roopurewal
-
Upload
pawanpreetsingh -
Category
Documents
-
view
212 -
download
0
Transcript of roopurewal
-
7/31/2019 roopurewal
1/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 1
Objective
The objective of a single sign-on (SSO) is to enable a user to authenticate only once.
Enabling this requires an integration framework that allows single sign-on authentication
throughout all systems and applications as well as to clients, partners, and outside
services. The challenge is a multitude of SSO vendor products, discrepancies in partners
security standards, and the administration of Identity Management across client and
business partner systems.SSO is not a new concept. In fact, companies have been dealing
with this concept for years. I can recall developing an IMS transaction to handle
authentication, access control and application data access across many IMS applications.
Most developers at one time or another have designed and built an application profiledatabase and the SSO like code to eliminate the duplicate logon for end users. Industry
statistics show that users have on average, five different logons they use on a regular
basis. Therefore, integrating SSO components to eliminate the need for multiple logons
will simplify the end user experience. This results in increased usage and thus increases
revenue, retains customers, clients, and business partners.
-
7/31/2019 roopurewal
2/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 2
Single Sign-On
We will go through a brief introduction to Single Sign-on (hereafter also referred to as
SSO in this document). SSO can be defined as a user experience of logging in just once
and being able to navigate across many applications seamlessly without a need to enter
credentials for each application. It is very common for organizations to have many
applications running to take care of different business functions. SSO makes it easy for
the users to login once and be able to access all the applications they can, reducing the
need for users to remember a plethora of logins and passwords. The following is a brief
description of a few important concepts of SSO.
Authentication
The process of verifying the users identity, making sure that the user is who he claims to
be. This can be based on login & password combination or Smart card,biometrics, etc.
Authorization
The process of verifying whether a user is privileged to access a particular resource.
Credentials
Credentials are the details provided by a user during the process of authentication into an
application. They can be login and password, fingerprint, smart card etc.
Domain
A domain is a logical group in an organization with a unique name that is the part of host
names used on the intranet/Internet. For example, mycompany.com is the domain name
myhost.mycompany.com where as mycompanystore.com is the domain name in
www.mycompanystore.com. While mycompany.com is a parent domain,
it.mycompany.com is a sub domain reserved for the IT department in the organization.
Protected Resource
It is a resource the access of which is not open to everyone. A user needs to go throughauthentication and authorization before accessing a protected resource. It can be a URL
on the Internet or intranet, a client to a application, a folder on a server, etc.
-
7/31/2019 roopurewal
3/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 3
Benefits
Reduces phishing success, because users are not trained to enter password everywherewithout thinking.
Reducing password fatigue from different user name and password combinations Reducing time spent re-entering passwords for the same identity. Can support conventional authentication such as windows credentials (i.e.,
username/password)
Reducing IT costs due to lower number of IT help desk calls about passwords Security on all levels of entry/exit/access to systems without the inconvenience of re-
prompting users
Centralized reporting for compliance adherence.
-
7/31/2019 roopurewal
4/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 4
Methodology for project development
Firstly, you have to understand basics of cloud computing Understanding LINUX OS. Understanding various terms like SSO, e-mail server, LDAP etc. Learning how to configure an e-mail server. How to do synchronization between servers. Creating databases. Understanding SVN server. Learning how to work on cloud. Planning of your work. And at last how to integrate all the things together.
-
7/31/2019 roopurewal
5/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 5
Technology used
E-mail Server (Postfix,FTP,Dovecot,Squirrelmail) SVN Server LDAP Lightweight Directory Access Protocol (User Database) Apache (Web Server) Virtual hosting
-
7/31/2019 roopurewal
6/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 6
Web Server(Apache)
A Web server is a program that, using the client/server model and the World Wide Web's
Hypertext Transfer Protocol ( HTTP serves the files that form Web pages to Web users
(whose computers contain HTTP clients that forward their requests). Every computer on
the Internet that contains a Web site must have a Web server program. Two leading Web
servers are Apache , the most widely-installed Web server, and Microsoft's Internet
Information Server ( IIS ). Other Web servers include Novell's Web Server for users of
its NetWare operating system and IBM's family of Lotus Domino servers, primarily for
IBM's OS/390 and AS/400 customers. Apache supports a variety of features, many
implemented as compiled modules which extend the core functionality. These can range
from server-side programming language support to authentication schemes. Some
common language interfaces support Perl, Python, Tcl, and PHP. HTTP Protocol: HTTP
stands for Hyper-Text-Transfer-Protocol
This is the protocol that is used in order to send and receive information from the server.
