Thursday, November 26, 2009

Linux How To: How To SSH Without Password Authentication

Often you need to remotely run utilities on other machines through unattended batch process or cron job. ssh allows you to execute code on remote machine. However in normal usage it prompts you for password which makes it hard to use in unattended processes. Here is a simple way to eliminate the need for specifying password every time when connecting through ssh.

Let's assume your want to connect to remote machine named remote as user named user.

Keep reading here.
Publicado por Eng. Walter Lamagna en 6:15 PM 0 comentarios Vínculos a esta entrada

Perhaps there is a stale lock file?

Cannot create link /etc/mtab~
Perhaps there is a stale lock file?



I resolved this by removing /etc/mtab~ and then remounting the partition.
Publicado por Eng. Walter Lamagna en 12:48 PM 0 comentarios Vínculos a esta entrada

Monday, November 23, 2009

What is LVM (Second part).


Logical volume management is a widely-used technique for deploying logical rather than physical storage. With LVM, "logical" partitions can span across physical hard drives and can be resized (unlike traditional ext3 "raw" partitions). A physical disk is divided into one or more physical volumes (Pvs), and logical volume groups (VGs) are created by combining PVs as shown in the following picture. Notice the VGs can be an aggregate of PVs from multiple physical disks.


Usefull commands:
1) pvscan
This command scans all disks for physical volumes.
# pvscan
pvscan -- reading all physical volumes (this may take a while...)
pvscan -- ACTIVE   PV "/dev/sda3" of VG "system_vg"   [7.49 GB / 0 free]
pvscan -- ACTIVE   PV "/dev/sdb"  of VG "software_vg" [27.99 GB / 0 free]
pvscan -- ACTIVE   PV "/dev/sdc"  of VG "software_vg" [8.96 GB / 0 free]
pvscan -- ACTIVE   PV "/dev/sdd"  of VG "software_vg" [46.55 GB / 36.51 GB free]
pvscan -- total: 4 [91.03 GB] / in use: 4 [91.03 GB] / in no VG: 0 [0]

2) pvdisplay
This command displays attributes of volume groups.
# vgdisplay system_vg
--- Volume group ---
VG Name               system_vg
VG Access             read/write
VG Status             available/resizable
VG #                  0
MAX LV                256
Cur LV                12
Open LV               11
MAX LV Size           255.99 GB
Max PV                256
Cur PV                1
Act PV                1
VG Size               7.49 GB
PE Size               4 MB
Total PE              1918
Alloc PE / Size       1918 / 7.49 GB
Free  PE / Size       0 / 0
VG UUID               eJAhF8-Ztnp-X6Bn-k4LN-t7Uw-5N2O-qXQv40

3) lvdispla
This command displays attributes of a logical volume.
# lvdisplay /dev/system_vg/home_lv
--- Logical volume ---
LV Name                /dev/system_vg/home_lv
VG Name                system_vg
LV Write Access        read/write
LV Status              available
LV #                   2
# open                 1
LV Size                500 MB
Current LE             125
Allocated LE           125
Allocation             next free
Read ahead sectors     1024
Block device           58:1

Publicado por Eng. Walter Lamagna en 3:14 PM 0 comentarios Vínculos a esta entrada

Thursday, November 19, 2009

What is LVM?

LVM is a Logical Volume Manager for the Linux operating system. There are now two version of LVM for Linux:
  • LVM 2 - The latest and greatest version of LVM for Linux.
    LVM 2 is almost completely backward compatible with volumes created with LVM 1. The exception to this is snapshots (You must remove snapshot volumes before upgrading to LVM 2)
    LVM 2 uses the device mapper kernel driver. Device mapper support is in the 2.6 kernel tree and there are patches available for current 2.4 kernels.
  • LVM 1 - The version that is in the 2.4 series kernel,
    LVM 1 is a mature product that has been considered stable for a couple of years. The kernel driver for LVM 1 is included in the 2.4 series kernels, but this does not mean that your 2.4.x kernel is up to date with the latest version of LVM.
Keep reading the second part
    Publicado por Eng. Walter Lamagna en 2:21 PM 1 comentarios Vínculos a esta entrada

    Wednesday, November 18, 2009

    Does encrypted lvm increase server security ?

