Linux Hard Disk Encryption With LUKS [ cryptsetup Command ]

Linux encryption methods

There are two methods to encrypt your data:

#1: Filesystem stacked level encryption

1. eCryptfs - It is a cryptographic stacked Linux filesystem. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decrypted with the proper key in the Linux kernel keyring. This solution is widely used, as the basis for Ubuntu's Encrypted Home Directory, natively within Google's ChromeOS, and transparently embedded in several network attached storage (NAS) devices.
2. EncFS -It provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. You can find links to source and binary releases below. EncFS is open source software, licensed under the GPL.

#2: Block device level encryption

1. Loop-AES - Fast and transparent file system and swap encryption package for linux. No source code changes to linux kernel. Works with 3.x, 2.6, 2.4, 2.2 and 2.0 kernels.
2. Truecrypt - It is free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X and Linux.
3. dm-crypt+LUKS - dm-crypt is a transparent disk encryption subsystem in Linux kernel v2.6+ and later and DragonFly BSD. It can encrypt whole disks, removable media, partitions, software RAID volumes, logical volumes, and files.

In this post, I will explain how to encrypt your partitions using Linux Unified Key Setup-on-disk-format (LUKS) on your Linux based computer or laptop.

Step #1: Install cryptsetup utility

You need to install the following package. It contains cryptsetup, a utility for setting up encrypted filesystems using Device Mapper and the dm-crypt target. Debian / Ubuntu Linux user type the following apt-get command:
# apt-get install cryptsetup
Sample outputs:

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  cryptsetup-bin libcryptsetup4
Suggested packages:
  busybox
The following NEW packages will be installed:
  cryptsetup cryptsetup-bin libcryptsetup4
0 upgraded, 3 newly installed, 0 to remove and 7 not upgraded.
Need to get 168 kB of archives.
After this operation, 669 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ap-northeast-1.ec2.archive.ubuntu.com/ubuntu/ precise/main libcryptsetup4 amd64 2:1.4.1-2ubuntu4 [55.8 kB]
Get:2 http://ap-northeast-1.ec2.archive.ubuntu.com/ubuntu/ precise/main cryptsetup-bin amd64 2:1.4.1-2ubuntu4 [32.2 kB]
Get:3 http://ap-northeast-1.ec2.archive.ubuntu.com/ubuntu/ precise/main cryptsetup amd64 2:1.4.1-2ubuntu4 [80.0 kB]
Fetched 168 kB in 0s (268 kB/s)
Preconfiguring packages ...
Selecting previously unselected package libcryptsetup4.
(Reading database ... 25374 files and directories currently installed.)
Unpacking libcryptsetup4 (from .../libcryptsetup4_2%3a1.4.1-2ubuntu4_amd64.deb) ...
Selecting previously unselected package cryptsetup-bin.
Unpacking cryptsetup-bin (from .../cryptsetup-bin_2%3a1.4.1-2ubuntu4_amd64.deb) ...
Selecting previously unselected package cryptsetup.
Unpacking cryptsetup (from .../cryptsetup_2%3a1.4.1-2ubuntu4_amd64.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Setting up libcryptsetup4 (2:1.4.1-2ubuntu4) ...
Setting up cryptsetup-bin (2:1.4.1-2ubuntu4) ...
Setting up cryptsetup (2:1.4.1-2ubuntu4) ...
update-initramfs: deferring update (trigger activated)
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-3.2.0-31-virtual

RHEL / CentOS / Fedora Linux user type the following yum command:
# yum install cryptsetup-luks

Step #2: Configure LUKS partition

WARNING! The following command will remove all data on the partition that you are encrypting. You WILL lose all your information! So make sure you backup your data to an external source such as NAS or hard disk before typing any one of the following command.

In this example, I'm going to encrpt /dev/xvdc. Type the following command:
# cryptsetup -y -v luksFormat /dev/xvdc
Sample outputs:

 
WARNING!
========
This will overwrite data on /dev/xvdc irrevocably.
 
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
Command successful.
 

This command initializes the volume, and sets an initial key or passphrase. Please note that the passphrase is not recoverable so do not forget it.Type the following command create a mapping:
# cryptsetup luksOpen /dev/xvdc backup2
Sample outputs:

Enter passphrase for /dev/xvdc:

You can see a mapping name /dev/mapper/backup2 after successful verification of the supplied key material which was created with luksFormat command extension:
# ls -l /dev/mapper/backup2
Sample outputs:

lrwxrwxrwx 1 root root 7 Oct 19 19:37 /dev/mapper/backup2 -> ../dm-0

You can use the following command to see the status for the mapping:
# cryptsetup -v status backup2
Sample outputs:

/dev/mapper/backup2 is active.
  type:    LUKS1
  cipher:  aes-cbc-essiv:sha256
  keysize: 256 bits
  device:  /dev/xvdc
  offset:  4096 sectors
  size:    419426304 sectors
  mode:    read/write
Command successful.

