To send continuous packets to a port on a server
useful for when your are tracing packets to troubleshoot a VPN or connection problem.
The following will keep retrying
while true; do nc <ip address of server> <port>;done
eg
while true; do nc 192.168.0.1 8080;done
or if you prefer telnet over netcat
while true; do telnet 192.168.0.1 8080;done
can also be used to keep retrying your ssh connection until it connects.
eg
while true; do ssh user@192.168.0.1 ;done
Thursday, November 21, 2013
Monday, October 14, 2013
rdesktop tips
When connecting to Windows servers using Linux rdesktop
use the following command to connect to the windows server
rdesktop
eg rdesktop 192.168.2.100
This will open up a remote desktop session to the server
rdesktop -r disk:name=path
eg rdesktop -r disk:home=/home/cgerada 192.168.2.100
will make your local path available under "my computer" so that you can copy files from client to server
rdesktop -g 1024x768
eg rdesktop -g 1024x768 192.168.2.100
will set your screen resolution to 1024x768
more examples
rdesktop -d domainname -u cgerada -p passw0rd -k en-gb -a 16 -g 1024x768 -r disk:home=/home/cgerada 192.168.2.100
-d = domain name
-u = username
-p = password
-k = keyboard layout eg en-us for a us keyboard layout or en-gb for a british one
-a = amount of colours in the pallet
use the following command to connect to the windows server
rdesktop
eg rdesktop 192.168.2.100
This will open up a remote desktop session to the server
rdesktop -r disk:name=path
eg rdesktop -r disk:home=/home/cgerada 192.168.2.100
will make your local path available under "my computer" so that you can copy files from client to server
rdesktop -g 1024x768
eg rdesktop -g 1024x768 192.168.2.100
will set your screen resolution to 1024x768
more examples
rdesktop -d domainname -u cgerada -p passw0rd -k en-gb -a 16 -g 1024x768 -r disk:home=/home/cgerada 192.168.2.100
-d = domain name
-u = username
-p = password
-k = keyboard layout eg en-us for a us keyboard layout or en-gb for a british one
-a = amount of colours in the pallet
Tuesday, August 27, 2013
Make Ubuntu boot into run Level 3
Edit /etc/default/grub with your favorite editor,
sudo vim /etc/default/grub
Find this line:
GRUB_CMDLINE_LINUX_DEFAULT=”quiet splash”
Change it to:
GRUB_CMDLINE_LINUX_DEFAULT=”text”
Update Grub:
sudo update-grub
Done, Next time you boot it will be into run level 3
Thursday, August 8, 2013
Show how old your Linux installation is.
To find out when your Root partition was created.
type
sudo tune2fs -l $(df -h / |(read; awk '{print $1; exit}')) | grep -i created
type
sudo tune2fs -l $(df -h / |(read; awk '{print $1; exit}')) | grep -i created
Friday, July 19, 2013
Convert MP4 to MKV
My Blue Ray Player does not play .mp4 files (x264)
To convert .mp4 files to .mkv using ffmpeg
sudo yum install ffmpeg (To install ffmpeg)
Then use the following command
ffmpeg -i filename.mp4 -vcodec ffv1 -acodec pcm_s16le filename.mkv
To convert .mp4 files to .mkv using ffmpeg
sudo yum install ffmpeg (To install ffmpeg)
Then use the following command
ffmpeg -i filename
Thursday, May 16, 2013
Upgrading Java
When ever you upgrade Java, the old version is always left on the server and is still in use.
You will have to do the following to activate and use the new version.
in this example I am upgrading from Java 1.4 to 1.6
if java is available in your repository type
yum update java or if you have the rpm
type rpm -Uvh java-version_of_yourJava.i386.rpm
Although upgrade option is used in both instances, java is not actually upgraded. Just the new version is installed alongside your current version.
You need to use the alternatives system to use the new version. here's how. type alternatives --config java
The alternatives system maintains symbolic links determining default commands. Our new version of java is installed under
/usr/java/jdk1.6.0_26 (so the path of java binary is /usr/java/jdk1.6.0_26/bin/java. I’ll add this as the default for Java:
type
alternatives --config java
You should receive output similar to the following:
There is 1 program which provide 'java'.
Selection Command
-----------------------------------------------
* 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java
Enter to keep the current selection[+], or type selection number:
As you can see the new version of Java is not only not being used, but there is no mention of it in the alternatives system.
