

Whether running;
$ sudo /etc/init.d/rc.local
to start iptables again
???

I usually do follows to restart iptables
$ sudo /etc/init.d/rc.local stop
$ sudo /etc/init.d/rc.local start


On /etc/init.d/rc.local
only 2 options available "start/stop" w/o restart/reload


Quote:
I recommend opeing up tcp port 20000 and reloading firewall again.
Iptables rules are on /etc/rc.local

Whether adding;
Code:
iptables -I INPUT 7 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 10000:20000
on the file ?

$ cat /etc/rc.local
Code:
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

#exit 0

#
# INPUT
#

# allow all incoming traffic from the management interface NIC
# as long as it is a part of an established connection
iptables -I INPUT 1 -j ACCEPT -d 220.232.213.178 -m state --state RELATED,ESTABLISHED

# allow all ssh traffic to the management interface NIC
iptables -I INPUT 2 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 22

# allow all VMware MUI HTTP traffic to the management interface NIC
iptables -I INPUT 3 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 8222

# allow all VMware MUI HTTPS traffic to the management interface NIC
iptables -I INPUT 4 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 8333

# allow all VMware Authorization Daemon traffic to the management interface NIC
iptables -I INPUT 5 -j ACCEPT -p TCP -d 220.232.213.178 --destination-port 902

# reject all other traffic to the management interface NIC
iptables -I INPUT 6 -j REJECT -d 220.232.213.178 --reject-with icmp-port-unreachable


#
# OUTPUT
#

# allow all outgoing traffic from the management interface NIC
# if it is a part of an established connection
iptables -I OUTPUT 1 -j ACCEPT -s 220.232.213.178 -m state --state RELATED,ESTABLISHED

# allow all DNS queries from the management interface NIC
iptables -I OUTPUT 2 -j ACCEPT -s 220.232.213.178 -p UDP --destination-port 53

# reject all other traffic from localhost
iptables -I OUTPUT 3 -j REJECT -s 127.0.0.1 --reject-with icmp-port-unreachable

# reject all other traffic from the management interface NIC
iptables -I OUTPUT 4 -j REJECT -s 220.232.213.178 --reject-with icmp-port-unreachable
TIA


B.R.
satimiis
Reply With Quote
  #6 (permalink)  
Old 12-01-2007, 09:06 PM
nixcraft's Avatar
Never say die
User
  
Join Date: Jan 2005
Location: BIOS
My distro: Ubuntu
Posts: 1,061
Rep Power: 10
nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute
Default
yup, add iptables rules to your /etc/rc.local file
__________________
Vivek | My personal blog
Linux Evangelist
Play hard stay cool
Reply With Quote
  #7 (permalink)  
Old 12-01-2007, 10:01 PM
Member
User
  
Join Date: Sep 2007
My distro: Debian
Posts: 90
Rep Power: 2
satimis is on a distinguished road
Default
Quote:
Originally Posted by nixcraft View Post
yup, add iptables rules to your /etc/rc.local file
Rules are already there. Tks


satimis
Reply With Quote
Reply

Bookmarks

« Seeking advice on webmail software | secure smtp and secure POP »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
how to change root password sandromax Solaris/OpenSolaris 4 10-11-2007 03:43 AM
Change root password MySQL 5 chiku Databases servers 1 01-16-2007 09:46 PM
HP UX user lock password, change password, password aging rockdalinux HP-UX 0 12-20-2006 03:36 PM
How to Change Password puppen Linux software 6 06-06-2006 02:56 PM
change password under linux Linux software 1 01-18-2006 08:38 PM


All times are GMT +5.5. The time now is 02:44 AM.

Contact Us - Linux answers from nixCraft - Archive - Top

Powered by vBulletin® Version 3.7.4 - Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36