FAQ and Settings for stuff hosted at Nineteen Inch (19inch.net)

Nineteen Inch ("19inch") is Paul Sladen's consultancy and also provides various web hosting, DNS, e-mail services, shell access, vservers and other ISP-type services on a few Debian GNU/Linux boxes: hutch, starsky, columbo and some others in Nottingham and London.

If you get stuck, contact Paul Sladen by telephone (0115 922 7162) or email sladen+www@19inch.net (prefered).

If you think the name is a bit strange; the standard size for [rack-mounted] computer and telecoms equipment is nineteen inches wide.

Dialup Access

The dialup number is  0845 079 5652  which is Lo-call rate.

(If you have a shell account or dedicated/virtual server, you can logon with username@yourserver, allowing you or your customers to use dialup access with the same details as you would use for normal POP3/FTP details.

This number support 56Kb V.90, single and bonded dual ISDN.

DNS Servers

Domains hosted with 19inch, or which have DNS hosting through 19inch should be set to use the following (DNS) nameservers:

DNS Nameserver IP address (shouldn't be required) Location
starsky.19inch.net [1] 80.1.73.116 Nottingham, at Flexeprint
jasmine.wyrdweb.com 194.153.168.126 Telehouse London, Jump Networks
janeway.hambule.co.uk 195.177.252.77 Finchley, London, at Demon

[1] people with a shell accounts on muse, who are also managing their own DNS on should replace starsky.19inch.net. with muse.19inch.net. as the primary nameserver.

Having three DNS servers across three physically diverse networks, and under three seperate TLDs providers an extra degree of stability. In the event that both starsky and jasmine were to be unavailable owing to maintenance or dual failure, the externally managed box at Demon (janeway, run by Tom Bird) would still be able to supply backup MX records to ensure that email continues to flow to the true extend that it can.

This represents a considerable improvement over most ISPs who place both/all of their nameservers on consecutive IP addresses directly connected to the same network, and often the same switch/hub in the same building. If Internet access is lost to thet building, or a piece of networking hardware fails, even the information that describes backup/alternate services cannot be fetched. (eg. Diverting mail to MX backup servers).

NIC Handles

To save you typing out all our details, the companies running the top level .com/.org/.net domains use shortcuts called NIC Handles to store all our details in one nice easy one that can be changed and updated in one go.

Network Solutions: KUELFGRODO

Paul Sladen  (KUELFGRODO)               hostmaster@19INCH.NET
   Hostmaster Role
   Nineteen Inch 25 Linden
   Grove Beeston
   Nottingham
   GB
   +44-115-922-7162
   Fax- +44-115-854-5273

TotalNic: XXX00001

  Paul Sladen  (XXX00001)  totalnic@paul.sladen.org

  Nineteen Inch
  25 Linden Grove
  Beeston  Nottingham  NG9 2AD
  UK

  Tel: +44-115-854-5272
  Fax: +44-115-854-5273
    

GANDI: PS725-GANDI

person:         Paul Sladen
nic-hdl:        PS725-GANDI
address:        25 Linden Grove, Beeston
address:        Nottingham
address:        NG9 2AD
address:        United Kingdom
phone:          +44 1159227162
fax:            +44 1158545273
e-mail:         paul@sladen.org
    

RIPE: SLAY-RIPE

For `tech-c:' and `admin-c:' IP assignments.

Mail Setup

Receiving Mail (Downloading from 19 Inch)

(All the ISP type stuff is on hutch.19inch.net, so everything currently maps to the same place.)