You can dump LUKS headers using the following command:
# cryptsetup luksDump /dev/xvdc

Step #3: Format LUKS partition

First, you need to write zeros to /dev/mapper/backup2 encrypted device. This will allocate block data with zeros. This ensures that outside world will see this as random data i.e. it protect against disclosure of usage patterns:
# dd if=/dev/zero of=/dev/mapper/backup2
The dd command may take many hours to complete. I suggest that you use pv command to monitor the progress:
# pv -tpreb /dev/zero | dd of=/dev/mapper/backup2 bs=128M
To create a filesystem i.e. format filesystem, enter:
# mkfs.ext4 /dev/mapper/backup2
To mount the new filesystem at /backup2, enter:
# mkdir /backup2
# mount /dev/mapper/backup2 /backup2
# df -H
# cd /backup2
# ls -l

How do I unmount and secure data?

Type the following commands:
# umount /backup2
# cryptsetup luksClose backup2

How do I mount or remount encrypted partition?

Type the following command:
# cryptsetup luksOpen /dev/xvdc backup2
# mount /dev/mapper/backup2 /backup2
# df -H
# mount
See shell script wrapper that opens LUKS partition and sets up a mapping for nas devices.

Can I run fsck on LUKS based partition / LVM volume?

Yes, you can use the fsck command On LUKS based systems:
# umount /backup2
# fsck -vy /dev/mapper/backup2
# mount /dev/mapper/backup2 /backu2
See how to run fsck On LUKS (dm-crypt) based LVM physical volume for more details.

How do I change LUKS passphrase (password) for encrypted partition?

Type the following command
### see key slots, max -8 i.e. max 8 passwords can be setup for each device ####
# cryptsetup luksDump /dev/xvdc
# cryptsetup luksAddKey /dev/xvdc

Enter any passphrase:
Enter new passphrase for key slot:
Verify passphrase:

Remove or delete the old password:
# cryptsetup luksRemoveKey /dev/xvdc
Please note that you need to enter the old password / passphrase.

Check out related media

This tutorial also available in video format:

www.cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/

Read More

Install VNC Server On CentOS 6.4

In this handy tutorial, let me show you how to install vncserver on Centos 6.4 and how to  connect to this server from remote hosts.

Install Desktop Environment

Sometimes you may need the GUI to do some tasks in Linux even if that tasks are not preferred for Unix administrations .

For GNOME:

# yum groupinstall  "General Purpose Desktop" "Desktop Platform"

 For KDE:

# yum groupinstall  "KDE Desktop"

Install VNC server

# yum -y install vnc-server
Loaded plugins: fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
* base: centos.crazyfrogs.org
* epel: be.mirror.eurid.eu
* extras: centos.crazyfrogs.org
* updates: centos.crazyfrogs.org
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package tigervnc-server-module.i686 0:1.1.0-5.el6_4.1 will be installed
--> Finished Dependency Resolution

Install   Tigervnc-Server

# yum install tigervnc-server

Make vnc password for user (Ex. pirat9). Login to the user and run the following command:

$ vncpasswd
Password:
Verify:

Configure VNC configuration for new user

Edit /etc/sysconfig/vncservers file and add the user name:

VNCSERVERS="2:pirat9"

you can add more users with multiple different display size for every user.

VNCSERVERS="2:userx 3:usery 4:userz"
VNCSERVERARGS[2]="-geometry 1280x1024"
VNCSERVERARGS[3]="-geometry 1280x1024"
VNCSERVERARGS[4]="-geometry 800x600"

Make it to start automatically on every reboot and start the vnc service.

# chkconfig vncserver on

# /etc/init.d/vncserver start
Starting VNC server: 2:pirat9 xauth: creating new authority file /home/pirat9/.Xauthority
xauth: (stdin):1: bad display name "unixmen-Centos64:2" in "add" command
New 'unixmen-Centos64:2 (pirat9)' desktop is unixmen-Centos64:2
Creating default startup script /home/pirat9/.vnc/xstartup
Starting applications specified in /home/pirat9/.vnc/xstartup
Log file is /home/pirat9/.vnc/unixmen-Centos64:2.log [ OK ]

Download and install VNC viewer in your client systems and try to  connect to  your vnc server.