    Encrypted root With LVM on Fedora 8

    Overview

    This recipe details how you can install F8 (and most likely also F7 and CentOS 5) on a system such that everything except /boot is encrypted. This recipe makes use of your full disc (no unused space is left after it's completed), and doesn't require booting into a Live DVD (important because many of my machines don't have DVD drives on them, many don't even have CD drives). It also does not require a second hard drive.

    Stories abound about laptops being lost, and data possibly exposed because of it. I'm also concerned about someone breaking into my house and stealing our backup server, and through that exposing sensitive or confidential client data for many of our customers. I'm actually not that worried about the loss of the machines, they're cheap computers and data on our home backup server is duplicated at our facility. So, I like to run encrypted file-systems. 

    Keep reading here..

    Publicado por Eng. Walter Lamagna en 12:32 PM 0 comentarios Vínculos a esta entrada

    Monday, November 16, 2009

    How to download a directory tree with ftp

    Linux: Download all file from ftp server recursively

    You can use ncftpget command to download entire ftp directory and sub directories from remote ftp server. Let us say you would like to download /www-data directory and all subdirectories inside this one from ftp.nixcraft.net server. You need to use ncftpget command.

    Install ncftp client

    ncftp client software can be downloaded from http://www.ncftp.com/ncftp/ and works with FreeBSD, Solaris and all most all UNIX variant. You can also run command as follows to install ncftp:
    $ sudo apt-get install ncftp

    FTP get directory recursively

    ncftpget is Internet file transfer program for scripts and advance usage. You need to use command as follows:

    $ ncftpget –R –v –u "ftpuser" ftp.nixcraft.net /home/vivek/backup /www-data

    Keep reading here

     

    Publicado por Eng. Walter Lamagna en 11:18 AM 0 comentarios Vínculos a esta entrada

    Friday, November 13, 2009

    TCP Wrappers Configuration Files

    To determine if a client machine is allowed to connect to a service, TCP wrappers reference the following two files, which are commonly referred to as hosts access files:
    • /etc/hosts.allow
    • /etc/hosts.deny
    When a client request is received by a TCP wrapped service, it takes the following basic steps:
    1. The service references /etc/hosts.allow. — The TCP wrapped service sequentially parses the /etc/hosts.allow file and applies the first rule specified for that service. If it finds a matching rule, it allows the connection. If not, it moves on to step 2.
    2. The service references /etc/hosts.deny. — The TCP wrapped service sequentially parses the /etc/hosts.deny file. If it finds a matching rule is denies the connection. If not, access to the service is granted.
    The following are important points to consider when using TCP wrappers to protect network services:
    • Because access rules in hosts.allow are applied first, they take precedence over rules specified in hosts.deny. Therefore, if access to a service is allowed in hosts.allow, a rule denying access to that same service in hosts.deny is ignored.
    • Since the rules in each file are read from the top down and the first matching rule for a given service is the only one applied, the order of the rules is extremely important.
    • If no rules for the service are found in either file, or if neither file exists, access to the service is granted.
    • TCP wrapped services do not cache the rules from the hosts access files, so any changes to hosts.allow or hosts.deny take effect immediately without restarting network services.

       


    Publicado por Eng. Walter Lamagna en 6:02 PM 0 comentarios Vínculos a esta entrada

    Wednesday, November 11, 2009

    No such client module online_update

    MACHINE:~ # you
    No such client module online_update

    Run 'yast2 -h' for help on usage
    MACHINE:~ # id
    uid=0(root) gid=0(root) grupos=0(root)
    MACHINE:~ # uname -a

    rpm -ivh yast2-online-update-2.6.17-59.i586.rpm
    Publicado por Eng. Walter Lamagna en 6:02 PM 0 comentarios Vínculos a esta entrada

    Monday, November 09, 2009

    Use a Linux LiveCD to Avoid Windows Malware For Netbanking

    Internet has revolutionized the way online users can shop and avail banking services like internet Banking from anywhere, anytime without visiting bank. But, how safe is your money with online net-banking which allows to carry out money transfer? Companies and in some case individuals lost anywhere from $10,000 to $500,000 dollars because of a single malware infection. The cyber crooks are targeting innocent MS-Windows user. If you are concerned about how best to protect yourself from this type of fraud, use Linux LiveCD for online banking and avoid Microsoft Windows at all cost.
    Publicado por Eng. Walter Lamagna en 8:39 AM 0 comentarios Vínculos a esta entrada

