Category Archives: Howto Tutorials (EN)

Knowledge Network for Tutorials, Howto’s, Workaround, DevOps Code for Professionals

Remote Desktop using AnyDesk on Linux

1. 01. 2021 Don Matteo Leave a comment

AnyDesk Remote Desktop for Linux

AnyDesk Connect to a computer remotely, The remote maintenance program from the German startup company AnyDesk Software GmbH enables remote access to remote computers. A video codec specially developed for this purpose is supposed to ensure fast transmission of the screen. It is also possible to transfer files between the two PCs. AnyDesk relies on the DeskRT video codec, which was specially designed by the developers for the transmission of graphic user interfaces. Above all, AnyDesk wants to set itself apart from competing remote desktop products such as TeamViewer and co. The program leaves a tidy impression, the address book is available with a license subject to charge.

How to install AnyDesk on Windows

The installation of AnyDesk under Windows is self-explanatory, there is a video from AnyDesk to show the setup and change settings.

How to install AnyDesk on Linux

This article describes how to install AnyDesk version 6 on Linux Mint 20 x64bit. The way to install is nearly the same for all popular Linux distributions.

Download the small AnyDesk file of 3 MB and finish urgent tasks on the go with AnyDesk’s user-friendly interface. AnyDesk are installable for Linux using the debian package manager, it’s goes quick and easy with open a terminal to insert the following lines and run it.

$ cd ~/Downloads
$ curl -O https://download.anydesk.com/linux/anydesk_6.1.1-1_amd64.deb
$ sudo dpkg -i anydesk_6.1.1-1_amd64.deb

If there are errors due to dependency problems, additional packages must be installed afterwards.

package anydesk that was previously not selected is selected.
(Read Database ... 328284 Files in Folder are now installed.)
Preparing to unzip anydesk_6.1.1-1_amd64.deb ...
Failed to stop anydesk.service: Unit anydesk.service not loaded.
Unpacking from anydesk (6.1.1-1) ...
dpkg: Dependency problems prevent configuration of anydesk:
 anydesk depends on libgtkglext1; or:
  Packet libgtkglext1 not installed.
 anydesk depends on libpango1.0-0 (>= 1.14.0); or
  Packet libpango1.0-0 not installed.

dpkg: error processing package anydesk (--install):
dependency problems - leaving unconfigured
Processing triggers for gnome-menus (3.13.3-11ubuntu1.1) ...
Processing triggers for desktop-file-utils (0.23+linuxmint4) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for hicolor-icon-theme (0.17-2) ...
Errors were encountered while processing:
anydesk

The apt-get option -fix tries to provide the packages required for AnyDesk.

$ sudo apt-get install -f

The AnyDesk installation can then take place.

$ sudo dpkg -i anydesk_6.1.1-1_amd64.deb

Let’s start AnyDesk also with automatic system start.

$ systemctl start anydesk.service
$ systemctl enable anydesk.service

Installation on Fedora and Red Hat distributions goes with yum.

$ sudo yum install anydesk_6.1.1-1_amd64.rpm

The installation using yum ends with the following output in the last lines.

Installed:
   anydesk-6.1.1-1.x86_64             gtkglext-libs-1.2.0-34.fc30.x86_64             pangox-compat-0.0.2-14.fc30.x86_64            
 Finish.

anydesk_linux_desktop — Abbildung: AnyDesk Linux Desktop

As AnyDesk announced on July 15, 2019, the binaries in the current AnyDesk version are now in the repositories for the Linux distributions Debian, CentOS, Ubuntu, RedHat Enterprise Linux, Fedora and OpenSUSE.

On Debian, Ubuntu, Linux Mint or other Debian-compatible Linux distributions, open a terminal and switch to root and run the following commands to install the latest version of AnyDesk:

wget -qO - https://keys.anydesk.com/repos/DEB-GPG-KEY | apt-key add -
echo "deb http://deb.anydesk.com/ all main" > /etc/apt/sources.list.d/anydesk-stable.list
apt update
apt install anydesk

If you use RHEL, CentOS, Fedora or OpenSUSE, open a terminal become root and copy paste one of the following section suitable for your linux distribution to add the repository. Then simply install the latest version of AnyDesk with a yum or dnf command:

