Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Recent Posts

Pages: [1] 2 3 ... 10
1
Plesk / Fix rpmdb: Thread died in Berkeley DB library
« Last post by vichithrakumart on September 11, 2018, 02:26:32 am »
This error occurs while upgrading the server packages and Plesk. This error shows because of the RPM database is opening failed.

Code: [Select]
yum update
rpmdb: Thread/process 16955/139826084484864 failed: Thread died in Berkeley DB library
error: db3 error(-30974) from dbenv->failchk: DB_RUNRECOVERY: Fatal error, run database recovery
error: cannot open Packages index using db3 -  (-30974)
error: cannot open Packages database in /var/lib/rpm
CRITICAL:yum.main:

Error: rpmdb open failed


Please try this to fix the issue

Code: [Select]
# mkdir /var/lib/rpm/backup
# cp -a /var/lib/rpm/__db* /var/lib/rpm/backup/
# rm -f /var/lib/rpm/__db.[0-9][0-9]*
# rpm --quiet -qa
# rpm --rebuilddb
# yum clean all
2
General Discussion / Programmatically get your public IP address with ipify
« Last post by Vineesh K P on September 08, 2018, 11:01:54 am »
Ever needed to get your public IP address programmatically? Then, you can use the service called "ipify". Using this service will give you the following advantages.
====================================
  • You can use it without limit (even if you're doing millions of requests per minute).
  • It's always online and available, and its infrastructure is powered by Heroku, which means that regardless of whether the server running the API dies, or if there's an enormous tornado which destroys half of the east coast, ipify will still be running!
  • It works flawlessly with both IPv4 and IPv6 addresses, so no matter what sort of technology you're using, there won't be issues.
  • ipify is completely open source.
  • No visitor information is ever logged. Period.
  • Lastly, ipify is funded by Randall Degges, so there's no need to worry about the domain name disappearing in three years or anything like that: ipify is here to stay!
====================================
You can learn more about it from here: https://www.ipify.org/
3
General Linux / Let’s Encrypt: Secure Apache Web Server on Ubuntu 16.04
« Last post by alext on September 08, 2018, 10:41:02 am »
Why HTTPS?

Starting with Chrome 56, the browser developed by Google marks non-secure pages containing password and credit card input fields as Not Secure in the URL bar. It was almost one year ago, when the Mountain View giant announced this choice.
Of course, everybody knows that secure is better then insecure; but in this case, the big problem with HTTP is that it lacks a system for protecting communications between clients and servers. This exposes data to different kinds of attacks, for instance, the “Man in the middle” (MIM), in which the attacker intercepts your data. If you are using some transaction system with your bank, using credit card infos, or just entering a password to log in to a web site, this can become very dangerous.
This is why HTTPS exists (HTTP over TLS, or, HTTP over SSL, or, HTTP Secure).
If you are on Unixmen, you probably know what this means: SSL/TLS ensures encrypted connections.
So, if your job is to keep a web server up and running on, you should switch to HTTPS.
To encrypt the traffic between server and client, web servers use SSL certificates. Let’s Encrypt helps in obtaining and installing a trusted certificate for free.

In this tutorial we will see how to secure an Apache Web Server on Ubuntu 16.04 using Let’s Encrypt.
Install Let’s Encrypt

Let’s Encrypt provides a client software which will fetch certificates almost automatically. This software is called Certbot, and the developers have their Ubuntu repository with up to date versions.

So, first of all, we will add the repository:

Code: [Select]
# add-apt-repository ppa:certbot/certbot
Next, update apt packages list:

Code: [Select]
# apt-get update
At this point, install Certbot:

Code: [Select]
# apt-get install python-certbot-apache
Install SSL Certificate

Once the Certbot client is installed, we can use it to obtain and install a new certificate for our server. It is possible to use a single certificate for many subdomains (or even domains). This can be done just passing all the domains as certbot argument.