This is the protocol that the Apache Web Server Understands and it is what it uses to
send information back to the client Machine. If you would want to get a bit more
technical on the subject the Client Machine this case the Browser sends a HTTP.Request
Object to the Server then the Server responds back by using an HTTP.Response Object.
This is the general back and forth between the server and the browser. Apache is made to
handle all of these requests
http://whatis.techtarget.com/definition/0,,sid9_gci212964,00.htmlhttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchcio-midmarket.techtarget.com/definition/Apachehttp://searchwindowsserver.techtarget.com/definition/IIShttp://searchnetworking.techtarget.com/definition/NetWarehttp://searchdatacenter.techtarget.com/definition/OS-390http://search400.techtarget.com/definition/AS-400http://en.wikipedia.org/wiki/Compilerhttp://en.wikipedia.org/wiki/Modular_programminghttp://en.wikipedia.org/wiki/Mod_perlhttp://en.wikipedia.org/wiki/Mod_pythonhttp://en.wikipedia.org/wiki/Tclhttp://en.wikipedia.org/wiki/PHPhttp://en.wikipedia.org/wiki/PHPhttp://en.wikipedia.org/wiki/Tclhttp://en.wikipedia.org/wiki/Mod_pythonhttp://en.wikipedia.org/wiki/Mod_perlhttp://en.wikipedia.org/wiki/Modular_programminghttp://en.wikipedia.org/wiki/Compilerhttp://search400.techtarget.com/definition/AS-400http://searchdatacenter.techtarget.com/definition/OS-390http://searchnetworking.techtarget.com/definition/NetWarehttp://searchwindowsserver.techtarget.com/definition/IIShttp://searchcio-midmarket.techtarget.com/definition/Apachehttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchnetworking.techtarget.com/definition/client-serverhttp://whatis.techtarget.com/definition/0,,sid9_gci212964,00.html -
7/31/2019 roopurewal
7/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 7
.
-
7/31/2019 roopurewal
8/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 8
How To configure web server:
ServerAdmin root@LocalHost
DocumentRoot /var/www/html
ServerName www.google.com
ErrorLog roop
CustomLog deep
-
7/31/2019 roopurewal
9/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 9
Virtual hosting
Virtual hosting is a method for hosting multiple domain names (with separate handling
of each name) on a single server (or pool of servers). This allows one server to share its
resources, such as memory and processor cycles, without requiring all services provided
to use the same host name. The term virtual hosting is usually used in reference to web
servers but the principles carry over to other internet services.
One widely used application is shared web hosting. Shared web hosting prices are lower
than a dedicated web server because many customers can be hosted on a single server. It
is also very common for a single entity to want to use multiple names on the same
machine so that the names can reflect services offered rather than where those services
happen to be hosted.
ServerAdmin root@LocalHost
DocumentRoot /var/www/html
ServerName www.google.com
ErrorLog
CustomLog
ServerAdmin root@LocalHost
DocumentRoot /var/www/html/yahoo
ServerName www.yahoo.com
ErrorLog
CustomLog
http://en.wikipedia.org/wiki/Domain_namehttp://en.wikipedia.org/wiki/Server_%28computing%29http://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Shared_web_hosting_servicehttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Shared_web_hosting_servicehttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Server_%28computing%29http://en.wikipedia.org/wiki/Domain_name -
7/31/2019 roopurewal
10/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 10
-
7/31/2019 roopurewal
11/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 11
Email server
A mail server usually consists of a storage area where where e-mail is stored for local
users, a set of user definable rules which determine how the mail server should react tothe destination of a specific message, a database of user accounts that the mail server
recognizes and will deal with locally, and communications modules which are the
components that actually handle the transfer of messages to and from other mail serversand email clients. Generally the person(s) responsible for the maintenance of the e-mail
server (editing users, monitoring system activity) are referred to as the postmaster. Most
mail servers are designed to operate without any manual intervention during normal
operation.