Enter the password and you will able to connect to your server.

Read More

network-configuration-files

Services in Linux are managed through the several configuration files. In this article we will walk through the network configuration files.

This article is the part of article series. Previous articles of this series.

IP address
How to assign IP address in Linux
Networking tools

From previous articles you have learned the basic of IP address and their associated commands. In this article we addressing associated configuration files.

This article is written for RHCE exam prospective so we are including simplified configuration files.

These configuration files determine whether networking is started during the system boot process or not. Check these files when you have trouble with network configuration in Exam.

• /etc/init.d/network
• /etc/sysconfig/network
• /etc/sysconfig/network-scripts
• /etc/sysconfig/network-scripts/ifcfg-eth0
• /etc/nsswitch.conf
• /etc/hosts
• /etc/resolv.conf

/etc/init.d/network

/etc/init.d directory store script files. You can run the scripts directly, or use the service command to start/stop. We will demonstrate both.

Sometimes by mistake you may deactivate the network interface. Or there is an unknown error in configuration. In trouble this should be first point to check.

Execute script directly

#/etc/init.d/network status

Use service command to execute script

#service network status

Output will be same in both case it should list configured and active devices. Output will give you a clue for future steps. If a main device such as eth0 is not listed as active, that explains why the network seems to be down. Try to restart the network service.

#service network restart

Any change made in IP configuration will not take place until you restart the network interface. This script will restart the network interface.

#/etc/init.d/network restart

If a restart of networking services does not solve the issue move to the next steps. Next step is to get into the configuration files.

/etc/sysconfig/network

This file contains global configuration settings.

This file specifies routing and host information for all network interfaces. 

It is used to contain directives which are to have global effect and not to be interface specific.

Directive that you should check here for is NETWORKING=[yes][no].

If directive NETWORKING is set to no then the /etc/init.d/network script doesn’t activate any network devices. It must be set to yes in order to start networking.

Directive HOSTNAME controls computer name. If you want to change computer name, change it here.

If networking still not start check the status of networking service.

If the settings next to runlevels 3 and 5 are off, that’s a problem.

To make sure a service is active in appropriate runlevels, run the chkconfig network on command.

/etc/sysconfig/network-scripts

/etc/sysconfig/network-scripts directory contain executable files based on a series of text commands. These executable files are actually scripts based on the ifup and ifdown commands customized for the network device type.

service network restart command may return with error like it in above example for eth0. In such a situation you should try to reactivate particular network device with ifup or ifdown command.

/etc/sysconfig/network-scripts/ifcfg-eth0

This file contain configuration for eth0 first network adaptor. What you see in the ifcfg-eth0 file depends on how that first Ethernet network adapter was configured.

For exam you should understand following directive

DEVICE	Type of device. for example lo=loopback adaptor, eth0= first Ethernet, eth1 second Ethernet etc.
IPADDR	Static IP Address
NETMASK	Network mask or subnet mask
NETWORK	Network ID or network address
BROADCAST	Broadcast address
GATEWAY	IP address of the default gateway
ONBOOT	specify whether the device is activated during the boot process
NAME	common name for the device
HWADDR	hardware address of network interface also known as MAC address
NM_CONTROLLED	Specify that network card should be controlled by the Network Manager service or not. If it is set to yes be sure that Network Manager running
BOOTPROTO	How IP address would be configured. dhcp for dynamic configuration, static for static ip configuration

/etc/nsswitch.conf

This file includes database search entries. It include from authentication to name services.

It includes the following entry which determines what database is search first.

When a system gets a request to search for a hostname, the preceding directive means the /etc/hosts file is searched first.

If that name is not found in /etc/hosts, the next step is to search available configured DNS servers, normally using that configured in the /etc/resolv.conf file.

/etc/hosts

This file is used to resolve hostnames that cannot be resolved any other way. It can also be used to resolve hostnames on small networks with no DNS server.

This file by default contains a line specifying the IP address of the loopback device (127.0.0.1) as localhost.localdomain.

/etc/resolv.conf

This file specifies the IP addresses of DNS servers and the search domain. Unless configured to do otherwise, the network initialization scripts populate this file.

These are the files which you need to be familiar with. So go through these files again and again until you feel comfortable.

Read More

Setup Your Own YouTube Like Website Using ClipBucket

ClipBucket is an open-source and free Multimedia Management Script used to build your own media sharing site like YouTube, Metacafe, Veoh and Hulu etc. Whether you are a small fan club or a big Multi Tier Network operator, Clipbucket will fulfill your video management needs.