Service Server Port (default, standard ports)
Encrypted SSL POP3 pop3.19inch.net Port 995
Plain POP3 pop3.19inch.net Port 110
Encrypted Webmail https://webmail.19inch.net/ n/a

Generally you should use your own Dialup/Broadband ISP's SMTP server which is restricted their particular customers, generally by IP address/network. Suspect you knew that already; but since I'm OK as long as people authenticate themselves somehow I've setup a few extras:

Sending Mail (to the World via 19 Inch)

Service Server Port (default, standard ports)
Plain SMTP {Your Dialup provider's mail server} Port 25
Authenicated SSL SMTP smtp.19inch.net Port 465
Authenicated SMTP smtp.19inch.net Port 25
Pop-before-SMTP [2] pop3.19inch.net Port 25

[2] This method does not use any extra authenication for *sending* using SMTP, A successful login via POP3 to fetch-down or check your mail is regarded as enough to allow you to temporarily send mail regardless. This is done by adding your IP address to the list of hosts allowed to use us as a "Smarthost" for a period of 5 minutes. Your mail software should therefore be configure to check for mail before trying to send outgoing emails to our servers.

(Forget the silly SPA `Secure Password Authenication', that's dogey and requires saving plain-text copies of passwords on the server--not good.)

Website Upload (FTP)

Websites have moved around, mostly on hutch now:

  FTP upload               ftp://username:passwd@ftp.yourdomain.co.uk
  Website                  http://www.yourdomain.co.uk
  Usage statistics         http://www.yourdomain.co.uk/usage

Telnet & SSH

We do not allow, or enable the Telnet protocol on any of our servers as it is insecure and transmits passwords in plain-text.

If you have a shell account on one of our servers, you will need to login using SSH (Unix Secure SHell) which provides for encyption of all data, including your passwords and most critically your login client.

SSH Clients

PuTTY is a very good client for Win32 Windows systems (Win95 and WinNT upwards). The program is distributed with a companion called pscp (Putty Secure CoPy) which is a Win32 console (you need to run it from one of them `DOS Box' things) version of the Unix scp; you could even rename it to scp is you wished.

Niftytelnet and MacSSH and good SSH programs for the Apple Macintosh. MacOS X is built ontop of Unix and has SSH natively built in, to use it, select a console and type ssh user@hostname.com.

OpenSSH, or a commerical version of SSH is probably installed on most Unices/GNU-Linux machines already; and chances are you're already using it if you use Unix! ;-). To install SSH onto a Debian GNU/Linux system, simply type: apt-get install ssh

Mindterm is a Java SSH client that can be useful if you are stuck in a CyberCafé and are unable to run a native SSH client. You should download and run it on your own server. (An embedded webpage can be found at muse.19inch.net/mindterm/.

Enabling Compression

SSH has the ability to do loads of magic on top of when you have logged into a remote machine (the `screen' from the remote computer will come up on your Desktop even though it is many miles away across the Interweb). One of the these features is to automatically compress the data going between you and the remote machine. We typically see 10:1 compression from the remote computer to you.

Payments

Payments should be paid in pounds sterling, electronically via bank transfer (BACS/CHAPS) or standing order. Cheques will only be accepted when they include an additional £20.00 processing fee:

Payable to Nineteen Inch
Postal Address Nineteen Inch
25 Linden Grove
Beeston
Nottingham
NG9 2AD

SSH keys (for hostmaster@19inch.net)

Sometimes we may need access to your dedicated or virtual-server; to enable this to happen safely, SSH needs to be setup on your server so we can gain access using SSH keys (this means that we don't have to know any of your passwords, or root passwords).

SSH is normally setup so that you can't log straight into root using SSH without first needing to login as a normal user and then using `su', or `sudo' to perform root commands. Access can be enabled for particular keys by setting the following line in `/etc/ssh/sshd_config' which allows for login with SSH keys, but you will still be refused if you're trying to login using a root password.

      PermitRootLogin without-password

Remember that we still have to type a password to unlock our half of the keys to enable us to login. To allow root login by our keys you should copy the contents of hostmaster-19inch-net.pub.txt into the file `/root/.ssh/authorized_keys on your server.

To check that these keys have not been tampered with, a copy of the fingerprints of the keys above has been signed with Paul Sladen's personal GPG/PGP key (0xe90cfa24). Please check the file hostmaster-19inch-net.asc.txt.