Postfix Mail Server(SMTP mail server)it use for sending mails. FTP(File transfer protocol)it use for transfer file. Squirrel mail(web browser)interface used for check and send mail Dovcot(pop3/imap Server) used to receive emails.
http://www.webopedia.com/TERM/D/database.htmlhttp://www.webopedia.com/TERM/D/database.html -
7/31/2019 roopurewal
12/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 12
Squirrel mail (web browser) interface used for check and send mail
-
7/31/2019 roopurewal
13/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 13
-
7/31/2019 roopurewal
14/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 14
SVN server
It is an acronym for Subversion. Subversion manages files and directories, and the
changes made to them, over time. This allows you to recover older versions of your data
or examine the history of how your data changed.
Installing SVN: Yum install subversion mod_dav_svn. Configration file: vim /etc/httpd/conf.d/subversion.conf How to create repos SVNadmin create repos Chown -R apache.apache repos(to integrate with apache) Cheking out: SVN COhttp://servername/repos Editing and Commit:
SVN commitm editing the file
http://servername/reposhttp://servername/reposhttp://servername/reposhttp://servername/repos -
7/31/2019 roopurewal
15/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 15
-
7/31/2019 roopurewal
16/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 16
LDAP (Light weight directory access protocol.)
It use for centeralize user authenction. It basically used for user database. An LDAP server is also known as a Directory System Agent (DSA). LDAP has the ability to distribute servers to where they are needed.
Flow diagram of LDAP:
-
7/31/2019 roopurewal
17/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 17
Integrating Apache with Ldap
To integreate Apache Authentication with Ldap, you may refer to the following steps:
Create a authentication file, e.g: .htaccess and enter the following lines of code:
AuthType BasicAuthBasicProvider ldap
AuthzLDAPAuthoritative Off
AuthName myp2Repo SVN Authentication
AuthLDAPBindDN cn=Manager,dc=example,dc=com
AuthLDAPBindPassword mypass
AuthLDAPURLldap://localhost:389/o=domains,dc=example,dc=com?mail
Require valid-user
Explanation:
AuthzLDAPAuthoritative : Specifies whether ldap authentication is sufficient for authorization
or the system should fall back to other modules on failure.AuthLDAPBindDN : details which would be used to login to ldap
AuthLDAPBindPassword : Master Password of manager, for authentication
AuthLDAPURL : Ldap URL,ldap://localhost:389/o=domains,dc=example,dc=com?mail (User
must provide email for authentication)
http://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mailhttp://ldap//localhost:389/o=domains,dc=example,dc=com?mail -
7/31/2019 roopurewal
18/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 18
iRedmail
iRedMail is a free, open source mail server solution for Linux/BSD, provides services
POP3/IMAP/SMTP, anti-spam, anti-virus, etc. It supports OpenLDAP and MySQL as backendsto save the virtual domains and virtual users. It offers a web-based admin panel.
A fully fledged, free email server solution, an open source project (GPL v2). Use official binary packages
from Linux/BSD distributions, with both i386 and x86_64 support. Easy, fast deployment in LESS
THAN 1 MINUTE.. Works on Red Hat(R) Enterprise Linux, CentOS, Debian, Ubuntu, openSUSE,
FreeBSD. Works on both non-virtualized and virtualized boxes, e.g. VMware, OpenVZ, Xen.
Screenshots of installation:
1. iRedMail supports both OpenLDAP and MySQL as backends to store virtual domains and
users. OpenLDAP is recommended.