Code: [Select]
# certbot --apache -d www.example.com -d example.com
Certbot will present a step-by-step process to customize certificate options, and to enter information like email address. This last one will be used for key recovery. During the process it is possible to choice between which protocol to enable: both HTTP and HTTPS or HTTPS alone, which means that all requests will be automatically redirected. Of course, the best choice is to use only HTTPS, unless there are serious reasons to use unencrypted traffic to your server.
Testing Certificate

To verify the status of the SSL certificate, just go to the following link with a browser:

https://www.ssllabs.com/ssltest/analyze.html?d=www.example.com&latest


Certificates Renewal

Let’s Encrypt certificates last for 90 days, so it’s up to you to renew. Using Certbot, you can test the automatic renewal system with this command:

Code: [Select]
certbot renew --dry-run
If it works, you can add a cron or systemd job to manage automatic renewal.
Conclusion

We have seen how easy can be to install a SSL certificate on an Apache Web Server, running on top of Ubuntu 16.04, by using the software client provided by Let’s Encrypt. At this point, if you go with your browser to https://www.example.com or https://example.com you will see that the site will be correctly served through HTTPS.
4
General Linux / MySQL server runs out of memory or does not start
« Last post by akhilt on September 08, 2018, 10:35:36 am »
MySQL server runs out of memory or does not start

This article describes how to resolve a problem that may occur when you try to run MySQL server with a limited amount of memory.

You can resolve this problem by reducing the amount of memory that MySQL uses. To do this, modify the my.cnf configuration file and restart the MySQL server as follows:

1.  Use the nano or vi text editor to open the /etc/my.cnf file.

2.  Make the following changes to the my.cnf file. You may need to add some of these lines, or uncomment existing lines by removing the leading #.

Code: [Select]
set-variable = max_allowed_packet=1M
set-variable = thread_stack=64K
set-variable = table_cache=4
set-variable = sort_buffer=64K
set-variable = net_buffer_length=2K
set-variable = key_buffer_size=2095104
skip-innodb
skip-networking
skip-bdb
skip-ndbcluster

3. Save the changes to the my.cnf file.

4. Restart MySQL server. To do this, type the appropriate command for your Linux distribution:

 For CentOS and Fedora, type:

Code: [Select]
service mysqld restart
 For Debian and Ubuntu, type:

Code: [Select]
service mysql restart
Hope this article might help you someday,

Thank you!!  :)
5
General Linux / Resetting a forgotten MySQL root password in Linux
« Last post by akhilt on September 08, 2018, 10:27:29 am »
Resetting a forgotten MySQL root password in Linux

If you forgot MySQL root password, it can be recovered by booting the database in failsafe mode and then reset it.

To reset the root password for MySQL, follow these steps:

   1. Log in to your account using SSH.

   2. Stop the MySQL server using the appropriate command for your Linux distribution:

For CentOS and Fedora, type:

Code: [Select]
service mysqld stop
For Debian and Ubuntu, type:

Code: [Select]
service mysql stop

   3. Restart the MySQL server with the —skip-grant-tables option. To do this, type the following command:

Code: [Select]
mysqld_safe --skip-grant-tables &

   4. Log into MySQL using the following command:

Code: [Select]
mysql
   5. At the mysql> prompt, reset the password. To do this, type the following command, replacing NEW-PASSWORD with the new root password:
Code: [Select]
UPDATE mysql.user SET Password=PASSWORD('NEW-PASSWORD') WHERE User='root';
   6. At the mysql> prompt, type the following commands:

Code: [Select]
FLUSH PRIVILEGES;
exit;

   7. Stop the MySQL server using the following command. You will be prompted to enter the new MySQL root password before the MySQL server shuts down:

Code: [Select]
mysqladmin -u root -p shutdown
   8. Start the MySQL server normally. To do this, type the appropriate command for your Linux distribution:

For CentOS and Fedora, type:

Code: [Select]
service mysqld start
For Debian and Ubuntu, type:

Code: [Select]
service mysql start

Hoping you find the article useful, Thank you!! ;D
6
General Linux / How To Monitor Remote Linux Host using Nagios 3.0
« Last post by akhilt on September 02, 2018, 11:09:34 am »
How To Monitor Remote Linux Host using Nagios 3.0

In this post, I’ll explain how to monitor a remote Linux host and the various services running on the remote host.

Overview

Following three steps will happen on a very high level when Nagios (installed on the nagios-servers) monitors a service (for e.g. disk space usage) on the remote Linux host.

1. Nagios will execute check_nrpe command on nagios-server and request it to monitor disk usage on remote host using check_disk command.

2. The check_nrpe on the nagios-server will contact the NRPE daemon on remote host and request it to execute the check_disk on remote host.