In this tutorial let us build a basic Youtube like website. Here i use CentOS 6.4 32bit edition to setup this website. My hostname and IP address are server.unixmen.com and192.168.1.200/24 respectively. Change these values as per your scenario.

Prerequisites

Install Apache, MySQL, PHP and PHP modules:

[root@server ~]# yum install mysql mysql-server httpd php php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring wget unzip -y

Start/restart MySQL and Apache services now:

[root@server ~]# /etc/init.d/mysqld start
[root@server ~]# /etc/init.d/httpd start
[root@server ~]# chkconfig mysqld on
[root@server ~]# chkconfig httpd on

Create MySQL root user password:

[root@server ~]# /usr/bin/mysql_secure_installation 

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

Create MySQL database and user for ClipBucket:

[root@server ~]# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.1.69 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database clipbucketdb;
Query OK, 1 row affected (0.02 sec)

mysql> GRANT ALL PRIVILEGES ON clipbucketdb.* TO 'clipbucketadmin' IDENTIFIED BY 'centos';
Query OK, 0 rows affected (0.01 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

Open the Apache default port 80 through your firewall/router:

[root@server html]# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p udp -m state --state NEW --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 80 -j ACCEPT
-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Restart the iptables to save the changes:

[root@server html]# /etc/init.d/iptables restart

Disable SELinux and reboot your system:

[root@server ~]# vi /etc/sysconfig/selinux 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

The following prerequisties will not be found in Official repositories. So let us install additional  repositories RPMForge, EPEL and RPMFusion:

[root@server src]# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
[root@server ~]# rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm
[root@server src]# rpm -ivh http://download1.rpmfusion.org/nonfree/el/updates/6/i386/rpmfusion-nonfree-release-6-1.noarch.rpm
[root@server src]# rpm -ivh http://download1.rpmfusion.org/free/el/updates/6/i386/rpmfusion-free-release-6-1.noarch.rpm

Now install these additional prerequisites.

[root@server ~]# yum groupinstall "Development Tools"
[root@server ~]# yum install lame mencoder ffmpeg flvtool2 libogg libvorbis freetype-devel SDL-devel freeglut-devel zlib gpac -y

Open your php.ini file and set change the values as shown below. To find the php.ini file enter the command:

[root@server ~]# php -i|grep php.ini
Configuration File (php.ini) Path => /etc
Loaded Configuration File => /etc/php.ini
PHP Warning:  Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Calcutta' for 'IST/5.0/no DST' instead in Unknown on line 0

Now open the php.ini file and edit as follows:

[root@server ~]# vi /etc/php.ini 

[...]
upload_max_filesize = 500M
max_execution_time = 36000
max_input_time = 600
memory_limit = 5000M
magic_quotes_gpc = On
magic_quotes_runtime = Off
register_globals = Off
output_buffering = Off
display_errors = On
short_open_tag = On
date.timezone = Asia/Calcutta

Save and exit the file. To find your time zone navigate tohttp://www.php.net/manual/en/timezones.php.

Install PHPShield Loaders

PHPShield is an application that is used to protect the code in a 2 core files within PHPmotion. In order for PHPmotion to run, your server will need to have the PHPShield loaders correctly installed.

Download PHPShield Loaders

Find the PHP extensions directory first:

[root@server ~]# php -i|grep extension_dir
extension_dir => /usr/lib/php/modules => /usr/lib/php/modules

Now go to extension directory and download the phpshield loader. You can download the phpshield loaders here:

[root@server ~]# cd /usr/lib/php/modules/
[root@server modules]# wget http://www.phpshield.com/loaders/ixed4.lin.x86-32.zip

If you are using 64bit system, use this command instead:

[root@server modules]# wget http://www.phpshield.com/loaders/ixed4.lin.x86-64.zip

Extract and export the phpshield loader value to your php.ini file. If you are using php version 5.3, then you should export ixed5.3 extension to your php.ini file:

[root@server modules]# unzip ixed4.lin.x86-32.zip 
[root@server modules]# echo "extension=ixed.5.3.lin" >> /etc/php.ini

Finally, reboot the system once to save and activate all settings.

Install ClipBucket

Download the latest version of ClipBucket here.

Extract the downloaded file:

[root@server ~]# unzip clipbucket-2.6-r738-security-fixed-p3.zip

This will extract the ClipBucket zip file to your current directory. Copy the contents of /uploadfolder to Apache root document folder.