-
7/31/2019 roopurewal
19/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 19
2. Choose the directory that will be used to store users' mailboxes.
-
7/31/2019 roopurewal
20/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 20
3. LDAP suffix, normally it's your domain name, such as: dc=example,dc=com:
-
7/31/2019 roopurewal
21/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 21
4. Set the MySQL root password:
-
7/31/2019 roopurewal
22/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 22
5.Set password for LDAP server admin: cn=Manager,dc=example,dc=com
-
7/31/2019 roopurewal
23/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 23
6.Add your first virtual domain, e.g.:
-
7/31/2019 roopurewal
24/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 24
7.Set password for the virtual domain admin: [email protected], you can log into
iRedadmin with this account:
-
7/31/2019 roopurewal
25/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 25
8.Select optional components
-
7/31/2019 roopurewal
26/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 26
9.Select the default language for your webmail application:
IRed Admin panel
iRedAdmin Open Source Edition is a web-based iRedMail admin panel, it allows you to add,
remove and edit domains, users and domain admin accounts. If you need more features, pleaseconsider purchasing the Pro editioniRedAdmin-Pro.
You can also manage all the features of iRedAdmin-Pro with phpLDAPadmin andphpMyAdmin.
http://www.iredmail.org/admin_panel.htmlhttp://www.iredmail.org/admin_panel.htmlhttp://www.iredmail.org/admin_panel.htmlhttp://www.iredmail.org/admin_panel.html -
7/31/2019 roopurewal
27/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 27
Log into iRedAdmin:[email protected]:
mailto:[email protected]:[email protected]:[email protected]:[email protected] -
7/31/2019 roopurewal
28/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 28
2.Here we can add users account,admin and domains also:
-
7/31/2019 roopurewal
29/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 29
3. Creating a new mail user here:
-
7/31/2019 roopurewal
30/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 30
4.Here we see the account profile of user:
-
7/31/2019 roopurewal
31/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 31
Roundcube webmail as one of the optional web-based email clients for everyone to use.Roundcube offers a very nice interface for accessing your emails via the web and offers somevery nice features for all to enjoy, such as:
Released features:
Drag-&-drop message management Full support for HTML messages Sophisticated privacy protection Compose messages with attachments Multiple sender identities Address book with groups and LDAP connectors Richtext/HTML message composing Forwarding messages with attachments Searching messages and contacts
Roundcube is a web-based IMAP email client written in the PHP programming language
Roundcube's most prominent feature is the pervasive use of Ajax technology to present a more
fluid and responsive user interface than that of traditional webmail clients.
Server Requirements:
Apache, Lighttpd, Cherokee or Hiawatha web server PHP Version 5.2.1 or greater MySQL, PostgreSQL, SQLite or MSSQL database An IMAP server which supports IMAP4 rev1 An SMTP server (recommended) or PHP configured for mail delivery
http://en.wikipedia.org/wiki/IMAPhttp://en.wikipedia.org/wiki/PHPhttp://en.wikipedia.org/wiki/Ajax_%28programming%29http://en.wikipedia.org/wiki/User_interfacehttp://en.wikipedia.org/wiki/Webmailhttp://en.wikipedia.org/wiki/Webmailhttp://en.wikipedia.org/wiki/User_interfacehttp://en.wikipedia.org/wiki/Ajax_%28programming%29http://en.wikipedia.org/wiki/PHPhttp://en.wikipedia.org/wiki/IMAP -
7/31/2019 roopurewal
32/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 32
-
7/31/2019 roopurewal
33/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 33
-
7/31/2019 roopurewal
34/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 34
-
7/31/2019 roopurewal
35/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 35
-
7/31/2019 roopurewal
36/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 36
phpLDAPadmin (also known as PLA) is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language administration for your LDAP server.