3. The results of the check_disk command will be returned back by NRPE daemon to the check_nrpe on nagios-server.


Following flow summarizes the above explanation:

Nagios Server (check_nrpe) —–> Remote host (NRPE deamon) —–> check_disk

Nagios Server (check_nrpe) <—– Remote host (NRPE deamon) <—– check_disk (returns disk space usage)

7 steps to install Nagios Plugins and NRPE on the remote host

1. Download Nagios Plugins and NRPE Add-on

Download following files from Nagios.org and move to /home/downloads:


   * nagios-plugins-1.4.11.tar.gz
   * nrpe-2.12.tar.gz

2. Create nagios account

Code: [Select]
[remotehost]# useradd nagios
[remotehost]# passwd nagios

3. Install nagios-plugin

Code: [Select]
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nagios-plugins-1.4.11.tar.gz
[remotehost]# cd nagios-plugins-1.4.11
[remotehost]# export LDFLAGS=-ldl

[remotehost]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround
[remotehost]# make
[remotehost]# make install

[remotehost]# chown nagios.nagios /usr/local/nagios
[remotehost]# chown -R nagios.nagios /usr/local/nagios/libexec/

Note: On Red Hat, For me the ./configure command was hanging with the the message: “checking for redhat spopen problem…”. Add --enable-redhat-pthread-workaround to the ./configure command as a work-around for the above problem.

4. Install NRPE

Code: [Select]
[remotehost]# cd /home/downloads
[remotehost]# tar xvfz nrpe-2.12.tar.gz
[remotehost]# cd nrpe-2.12

[remotehost]# ./configure
[remotehost]# make all
[remotehost]# make install-plugin
[remotehost]# make install-daemon
[remotehost]# make install-daemon-config
[remotehost]# make install-xinetd

5. Setup NRPE to run as daemon (i.e as part of xinetd):

Modify the /etc/xinetd.d/nrpe to add the ip-address of the Nagios monitoring server to the only_from directive. Note that there is a space after the 127.0.0.1 and the nagios monitoring server ip-address (in this example, nagios monitoring server ip-address is: 192.168.1.2)

Code: [Select]
       only_from       = 127.0.0.1 192.168.1.2
Modify the /etc/services and add the following at the end of the file.

Code: [Select]
       nrpe 5666/tcp # NRPE
Start the service

Code: [Select]
       [remotehost]#service xinetd restart
Verify whether NRPE is listening

Code: [Select]
[remotehost]# netstat -at | grep nrpe
       tcp 0      0 *:nrpe *:*                         LISTEN

Verify to make sure the NRPE is functioning properly

Code: [Select]
[remotehost]# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

6. Modify the /usr/local/nagios/etc/nrpe.cfg

The nrpe.cfg file located on the remote host contains the commands that are needed to check the services on the remote host. By default the nrpe.cfg comes with few standard check commands as samples. check_users and check_load are shown below as an example.

Code: [Select]
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

In all the check commands, the “-w” stands for “Warning” and “-c” stands for “Critical”. for e.g. in the check_disk command below, if the available disk space gets to 20% of less, nagios will send warning message. If it gets to 10% or less, nagios will send critical message. Change the value of “-c” and “-w” parameter below depending on your environment.

Code: [Select]
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
Note: You can execute any of the commands shown in the nrpe.cfg on the command line on remote host and see the results for yourself. For e.g. When I executed the check_disk command on the command line, it displayed the following:

Code: [Select]
[remotehost]#/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
DISK CRITICAL - free space: / 6420 MB (10% inode=98%);| /=55032MB;51792;58266;0;64741

In the above example, since the free disk space on /dev/hda1 is only 10% , it is displaying the CRITICAL message, which will be returned to nagios server.

4 Configuration steps on the Nagios monitoring server to monitor remote host:

1. Download NRPE Add-on

Download nrpe-2.12.tar.gz from Nagios.org and move to /home/downloads:

2. Install check_nrpe on the nagios monitoring server

Code: [Select]
[nagios-server]# tar xvfz nrpe-2.12.tar.gz
[nagios-server]# cd nrpe-2.1.2
[nagios-server]# ./configure
[nagios-server]# make all
[nagios-server]# make install-plugin

./configure will give a configuration summary as shown below:

*** Configuration summary for nrpe 2.12 05-31-2008 ***:

General Options:
————————-
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios

Note: I got the “checking for SSL headers… configure: error: Cannot find ssl headers” error message while performing ./configure. Install openssl-devel as shown below and run the ./configure again to fix the problem.