    Thursday, November 05, 2009

    Creating Virtual IP Addresses on Linux

    Virtual IP addresses (or VIPs) allow you to use multiple IPs on a single physical network interface. Creating virtual IP addresses is often done to allow webservers to host multiple SSL encrypted web sites on a single webserver or to allow cluster suites to communicate on a dedicated IP address. This article will cover the two primary means of creating virtual IPs on a Linux host.

    ifconfig

    The first and most common method employed is to use the Linux command 'ifconfig' to create a VIP in the following manner, assuming that the interface being used is eth1.

    # ifconfig eth1:0 192.168.1.28

    Keep reading here
    Publicado por Eng. Walter Lamagna en 11:26 AM 0 comentarios Vínculos a esta entrada

    Wednesday, November 04, 2009

    Download TTYSnoop - Install TTYSnoop

    Download ttysnoop and then install it

    Download for all available architectures
    Architecture
    		 Package Size
    		 Installed Size
    		 Files
    alpha
    		 18.1 kB
    		116 kB
    [list of files]
    amd64
    		 16.8 kB
    		108 kB
    [list of files]
    armel
    		 15.1 kB
    		104 kB
    [list of files]
    avr32 (unofficial port)
    		 15.0 kB
    		104 kB
    [list of files]
    hppa
    		 17.2 kB
    		108 kB
    [list of files]
    hurd-i386
    		 15.6 kB
    		104 kB
    [list of files]
    i386
    		 15.5 kB
    		52 kB
    [list of files]
    ia64
    		 21.3 kB
    		128 kB
    [list of files]
    kfreebsd-amd64
    		 17.0 kB
    		68 kB
    [list of files]
    kfreebsd-i386
    		 15.3 kB
    		62 kB
    [list of files]
    m68k (unofficial port)
    		 15.6 kB
    		104 kB
    [list of files]
    mips
    		 17.3 kB
    		108 kB
    [list of files]
    mipsel
    		 17.3 kB
    		108 kB
    [list of files]
    powerpc
    		 16.1 kB
    		104 kB
    [list of files]
    s390
    		 16.8 kB
    		108 kB
    		 [list of files]
    sparc
    		 15.4 kB
    		104 kB
    [list of files]
    Publicado por Eng. Walter Lamagna en 10:37 AM 0 comentarios Vínculos a esta entrada

    Tuesday, November 03, 2009

    Yum Force Reinstall

    Since Yum does not have a force flag, rpm commands must be used along with Yum to do some heavy lifting. Here are a few ways to force the reinstall of a broken package on a Yum Managed system.

    Yum Remove and then Install
    The easiest solution is to yum remove the package and then yum install the same package. If there are too many dependencies at stake with the package in question, try another method.
    yum remove PACKAGE
    yum install PACKAGE

    Force Erase and then Yum Install
    RPM dependencies sometimes make a simple yum remove impossible and Yum will want to erase your entire OS before moving on. In this case, use rpm to force erase, then yum to install.

    Keep reading here

    rpm -e --nodeps PACKAGE
    yum install PACKAGE

    Prune RPM Database and then Yum Install
    If your package install is so corrupted that an rpm -e is dangerous or impossible, even with --nodeps, remove the package from the local RPM database to trick yum into reinstalling the package. No files are deleted when using rpm -e with --justdb.
    rpm -e --justdb --nodeps PACKAGE
    yum install PACKAGE
    Publicado por Eng. Walter Lamagna en 7:54 PM 0 comentarios Vínculos a esta entrada

    zdump (8) man page - Timezone management

    This man page is usefull for this other article i wrote here.



    ZDUMP(8)                                                              ZDUMP(8)

    NAME
           zdump - time zone dumper

    SYNOPSIS
           zdump [ -v ] [ -c cutoffyear ] [ zonename ... ]

    DESCRIPTION
        Zdump prints the current time in each zonename
        named on the command line.