# for RHEL
cat > /etc/yum.repos.d/AnyDesk-RHEL.repo << "EOF"
[anydesk]
name=AnyDesk RHEL - stable
baseurl=http://rpm.anydesk.com/rhel/$basearch/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.anydesk.com/repos/RPM-GPG-KEY
EOF

# for CentOS
cat > /etc/yum.repos.d/AnyDesk-CentOS.repo << "EOF"
[anydesk]
name=AnyDesk CentOS - stable
baseurl=http://rpm.anydesk.com/centos/$basearch/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.anydesk.com/repos/RPM-GPG-KEY
EOF

# for Fedora
cat > /etc/yum.repos.d/AnyDesk-Fedora.repo << "EOF" 
[anydesk]
name=AnyDesk Fedora - stable
baseurl=http://rpm.anydesk.com/fedora/$basearch/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.anydesk.com/repos/RPM-GPG-KEY
EOF

# for OpenSUSE
cat > /etc/yum.repos.d/AnyDesk-OpenSUSE.repo << "EOF" 
[anydesk]
name=AnyDesk OpenSUSE - stable
baseurl=http://rpm.anydesk.com/opensuse/$basearch/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.anydesk.com/repos/RPM-GPG-KEY
EOF

On CentOS run yum install anydesk, on Fedora use dnf install anydesk to install the anydesk remote desktop software.

How to Install AMAVIS-NEW Content filter on Postfix

Home » Howto Tutorials (EN)

31. 12. 2020 neutrinus Leave a comment

Postfix Mail Transfer Agent Installation

Install and configuring Amavis-new on Postfix MTA

AMaViS stands for A MAil Virus Scanner and is a server-side open-source content filter for e-mails. For decoding and checking e-mails and can be considered as an interface between external content filters such as SpamAssassin, to provide protection against spam, viruses and other vulnerable malware e-mails. Amavis-new is implementet on Unixoid mail servers such as Mail Transfer Agent like Postfix.

AMaViS was written in the Unix-Shell programming language. With the further development in 2000 it was converted to Perl, from then on as amavis-new the standard interface between Mail Transfer Agents (MTA) and content filters, compatible to Postfix and interacts with the Antivirus program ClamAV and some other virus scanner. The current amavisd-new is under the GPLv2 and BSD license and also offers the possibility of integrating SpamAssassin and other filters they call Milter.

Install Amavis-new

In this tutorial we describes the installation and configuration of amavis-new. As a prerequisite, Postfix should already be available. It is assumed that Postfix is already setting up and basic skills for Postfix is well.

First step is add EPEL repository in order to install components.

$ yum update
$ yum -y install epel-release

Now install the amavis-new and ClamAV utilities.

$ yum clean all
$ yum -y install amavisd-new clamav-scanner clamav-scanner-systemd

Amavis-new configuration

We modify the following lines in the amavisd configuration. With opening in the editor of your choice. Here I use vim. if you’r not familiar with vim you can of course use nano.

$ vi /etc/amavisd/amavisd.conf

Add the changes after the comment lines.

# at line 20 set your own domain
$mydomain = 'domain.org';
# line 152 the own hostname
$myhostname = 'mail.domain.org';
# line 50 add local domain and network
@local_domains_maps = ( [".$mydomain", '.domain.org', 'next.domain.org'] );  # list of all local domains

@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 10.127.99.0/24 );
# line 58 enter the exendet ports
$inet_socket_port = 10024,10026;
# line 154 w/o uncomment
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
# line 157 change to D_PASS
$final_virus_destiny    = D_PASS;
$final_spam_destiny     = D_PASS;

If use SELinux Enforced then add the policy.

$ setsebool -P antivirus_can_scan_system 1
$ setsebool -P clamd_use_jit 1

The Clamd virus scanner can be modified by using the sed stream editor. Insert and run the following command lines in a terminal:

$ sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
$ sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Configure the Clamd configuration file /etc/clamd.d/scan.conf as follows:

# line 8 w/o uncomment
#Example
# line 14 w/o uncomment
LogFile /var/log/clamd.scan
# line 44 w/o uncomment
LogSyslog yes
# line 66 w/o uncomment
PidFile /var/run/clamd.scan/clamd.pid
# line 70 w/o uncomment
TemporaryDirectory /var/tmp
# line 85 w/o uncomment
LocalSocket /var/run/clamd.scan/clamd.sock
# line 97 w/o uncomment
FixStaleSocket yes
# line 101 w/o uncomment
TCPSocket 3310
# line 195 insert uid
User clamscan

Create the log file for Clamd and assign the UserID:

$ touch /var/log/clamd.scan
$ chown clamscan:clamscan /var/log/clamd.scan

Now download and update the antivirus detection database.