Code: [Select]
[nagios-server]# rpm -ivh openssl-devel-0.9.7a-43.16.i386.rpm krb5-devel-1.3.4-47.i386.rpm zlib-devel-1.2.1.2-1.2.i386.rpm e2fsprogs-devel-1.35-12.5.
el4.i386.rpm
warning: openssl-devel-0.9.7a-43.16.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing… ########################################### [100%]
1:e2fsprogs-devel ########################################### [ 25%]
2:krb5-devel ########################################### [ 50%]
3:zlib-devel ########################################### [ 75%]
4:openssl-devel ########################################### [100%]

Verify whether nagios monitoring server can talk to the remotehost.

Code: [Select]
[nagios-server]#/usr/local/nagios/libexec/check_nrpe -H 192.168.1.3
NRPE v2.12

Note: 192.168.1.3 in the ip-address of the remotehost where the NRPE and nagios plugin was installed as explained in Section II above.

3. Create host and service definition for remotehost

Create a new configuration file /usr/local/nagios/etc/objects/remotehost.cfg to define the host and service definition for this particular remotehost. It is good to take the localhost.cfg and copy it as remotehost.cfg and start modifying it according to your needs.

host definition sample:

Code: [Select]
define host{
use linux-server
host_name remotehost
alias Remote Host
address 192.168.1.3
contact_groups admins
}

Service definition sample:

Code: [Select]
define service{
use generic-service
service_description Root Partition
contact_groups admins
check_command check_nrpe!check_disk
}

Note: In all the above examples, replace remotehost with the corresponding hostname of your remotehost.

4. Restart the nagios service

Restart the nagios as shown below and login to the nagios web (http://nagios-server/nagios/) to verify the status of the remotehost linux sever that was added to nagios for monitoring.

Code: [Select]
[nagios-server]# service nagios reload
Thank you for reading my article, Have a nice day!!
7
General Linux / Nagios Command Line Options Explained
« Last post by akhilt on September 02, 2018, 10:32:16 am »
Nagios Command Line Options Explained

This article explains various command line options that are available for the Nagios command.

1. Start Nagios Daemon Using nagios -d

Typically you would execute “service nagios start” to start the Nagios daemon, which really calls the /etc/rc.d/init.d/nagios script.

You’ll see the following line inside the /etc/rc.d/init.d/nagios script for the Nagios startup:

Code: [Select]
$NagiosBin -d $NagiosCfgFile
So, you can also manually start Nagios daemon as shown below.

Code: [Select]
# /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
The advantage of manually starting the Nagios daemon is that you can run two Nagios instance on one server. If you like to run a small test instance where you can play around with various configuration files, and Nagios options, create a nagios-test.cfg that points to different configuration object directories than the nagios.cfg, and then start the test instance using nagios-test.cfg file as shown below.

Code: [Select]
# /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios-test.cfg
2. Verify Nagios Configurations Using nagios -v

Anytime you make changes to the configuration files, before you restart the Nagios daemon, verify the configuration changes (for syntax errors, and other invalid configuration errors) using nagios -v option as shown below.

Code: [Select]
# /usr/local/nagios/bin/nagios -v  /usr/local/nagios/etc/nagios.cfg
Reading configuration data...
Read main config file okay...

Processing object config file '/usr/local/nagios/etc/objects/commands.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/contacts.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/timeperiods.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/templates.cfg'...
Processing object config directory '/usr/local/nagios/etc/servers'...
Read object config files okay...

Running pre-flight check on configuration data...

Checking services...Checked 450 services.
Checking hosts...   Checked 135 hosts.
Checking contacts...Checked 12 contacts.
..

Checking for circular paths between hosts...
Checking for circular host and service dependencies...

Total Warnings: 0
Total Errors:   0
Things look okay - No serious problems were detected during the pre-flight check

If this finds any issues, it will give proper message about the issue. At the end this will also display the total count for both warnings and errors. Make sure it says 0 here.

3. Display Processing Info and Scheduling Info using nagios -s

When you have a huge configuration files with several objects, nagios might take little longer to start. Using nagios -s option, you can see how much time Nagios might spend procesing configuration files. This also gives an approximate estimation on how much time you might save if you cache the configuration objects. How to cache configuration objects during startup is explained in the next item.