[root@server ~]# cp -rf upload/* /var/www/html/
[root@server ~]# cp .htaccess /var/www/html/

Now set the full permissions to the following directories:

[root@server ~]# chmod -R 777 /var/www/html/includes/
[root@server ~]# chmod -R 777 /var/www/html/files/
[root@server ~]# chmod -R 777 /var/www/html/files/conversion_queue/
[root@server ~]# chmod -R 777 /var/www/html/files/logs/
[root@server ~]# chmod -R 777 /var/www/html/files/original/
[root@server ~]# chmod -R 777 /var/www/html/files/temp/
[root@server ~]# chmod -R 777 /var/www/html/files/thumbs/
[root@server ~]# chmod -R 777 /var/www/html/files/photos/
[root@server ~]# chmod -R 777 /var/www/html/files/videos/
[root@server ~]# chmod -R 777 /var/www/html/files/mass_uploads/
[root@server ~]# chmod -R 777 /var/www/html/files/temp/install.me 
[root@server ~]# chmod -R 777 /var/www/html/images/
[root@server ~]# chmod -R 777 /var/www/html/images/avatars/
[root@server ~]# chmod -R 777 /var/www/html/images/backgrounds/
[root@server ~]# chmod -R 777 /var/www/html/images/collection_thumbs/
[root@server ~]# chmod -R 777 /var/www/html/images/groups_thumbs/
[root@server ~]# chmod -R 777 /var/www/html/includes/langs/en.lang 
[root@server ~]# chmod -R 777 /var/www/html/cache/
[root@server ~]# chmod -R 777 /var/www/html/cache/comments/
[root@server ~]# chmod -R 777 /var/www/html/cache/userfeeds/
[root@server ~]# chmod -R 777 /var/www/html/cb_install/

Begin Installation

Navigate to http://ip-address or domain-name/cb_install/ from your browser and follow the on screen instructions.

Click Continue.

It will check the files/folders permissions now, if everything seems ok, click Continue.

Enter the database name, database user and password. Click Continue.

Enter the Administrative account details and click Continue.

Enter the site name, site slogan and site URL etc and click Continue.

The registration page will appear. It is optional. You can skip and finish the installation.

Now the ClipBucket has been installed.

Post Installation

Delete the /db_install folder. And also don’t forget to change the permission of directory/includes to 755.

[root@server ~]# rm -fr /var/www/html/cb_install/
[root@server ~]# chmod -Rv 755 /var/www/html/includes/

Add the following line in your crontab as shown below:

[root@server ~]# vi /var/spool/cron/root 
* * * * * php -q /var/www/html/actions/video_convert.php
* * * * * php -q /var/www/html/actions/verify_converted_videos.php
0 0,12,13 * * * php -q /var/www/html/actions/update_cb_stats.php

Restart the cron daemon:

[root@server ~]# service crond restart

Now login to admin by clicking on Continue to Admin Area. Enter the username and password. Or navigate to http://ip-address or domain-name/admin_area from your browser.

This is how my Administration Page looks:

In this page you can create users, groups, collections and can upload media files so on. Before going further, we must do the following tasks. Go to Stats and Configurations on left pane. Click on Website Settings. Make sure you have given all the required values such aswebsite name, slogan and timezone.

After you entered everything, click Update Settings. Navigate to Uploading and Conversion Settings tab. Check the paths of all modules are correct.

Important: Double check the FFMPEG, PHP, MP4Box and Flvtool2 paths.

If you have any doubts on the settings, please refer the screenshots.

If all the values are valid click Update settings.

Navigate to Tool Box on the left pane and click Server Modules Info. If you have given the correct path in your previous steps, every modules should work as shown in the below screen shot.

That’s it. Now the initial configuration is done.

Test ClipBucket

Let us add a sample video to our media site. Go to the ClipBucket Administration area (http://ip-address/admin_area/).

Navigate to Videos -> Manage Categories. Enter the category name and description. Click Add Category.

Go to your Homepage (http://ip-address or Domain-name).

Click on Upload Video on the top right corner of your home page.

Select the videos to upload.

Enter name of the video, description etc. Click Save Data.

The uploaded data will immediately converted and uploaded to your site. Wait for few minutes. It will take a while depending upon your size of the video. You can view the status of the video on the Video Manager in your Administration Page.

Once the video conversion is finished, your video will appear on your home page. Click on the video to play. This is how my media site looks in live.

That’s it. Enjoy! For more information about ClipBucket installation and usage visit the Official wiki page.

Read More