$ freshclam

Now amavis-new configuration has been completed.

Amavis-new integrating Postfix

Let’s go ahead with the integration of Postfix. The content filter can be added at any place in the Postfix file main.cf by edit using nano or vi /etc/postfix/main.cf

content_filter=smtp-amavis:[127.0.0.1]:10024

To do this, with add the interface for amavis-new at the end of the file /etc/postfix/master.cf.

smtp-amavis unix  -     -     n     -    2   smtp
 -o smtp_data_done_timeout=1200
 -o smtp_send_xforward_command=yes
 -o disable_dns_lookups=yes
 -o max_use=20

127.0.0.1:10025  inet  n  -    n    -     -   smtpd
 -o content_filter=
 -o local_recipient_maps=
 -o relay_recipient_maps=
 -o smtpd_restriction_classes=
 -o smtpd_client_restrictions=
 -o smtpd_helo_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o mynetworks=127.0.0.0/8
 -o strict_rfc821_envelopes=yes
 -o smtpd_error_sleep_time=0
 -o smtpd_soft_error_limit=1001
 -o smtpd_hard_error_limit=1000

Now restart Postfix so that the configuration takes effect.

$ systemctl restart postfix

Start amavis-new and let it start automatically at the next boot.

$ systemctl start clamd@scan
$ systemctl start amavisd.service
$ systemctl enable clamd@scan
$ systemctl enable amavisd.service

Testing Amavisd EICAR signature

Finally you can test amavisd. Note. that during download and installing amavis-new, with the use of an UTM firewall able to detect and blocking them. The conclusion arise the download are prevented because of contains the virus test signature, because the EICAR test signature should not by capsulated.

To do this, will go to the path /usr/share/doc/amavisd-new-*/test-messages and execute the following line in terminal shell, so that the EICAR test files are decapsulated and unpacked:

$ cd /usr/share/doc/amavisd-new-*/test-messages
$ perl -pe 's/./chr(ord($&)^255)/sge'

Now send the EICAR test signature to yourself by using sendmail in a terminal shell.

$ sendmail -i your_email@domain.ch < sample-virus-simple.txt

The following entry should then be shown in the log file /var/log/maillog.

mail amavis[11855]: (11855-01) Passed INFECTED (Eicar-Test-Signature {RelayedTaggedInbound,Quarantine d}, [127.0.0.1] <root@mail.domain.ch>-> <meine_email@domain.ch>, Message-ID: <20190305170628.630A7C5428@mail.domain.ch>, mail_id: SSDU53BXGSVK, Hits: 2.547, size: 789, queued_as: A808AC5425, 1207 ms

If get error: reject: header To: undisclosed-recipients when trying to send the test mail with sendmail, the file sample-virus-simple.txt must be modify with a valid email entered at From: and To :.

Amavis-new Troubleshoting

To checking the functionality of amavis-new can provide along with the following procedure, first check the status of the daemon, with the parameter -l displaying the last lines of the log:

$ systemctl status postfix clamd@amavisd -l

It should also be ensured that ports 10024 and 10025 are active LISTEN:

$ ss -tuln4
Netid  State      Recv-Q Send-Q      Local Address:Port      Peer Address:Port
tcp    LISTEN     0      128             127.0.0.1:10024                *:*
tcp    LISTEN     0      100             127.0.0.1:10025                *:*
tcp    LISTEN     0      100                     *:587                  *:*
tcp    LISTEN     0      100                     *:465                  *:*
tcp    LISTEN     0      128                     *:22                   *:*
tcp    LISTEN     0      100                     *:25                   *:*

telnet must first be installed, the function of the amavisd and Postfix daemon can be checked interactively:

$ telnet localhost 10024
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 [::1] ESMTP amavisd-new service ready
quit
221 2.0.0 [::1] amavisd-new closing transmission channel
Connection closed by foreign host.

$ telnet localhost 10025
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.domain.ch ESMTP
quit
221 2.0.0 Bye
Connection closed by foreign host.