Code: [Select]
# /usr/local/nagios/bin/nagios -s  /usr/local/nagios/etc/nagios.cfg
I’ve split the output of the above command into multiple sections as shown below.

Object configuration processing times section displays the following information. In this example, the total time it took to process the configuration objects is way less than a second. So, caching the objects might not give you any visible difference, even thought it says you could save 4.36% by caching the objects. When you have a huge configuration file, you’ll definitely see some high numbers here.

Code: [Select]
OBJECT CONFIG PROCESSING TIMES  (* = Potential for precache savings with -u option)
----------------------------------
Read:                 0.002094 sec
Resolve:              0.000046 sec  *
Recomb Contactgroups: 0.000019 sec  *
Recomb Hostgroups:    0.000012 sec  *
Dup Services:         0.000017 sec  *
Recomb Servicegroups: 0.000001 sec  *
Duplicate:            0.000004 sec  *
Inherit:              0.000003 sec  *
Recomb Contacts:      0.000000 sec  *
Sort:                 0.000001 sec  *
Register:             0.000142 sec
Free:                 0.000021 sec
                      ============
TOTAL:                0.002360 sec  * = 0.000103 sec (4.36%) estimated savings

Configuration verification times section displays the amount of time it will take to verify the configuration during startup.

Code: [Select]
CONFIG VERIFICATION TIMES          (* = Potential for speedup with -x option)
----------------------------------
Object Relationships: 0.000102 sec
Circular Paths:       0.000001 sec  *
Misc:                 0.000117 sec
                      ============
TOTAL:                0.000220 sec  * = 0.000001 sec (0.5%) estimated savings

Even scheduling times section displays the amount of time it will take while processing various events mentioned below.

Code: [Select]
EVENT SCHEDULING TIMES
-------------------------------------
Get service info:        0.000084 sec
Get host info info:      0.000023 sec
Get service params:      0.000009 sec
Schedule service times:  0.000124 sec
Schedule service events: 0.010329 sec
Get host params:         0.000001 sec
Schedule host times:     0.000029 sec
Schedule host events:    0.000003 sec
                         ============
TOTAL:                   0.010602 sec

The following section displays both host and service scheduling information.

Code: [Select]
HOST SCHEDULING INFORMATION
---------------------------
Total hosts:                     3
Total scheduled hosts:           3
Host inter-check delay method:   SMART
Average host check interval:     300.00 sec
Host inter-check delay:          100.00 sec
Max host check spread:           30 min
First scheduled check:           Sun Nov 27 10:40:44 2011
Last scheduled check:            Sun Nov 27 10:44:04 2011

SERVICE SCHEDULING INFORMATION
-------------------------------
Total services:                     8
Total scheduled services:           8
Service inter-check delay method:   SMART
Average service check interval:     600.00 sec
Inter-check delay:                  75.00 sec
Interleave factor method:           SMART
Average services per host:          2.67
Service interleave factor:          3
Max service check spread:           30 min
First scheduled check:              Sun Nov 27 10:44:29 2011
Last scheduled check:               Sun Nov 27 10:53:14 2011

Finally, the performance suggestions section will lists all possible performance tunning suggestions for your specific configurations files.
Code: [Select]
PERFORMANCE SUGGESTIONS
-----------------------
I have no suggestions - things look okay.

4. Pre-cache Nagios Config Objects using nagios -p

When you have a big configuration file with several objects, you might save enough time during Nagios startup by caching the configuration objects.

The precache configuration information will be stored in the /usr/local/nagios/var/objects.precache file. If you’ve never created the pre-cache configuration files before, this file will not be present. If you want to change the location of the precache file, change the precached_object_file directive in the nagios.cfg file.

To create the pre-cache configuration files, use -p option as shown below.

Code: [Select]
# /usr/local/nagios/bin/nagios -pv /usr/local/nagios/etc/nagios.cfg
After the above command, the objects.precache file will be created. If you view this file, you can see that all Nagios object definitions are listed here. As it says in the beginning of this precache file, do not modify this file manually. If you like to modify any Nagios object, modify the appropriate configuration file, and regenerate the pre-cache file again.

