Editing /etc/named.conf

Whether you are using Linux on the desktop or as a server, it's still good that you're using Linux. Linux related questions go here.

Moderator: General Moderators

Post Reply
mikebr
Forum Contributor
Posts: 243
Joined: Sat Sep 28, 2002 7:05 am

Editing /etc/named.conf

Post by mikebr »

I have a small dedicated linux server with WHM, on checking my server domain at:

http://www.dnsreport.com/

I found out that I had "Open DNS servers' and they suggested I correct this, so on asking my dedicated support if this was a problem they suggested I do the following:
Edit your /etc/named.conf file and add the following line within the options{} section:

recursion no;

Then restart the nameserver
Can anyone enlighten me as to how I might edit this file? I have accessed the server using:

ssh -l root [IP_Address]
password

from a terminal window but cannot seem to get to open the file for editing, would someone mind explain how I access this file to edit it or point me to a URL where I might find this information?

I guess I might need to use sudo or similer but do not want to try until I make sure.

Tried a google but can't seem to find out How to actually edit the file.

Thanks in advance
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

I'd be amazed if you were allowed to login as root over ssh, so I'm going to assume that you log-in as your own user account and either use sudo or su to switch to root.

Assuming the file is where they say it is, all you should need to do is:

Code: Select all

pico /etc/named.conf
If you are not root:

Code: Select all

sudo pico /etc/named.conf
...
mikebr
Forum Contributor
Posts: 243
Joined: Sat Sep 28, 2002 7:05 am

Post by mikebr »

I'd be amazed if you were allowed to login as root over ssh
Why do you say this, would it be a security issue if I was?

Tried both suggestions but can't seem to be able to save the edited file, I wonder if this is my lack of knowledge using terminal and pico!

Thanks for the suggestions.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

mikebr wrote:
I'd be amazed if you were allowed to login as root over ssh
Why do you say this, would it be a security issue if I was?
All I'd have to do is brute force the password and I've just taken over your server. If root is not allowed to login via ssh, you would first have to brute force the user's password, then once you get into the system (as a user, not admin) you would have to brute force the root password.. It won't stop people from getting in, but it will definitely slow them down..
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

mikebr wrote:
I'd be amazed if you were allowed to login as root over ssh
Why do you say this, would it be a security issue if I was?
I'm not sure why he/she said "amazed" but yes, generally it's seen as a security hole for the reasons posted by ~nickd among other more obvious ones (watching the password being typed etc).
mikebr wrote:Tried both suggestions but can't seem to be able to save the edited file, I wonder if this is my lack of knowledge using terminal and pico!
CTRL+O saves the file (O = Output to file).
CTRL+X closes the file (it woukd ask you to save it too).

PS, for editting code and/or config files I'd usually do "pico -w filename" or "nano -w filename" so that the lines don't wrap when typing since it can have a damaging effect in these scenarios.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

d11wtq wrote:
mikebr wrote:
I'd be amazed if you were allowed to login as root over ssh
Why do you say this, would it be a security issue if I was?
I'm not sure why he/she said "amazed" but yes, generally it's seen as a security hole for the reasons posted by ~nickd among other more obvious ones (watching the password being typed etc).
He :)

I'd be amazed because on every installation of sshd I've seen, PermitRootLogin was set to No by default, so the server admin would have to turn it on manually...
d11wtq wrote:PS, for editting code and/or config files I'd usually do "pico -w filename" or "nano -w filename" so that the lines don't wrap when typing since it can have a damaging effect in these scenarios.
I didn't know this... I've always been annoyed by the constant wrapping that pico "enforces" I'll have to remember that one...
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

nickvd wrote:
I didn't know this... I've always been annoyed by the constant wrapping that pico "enforces" I'll have to remember that one...
That's what you have alias 'pico'='/usr/bin/pico -w' for ;)
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Are you saying that's set by default?, it's not on both my linux boxen (it is now, but it wasn't ;))
mikebr
Forum Contributor
Posts: 243
Joined: Sat Sep 28, 2002 7:05 am

Post by mikebr »

Thanks for the information everyone.
Post Reply