Differences between revisions 1 and 3 (spanning 2 versions)

1. Jabber Admin

1.1. Jabber Daemon

1.2. Erlang Cookie

All nodes must have the same erlang cookie. When installing a new node replace the default Debian cookie with one copied from ~ejabberd/.erlang_cookie.

1.3. SSL Certificate

We require TLS communication with the jabber daemon to avoid exposing Kerberos passwords.

When installing a new node make sure to copy /etc/ejabberd/ejabberd.pem from another node. The current certificate is valid until 2018 and signed by the HCoop CA.

1.4. Firewall

The IANA service names xmpp-client (port 5222) and xmpp-server (port 5269) must be open to the world at large.

Port 4369 (epam) must be open to all other ejabberd nodes, but should not be open to the world at large.

1.5. PAM Configuration

TODO

CategorySystemAdministration

-  ⇤ ← Revision 1 as of 2011-03-09 08:58:28 → 
  Size: 469
  Editor: ClintonEbadi
  Comment: initial jabber admin notes
+   ← Revision 3 as of 2011-03-09 09:06:47 → ⇥
  Size: 903
  Editor: ClintonEbadi
  Comment: firewall config
-Deletions are marked like this.
+Additions are marked like this.
 Line 7:
+== Erlang Cookie ==

All nodes must have the same erlang cookie. When installing a new node replace the default Debian cookie with one copied from `~ejabberd/.erlang_cookie`.
-Line 12:
+Line 16:
+== Firewall ==

The IANA service names `xmpp-client` (port 5222) and `xmpp-server` (port 5269) must be open to the world at large.

Port `4369` (epam) must be open to all other `ejabberd` nodes, but should '''not''' be open to the world at large.

Quick Links

Search Wiki

Page Tools