Code: [Select]
# more /usr/local/nagios/var/objects.precache
5. Use Pre-cached Nagios Config Objects using nagios -u

After creating the pre-cache objects as shown above, stop Nagios daemon, and start it using -u option as shown below. Instead of reading the nagios configuration files again, it will simply use the cached objects that were earlier created from the /usr/local/nagios/var/objects.precache directory.

Code: [Select]
# /usr/local/nagios/bin/nagios -ud /usr/local/nagios/etc/nagios.cfg
6. Skip Circular Path Check using nagios -x

During the startup, Nagios checks to make sure you don’t have any circular paths in any of your object definitions. During startup, Nagios will make sure it doesn’t end-up in any deadlock situation by verifying circular paths. If you have lot of configuration objects, the circular path check might take some time.

If you have a working Nagios configuration, that you are sure doesn’t have any circular paths, you can instruct Nagios to skip this check during startup using nagios -x as shown below.

Code: [Select]
/usr/local/nagios/bin/nagios -xd /usr/local/nagios/etc/nagios.cfg
For faster Nagios startup, use both -u and -x option together as shown below, which will use pre-cache objects and skip circular path checks.

Code: [Select]
/usr/local/nagios/bin/nagios -uxd /usr/local/nagios/etc/nagios.cfg
Thank you, if you enjoyed this article
8
General Linux / Vim Tutorials to Jumpstart Your Editor Skills
« Last post by akhilt on September 02, 2018, 10:15:35 am »
Essential Vim Editor Navigation Fundamentals

Vim editor is hands-down the best editor on Unix and Linux environment. These tutorials will help you become proficient in the Vim editor. If you are spending lot of time on Unix environment, you should become comfortable in the Vim editor.

Navigation is a vital part of text editing. To be very productive, you should be aware of all possible navigation shortcuts in your editor. In this article, let us review the following 8 Vi / Vim navigation options.

1. Line navigation
2. Screen navigation
3. Word navigation
4. Special navigation
5. Paragraph navigation
6. Search navigation
7. Code navigation
8. Navigation from command line

1. Vim Line Navigation

Following are the four navigation that can be done line by line.

    k – navigate upwards
    j – navigate downwards
    l – navigate right side
    h – navigate left side

By using the repeat factor in VIM we can do this operation for N times. For example, when you want to
go down by 10 lines, then type “10j”.

Within a line if you want to navigate to different position, you have 4 other options.

    0 – go to the starting of the current line.
    ^ – go to the first non blank character of the line.
    $ – go to the end of the current line.
    g_ – go to the last non blank character of the line.

2. Vim Screen Navigation

Following are the three navigation which can be done in relation to text shown in the screen.

    H – Go to the first line of current screen.
    M – Go to the middle line of current screen.
    L – Go to the last line of current screen.
    ctrl+f – Jump forward one full screen.
    ctrl+b – Jump backwards one full screen
    ctrl+d – Jump forward (down) a half screen
    ctrl+u – Jump back (up) one half screen

3. Vim Special Navigation

You may want to do some special navigation inside a file, which are:

    N% – Go to the Nth percentage line of the file.
    NG – Go to the Nth line of the file.
    G – Go to the end of the file.
    `” – Go to the position where you were in NORMAL MODE while last closing the file.
    `^ – Go to the position where you were in INSERT MODE while last closing the file.
    g – Go to the beginning of the file.

4. Vim Word Navigation

You may want to do several navigation in relation to the words, such as:

    e – go to the end of the current word.
    E – go to the end of the current WORD.
    b – go to the previous (before) word.
    B – go to the previous (before) WORD.
    w – go to the next word.
    W – go to the next WORD.

WORD – WORD consists of a sequence of non-blank characters, separated with white space.
word – word consists of a sequence of letters, digits and underscores.

Example to show the difference between WORD and word

    192.168.1.1 – single WORD
    192.168.1.1 – seven words.

5. Vim Paragraph Navigation

    { – Go to the beginning of the current paragraph. By pressing { again and again move to the previous paragraph beginnings.
    } – Go to the end of the current paragraph. By pressing } again and again move to the next paragraph end, and again.

6. Vim Search Navigation

    /i – Search for a pattern which will you take you to the next occurrence of it.
    ?i – Search for a pattern which will you take you to the previous occurrence of it.
    * – Go to the next occurrence of the current word under the cursor.
    # – Go to the previous occurrence of the current word under the cursor.