So we need to add it to the alternatives system to be able to use it. heres how. type
alternatives --install /usr/bin/java java /usr/java/jdk1.6.0_43/bin/java 1
The syntax of alternatives is as following
-- install /path_to_symlink program_name /path_to_program priority
Once done if you type
alternatives --config java
You should now get the following
There are 2 programs which provide 'java'.
Selection Command
-----------------------------------------------
* 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java
+ 2 /usr/java/jdk1.6.0_43/bin/java
Enter to keep the current selection[+], or type selection number:
Simply select the version that you want to use as the default version.
Select 2 to use the new 1.6 version.
You can switch between versions this way and change back to the old version if you need to.
in this example I am upgrading from Java 1.4 to 1.6
if java is available in your repository type
yum update java or if you have the rpm
type rpm -Uvh java-version_of_yourJava.i386.rpm
Although upgrade option is used in both instances, java is not actually upgraded. Just the new version is installed alongside your current version.
You need to use the alternatives system to use the new version. here's how. type alternatives --config java
The alternatives system maintains symbolic links determining default commands. Our new version of java is installed under
/usr/java/jdk1.6.0_26 (so the path of java binary is /usr/java/jdk1.6.0_26/bin/java. I’ll add this as the default for Java:
type
alternatives --config java
You should receive output similar to the following:
There is 1 program which provide 'java'.
Selection Command
-----------------------------------------------
* 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java
Enter to keep the current selection[+], or type selection number:
As you can see the new version of Java is not only not being used, but there is no mention of it in the alternatives system.
So we need to add it to the alternatives system to be able to use it. heres how. type
alternatives --install /usr/bin/java java /usr/java/jdk1.6.0_43/bin/java 1
The syntax of alternatives is as following
-- install /path_to_symlink program_name /path_to_program priority
Once done if you type
alternatives --config java
You should now get the following
There are 2 programs which provide 'java'.
Selection Command
-----------------------------------------------
* 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java
+ 2 /usr/java/jdk1.6.0_43/bin/java
Enter to keep the current selection[+], or type selection number:
Simply select the version that you want to use as the default version.
Select 2 to use the new 1.6 version.
You can switch between versions this way and change back to the old version if you need to.
Monday, January 28, 2013
2 Way Synchronization with Unison
2 Way directory Synchronization
I found unison is a better option than rsync if the files in both locations frequently change, or if you want to synchronise between more than 2 locations. and you need to keep all locations synchronised.
yum install unison
on all machines that you want to synchronise between.
for password-less sync make sure you setup ssh private/public key
as described in this previous post ssh public/private key
create a file sync.sh
vim sync.sh
copy and paste the following into your file
#!/bin/bash
# set paths / dirs
_paths="/home/cgerada/directory_to_sync"
# binary file name
_unison=/usr/bin/unison
# server names
# sync local +server1 with server2 and server3
_rserver="server1.clive.com server2.clive.com server3.clive.com"
# sync it
for r in ${_rserver}
do
for p in ${_paths}
do
${_unison} -batch -force newer -times "${p}" "ssh://${r}/${p}"
done
done
save the file and give it execute rights
chmod + x sync.sh
to run the script on a cronjob every half an hour and output details into a log file
crontab -e
and add the following
*/30 * * * * /path/to/sync.sh &>/var/log/sync.sh.log
save and you are done.
~
~
I found unison is a better option than rsync if the files in both locations frequently change, or if you want to synchronise between more than 2 locations. and you need to keep all locations synchronised.
yum install unison
on all machines that you want to synchronise between.
for password-less sync make sure you setup ssh private/public key
as described in this previous post ssh public/private key
create a file sync.sh
vim sync.sh
copy and paste the following into your file
#!/bin/bash
# set paths / dirs
_paths="/home/cgerada/directory_to_sync"
# binary file name
_unison=/usr/bin/unison
# server names
# sync local +server1 with server2 and server3
_rserver="server1.clive.com server2.clive.com server3.clive.com"
# sync it
for r in ${_rserver}
do
for p in ${_paths}
do
${_unison} -batch -force newer -times "${p}" "ssh://${r}/${p}"
done
done
save the file and give it execute rights
chmod + x sync.sh
to run the script on a cronjob every half an hour and output details into a log file
crontab -e
and add the following
*/30 * * * * /path/to/sync.sh &>/var/log/sync.sh.log
save and you are done.