Its hierarchical tree-viewer and advanced search functionality make it intuitive to browse and
administer your LDAP directory. Since it is a web application, this LDAP browser works onmany platforms, making your LDAP server easily manageable from any location.
phpLDAPadmin is the perfect LDAP browser for the LDAP professional and novice alike. Its
user base consists mostly of LDAP administration professionals.
Managing LDAP data doesn't have to be difficult. The phpLDAPadmin project provides acomprehensive Web-based admin tool for easy, accessible administration of your LDAP
directory from the comfort of your Web browser.
No matter how you approach it, LDAP is a challenge. From understanding the fundamentals that
make up the system to managing the data the system uses, it can be a bit overwhelming at times.
To manage the LDAP data you have a number of ways you could go. You could use thecommand line (Manage LDAP from the Command on Linux), you could use the stand-alone,
very capable 389 Directory Server (see Simplify LDAP with Fedora's 389 Directory Server, or
you could go a completely different route and use the web-based phpLDAPadmin.
As you would expect, phpLDAPadmin is very much like phpMyadmin (a very powerful, userfriendly tool for managing MySQL). But does phpLDAPadmin make managing LDAP as easy as
phpMyadmin make managing MySQL? It does. In fact, phpLDAPadmin makes managing LDAPdata so easy, just about anyone could take care of the task.
Your first task is to actually log into the tool. When you open up the page for phpLDAPadmin
you will see a login button. Click on the login button and then enter your LDAP admin
credentials. Remember, your credentials will be in the form of:
cn=manager,dc=example,dc=com
The credentials will have been set when you initially installed and configured LDAP.Once you'rein, you should see something like the screenshot below: As you can see, I have already created a
few entries for you. But before we get into the creation of entries, let's examine the hierarchy
that appears in the left-side navigation. At the top of the hierarchy you have the Base DN . Underthis entry you have the various objects and attributes that you can add to or edit. Let's take a look
at doing the following: Adding a new group and then adding a user into that group.
http://www.linux.com/component/content/article/174-tutorials/376144-manage-ldap-from-the-command-linehttp://www.linux.com/component/content/article/174-tutorials/376144-manage-ldap-from-the-command-linehttp://www.linux.com/component/content/article/174-tutorials/376144-manage-ldap-from-the-command-linehttp://www.linux.com/component/content/article/174-tutorials/376144-manage-ldap-from-the-command-line -
7/31/2019 roopurewal
37/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 37
-
7/31/2019 roopurewal
38/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 38
Log into phpLDAPAdmin: cn=manager,dc=example,dc=com
-
7/31/2019 roopurewal
39/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 39
Manage the mail account:
-
7/31/2019 roopurewal
40/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 40
Need and significance of project
Because users are not trained to enter password everywhere without thinking, SSO allowsuser just to enter their password only once and hence increases password security.
Reducing time spent re-entering passwords for the same identity Can support conventional authentication such as windows credentials (i.e.,
username/password)
Security on all levels of entry/exit/access to systems without the inconvenience of re-prompting users
Centralized reporting for compliance adherence.
-
7/31/2019 roopurewal
41/42
SINGLE SIGN ON
SAI INSTITUTE OF ENGG. AND TECHNOLOGY(MANAWALA) 41
Conclusion
A well-planned and carefully deployed Single Sign-on product can be a great
complement to the other security measures that are already in place in an organization.
By weighing the risk factors associated with implementing each SSO product against the
advantages and by keeping the expectations aligned with realistic planning, an SSO
product implementation to satisfy your requirements is achievable.
-
7/31/2019 roopurewal
42/42
SINGLE SIGN ON
References
Red hat enterprise Linux (RHEL), Official Book for LINUX. http://w3mentors.com http://www.google.com http://docs.redhat.com/docs/en-US/index.html http://www.linuxforyou.com
http://w3mentors.com/http://www.google.com/http://docs.redhat.com/docs/en-US/index.htmlhttp://www.linuxforyou.com/http://www.linuxforyou.com/http://docs.redhat.com/docs/en-US/index.htmlhttp://www.google.com/http://w3mentors.com/