7. Vim Code Navigation

    % – Go to the matching braces, or parenthesis inside code.

8. Vim Navigation from Command Line

    Vim +N filename: Go to the Nth line of the file after opening it.

Code: [Select]
vim +10 /etc/passwd
Vim +/pattern filename
: Go to the particular pattern’s line inside the file, first occurrence from first. In the following example, it will open the README file and jump to the first occurrence of the word “install”.

Code: [Select]
vim +/install README
Vim +?patten filename: Go to the particular pattern’s line inside the file, first occurrence from last. In the following example, it will open the README file and jump to the last occurrence of the word “bug”.

Code: [Select]
vim +?bug README
Hope this article was helpful to all.

Thank you!
9
General Linux / How to Set Up SSH Keys on Debian 9
« Last post by alext on September 01, 2018, 11:24:56 am »
SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers. When working with a Debian server, chances are you will spend most of your time in a terminal session connected to your server through SSH.

In this guide, we'll focus on setting up SSH keys for a vanilla Debian 9 installation. SSH keys provide an easy, secure way of logging into your server and are recommended for all users.
Step 1 — Create the RSA Key Pair

The first step is to create a key pair on the client machine (usually your computer):
Code: [Select]
ssh-keygenBy default ssh-keygen will create a 2048-bit RSA key pair, which is secure enough for most use cases (you may optionally pass in the -b 4096 flag to create a larger 4096-bit key).

After entering the command, you should see the following output:

Code: [Select]
Output
Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):

Press enter to save the key pair into the .ssh/ subdirectory in your home directory, or specify an alternate path.

If you had previously generated an SSH key pair, you may see the following prompt:

Code: [Select]
Output
/home/your_home/.ssh/id_rsa already exists.
Overwrite (y/n)?

If you choose to overwrite the key on disk, you will not be able to authenticate using the previous key anymore. Be very careful when selecting yes, as this is a destructive process that cannot be reversed.

You should then see the following prompt:

Code: [Select]
Output
Enter passphrase (empty for no passphrase):

Here you optionally may enter a secure passphrase, which is highly recommended. A passphrase adds an additional layer of security to prevent unauthorized users from logging in. To learn more about security, consult our tutorial on How To Configure SSH Key-Based Authentication on a Linux Server.

You should then see the following output:

Code: [Select]
Output
Your identification has been saved in /your_home/.ssh/id_rsa.
Your public key has been saved in /your_home/.ssh/id_rsa.pub.
The key fingerprint is:
a9:49:2e:2a:5e:33:3e:a9:de:4e:77:11:58:b6:90:26 username@remote_host
The key's randomart image is:
+--[ RSA 2048]----+
|     ..o         |
|   E o= .        |
|    o. o         |
|        ..       |
|      ..S        |
|     o o.        |
|   =o.+.         |
|. =++..          |
|o=++.            |
+-----------------+
You now have a public and private key that you can use to authenticate. The next step is to place the public key on your server so that you can use SSH-key-based authentication to log in.
Step 2 — Copy the Public Key to Debian Server

The quickest way to copy your public key to the Debian host is to use a utility called ssh-copy-id. Due to its simplicity, this method is highly recommended if available. If you do not have ssh-copy-id available to you on your client machine, you may use one of the two alternate methods provided in this section (copying via password-based SSH, or manually copying the key).
Copying Public Key Using ssh-copy-id

The ssh-copy-id tool is included by default in many operating systems, so you may have it available on your local system. For this method to work, you must already have password-based SSH access to your server.

To use the utility, you simply need to specify the remote host that you would like to connect to and the user account that you have password SSH access to. This is the account to which your public SSH key will be copied.

The syntax is:

   
Code: [Select]
ssh-copy-id username@remote_host
You may see the following message:

Code: [Select]
Output
The authenticity of host '203.0.113.1 (203.0.113.1)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type "yes" and press ENTER to continue.

Next, the utility will scan your local account for the id_rsa.pub key that we created earlier. When it finds the key, it will prompt you for the password of the remote user's account:

Code: [Select]
Output
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@203.0.113.1's password:

Type in the password (your typing will not be displayed for security purposes) and press ENTER. The utility will connect to the account on the remote host using the password you provided. It will then copy the contents of your ~/.ssh/id_rsa.pub key into a file in the remote account's home ~/.ssh directory called authorized_keys.