~
~
Saturday, January 26, 2013
Chrooted SFTP
This will chroot (restrict)
all sftp users to their home directory
on your SFTP server type
group add sftpusers
vim /etc/ssh/sshd-config
comment out
#Subsystem sftp /usr/libexec/openssh/sftp-server
add
all sftp users to their home directory
on your SFTP server type
group add sftpusers
vim /etc/ssh/sshd-config
comment out
#Subsystem sftp /usr/libexec/openssh/sftp-server
add
Subsystem sftp internal-sftp
You want to put only certain users (i.e users who belongs to sftpusers group) in the chroot jail environment. Add the following lines at the end of /etc/ssh/sshd_config
Match Group sftpusers
ChrootDirectory %h
ForceCommand internal-sftp
Match Group sftpusers – This indicates that the following lines will be matched only for users who belong to group sftpusers
ChrootDirectory /sftp/%h – This is the path that will be used for chroot after the user is authenticated. %h indicates the users home directory. So, for john, this will be /home/john.
ForceCommand internal-sftp – This forces the execution of the internal-sftp and ignores any command that are mentioned in the ~/.ssh/rc file.
next either add new users to your system or you can add existing users to the system
user add john mary clive
Add all sftp users to the sftp group by editing your
/etc/group file
sftpusers:x:501:john,mary,clive
Make sure users cannot login using ssh, do this by editing /etc/passwd
vim /etc/passwd
and changing /bin/bash to /bin/nologin of each SFTP user
From
john:x:500:500::/home/john:/bin/bash
To
john:x:500:500::/home/john:/bin/nologin
next
chmod -R 755 /home/john
then you must set the following ownership to the users home directory
chown -R root:sftpusers /home/john
restart sshd
/etc/init.d/sshd restart
you can now sftp into your server and the sftp users will be restricted to their /home folder only.
~
Thursday, January 24, 2013
Encrypting existin Swap Redhat / CentOS
yum install cryptsetup
Switch off swap
swapon -a
comment out existing swap partition is /etc/fstab
#/dev/mapper/VolGroup00-swap
swap
Wipe swap partition
dd
if=/dev/zero of=/dev/mapper/VolGroup00-swap
add the swap partition to /etc/crypttab
If it is not already created, create the /etc/crypttab file. Add an entry to /etc/crypttab file. .
swap /dev/mapper/VolGroup00-swap /dev/urandom swap
Add the following entry to /etc/fstab file.
/dev/mapper/swap none swap defaults 0 0
The next time you boot the system and the /etc/rs.sysinit script executes, it creates a raw dm-crypt device with a random key and formats it as a swap device. During /etc/fstab processing, the swap device is activated.
Reboot the system.
Verify that the swap space is encrypted.
swapon -s
You should see a new entry for the added swap file system. You can see it listed below in the second entry, in our example.
swapon -s
Filename Type Size Used Priority
/dev/dm-2 partition 2064376 580 -1
Voila. your swap partition has been encrypted
Wednesday, January 9, 2013
mount remote directories over SSH using SSHFS
When you need to mount a remote directory securely
use SSHFS which is a much easier quicker option than trying to tunnel NFS over an ssh tunnel.
SSHS is quick , easy and secure.
yum install fuse-sshfs
If not done already you will wan't to create your private and public encryption keys and put your public key on the server who's directory you want to mount, so that you will have a password less connection
ssh-keygen to create the keys
leave passphrase blank
then to copy your public key to the server type
ssh-copy-id -i .ssh/id_rsa.pub user@remoteserver
Now, lets say there is some directory /mnt/dir/ on the remote system user@remoteserver and we want to mount it on our /localfolder directory. This is how we do it using sshfs.
type
sudo sshfs user@remoteserver:/mnt/dir /localfolder
Thats it. done.
and to unmount type
fusermount -u /localfolder/
If you want the directory to be available after a reboot
You could just put sudo sshfs user@remote:/mnt/dir /localfolder
in to your /etc/rc.local file
or if you prefer to use /etc/fstab then add the following line to your /etc/fstab file
sshfs#user@remoteserver:/mnt/dir /localfolder fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes
Subscribe to:
Posts (Atom)