        These options are available:

        -v     For  each  zonename  on  the  command line,
              print the time at the lowest possible time
                  value, the time one day after the lowest
              possible time value, the times both one  sec-
                  ond  before  and exactly at each detected
              time discontinuity, the time at one day less
                  than the highest possible time value, and
              the time at the highest possible time value.
                  Each  line ends with isdst=1 if the given
              time is Daylight Saving Time or isdst=0 oth-
                  erwise.

        -c cutoffyear
                  Cut off the verbose output near the start of
              the given year.

    SEE ALSO
           tzfile(5), zic(8)

                                       ZDUMP(8)
    Publicado por Eng. Walter Lamagna en 7:56 AM 0 comentarios Vínculos a esta entrada

    Monday, November 02, 2009

    linux ftp transfer and resume

    Here is a list of FTP Client and Servers for Linux:

    wput Uploads files or directories to a ftpserver with support of resuming

    wput is a tiny program that looks like wget and does as the name suggests exactly the opposite: it uploads files or recursivly whole directories to a ftp-server and supports resuming.

    vsftpd A FTP daemon that aims to be "very secure"
    A FTP daemon that aims to be "very secure" From the README file: Author: Chris Evans Contact: chris@scary.beasts.org vsftpd is an FTP server, or daemon. The "vs" stands for Very Secure. Obviously this is not a guarantee, but a reflection that I have written the entire codebase with security in mind, and carefully designed the program to be resilient to attack.


    py-pyftpdlib Python FTP server library
    Python FTP server library provides an high-level portable interface to easily write asynchronous FTP servers with Python. Based on asyncore / asynchat frameworks pyftpdlib is actually the most complete RFC959 FTP server implementation available for Python language. 


    proma Administrate a ProFTPd server storing users in a MySQL database
    ProMA is a PHP4 based system for administrating a ProFTPd server storing users in a MySQL database.
    Net_FTP allows you to communicate with FTP servers in a more comfortable way than the native FTP functions of PHP do. The class implements everything nativly supported by PHP and additionally features like recursive up- and downloading, dircreation and chmodding. It although implements an observer pattern to allow for example the view of a progress bar.

    pear-Net_FTP PEAR OO interface to the PHP FTP functions plus some additions
    Net_FTP allows you to communicate with FTP servers in a more comfortable way than the native FTP functions of PHP do. The class implements everything nativly supported by PHP and additionally features like recursive up- and downloading, dircreation and chmodding. It although implements an observer pattern to allow for example the view of a progress bar.


    p5-POE-Component-Client-FTP Implements an FTP client POE Component
    POE::Component::Client::FTP is a POE component for interacting with a FTP server.

    p5-Net-FTP-Recursive Perl module to provide recursive FTP client class
    This module augments the list of Net::FTP methods with several methods that automatically descend directory structures for you. The methods are: rget - Retrieve an entire directory tree. rput - Send an entire directory tree. rdir - Receive an entire directory tree listing. rls - Receive an entire directory tree listing, filenames only. rdelete - Remove an entire directory tree.

    p5-File-Fetch A generic file fetching mechanism
    File::Fetch is a generic file fetching mechanism. It allows you to fetch any file pointed to by a ftp, http, file, or rsync uri by a number of different means.

    lftp Shell-like command line ftp client
    LFTP is a shell-like command line ftp client. It is reliable: can retry operations and does reget automatically. It can do several transfers simultaneously in background. You can start a transfer in background and continue browsing the ftp site or another one. This all is done in one process. Background jobs will be completed in nohup mode if you exit or close modem connection. Lftp has reput, mirror, reverse mirror among its features.

    bftpd Very configurable FTP server that can do chroot easily
    The Bftpd file server is designed to be as small and easy to manage as possible, while providing most of the features you would expect from a file server. On most home systems, bftpd is ready to work out-of-the-box without requiring any extra configuration. Production systems can be set up by editing a few lines in an easy-to-read config file. Features of bftpd include: * Easy configuration * Speed * Support for most RFC FTP commands * tar.gz on-the-fly compression/archiving * Security with chroot without special setup * No need for files (sh, ls...) in a chroot environment * Logging to wtmp and to a config file * PAM support * Support for site chown/chmod

    Publicado por Eng. Walter Lamagna en 1:24 PM 0 comentarios Vínculos a esta entrada
    Subscribe to: Posts (Atom)