You should see the following output:

Code: [Select]
Output
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'username@203.0.113.1'"
and check to make sure that only the key(s) you wanted were added.

At this point, your id_rsa.pub key has been uploaded to the remote account. You can continue on to Step 3.
Copying Public Key Using SSH

If you do not have ssh-copy-id available, but you have password-based SSH access to an account on your server, you can upload your keys using a conventional SSH method.

We can do this by using the cat command to read the contents of the public SSH key on our local computer and piping that through an SSH connection to the remote server.

On the other side, we can make sure that the ~/.ssh directory exists and has the correct permissions under the account we’re using.

We can then output the content we piped over into a file called authorized_keys within this directory. We’ll use the >> redirect symbol to append the content instead of overwriting it. This will let us add keys without destroying previously added keys.

The full command looks like this:

   
Code: [Select]
cat ~/.ssh/id_rsa.pub | ssh username@remote_host "mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys"
You may see the following message:

Code: [Select]
Output
The authenticity of host '203.0.113.1 (203.0.113.1)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type "yes" and press ENTER to continue.

Afterwards, you should be prompted to enter the remote user account password:

Code: [Select]
Output
username@203.0.113.1's password:

After entering your password, the content of your id_rsa.pub key will be copied to the end of the authorized_keys file of the remote user's account. Continue on to Step 3 if this was successful.
Copying Public Key Manually

If you do not have password-based SSH access to your server available, you will have to complete the above process manually.

We will manually append the content of your id_rsa.pub file to the ~/.ssh/authorized_keys file on your remote machine.

To display the content of your id_rsa.pub key, type this into your local computer:
Code: [Select]
    cat ~/.ssh/id_rsa.pub
You will see the key's content, which should look something like this:

Code: [Select]
Output
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqql6MzstZYh1TmWWv11q5O3pISj2ZFl9HgH1JLknLLx44+tXfJ7mIrKNxOOwxIxvcBF8PXSYvobFYEZjGIVCEAjrUzLiIxbyCoxVyle7Q+bqgZ8SeeM8wzytsY+dVGcBxF6N4JS+zVk5eMcV385gG3Y6ON3EG112n6d+SMXY0OEBIcO6x+PnUSGHrSgpBgX7Ks1r7xqFa7heJLLt2wWwkARptX7udSq05paBhcpB0pHtA1Rfz3K2B+ZVIpSDfki9UVKzT8JUmwW6NNzSgxUfQHGwnW7kj4jp4AT0VZk3ADw497M2G/12N0PPB5CnhHf7ovgy6nL1ikrygTKRFmNZISvAcywB9GVqNAVE+ZHDSCuURNsAInVzgYo9xgJDW8wUw2o8U77+xiFxgI5QSZX3Iq7YLMgeksaO4rBJEa54k8m5wEiEE1nUhLuJ0X/vh2xPff6SQ1BL/zkOhvJCACK6Vb15mDOeCSq54Cr7kvS46itMosi/uS66+PujOO+xt/2FWYepz6ZlN70bRly57Q06J+ZJoc9FfBCbCyYH7U/ASsmY095ywPsBo1XQ9PqhnN1/YOorJ068foQDNVpm146mUpILVxmq41Cj55YKHEazXGsdBIbXWhcrRf4G2fJLRcGUr9q8/lERo9oxRm5JFX6TCmj6kmiFqv+Ow9gI0x8GvaQ== demo@test
Access your remote host using whichever method you have available.

Once you have access to your account on the remote server, you should make sure the ~/.ssh directory exists. This command will create the directory if necessary, or do nothing if it already exists:

   
Code: [Select]
mkdir -p ~/.ssh
Now, you can create or modify the authorized_keys file within this directory. You can add the contents of your id_rsa.pub file to the end of the authorized_keys file, creating it if necessary, using this command:

   
Code: [Select]
echo public_key_string >> ~/.ssh/authorized_keys
In the above command, substitute the public_key_string with the output from the cat ~/.ssh/id_rsa.pub command that you executed on your local system. It should start with ssh-rsa AAAA....

Finally, we’ll ensure that the ~/.ssh directory and authorized_keys file have the appropriate permissions set:

   
Code: [Select]
chmod -R go= ~/.ssh
This recursively removes all “group” and “other” permissions for the ~/.ssh/ directory.

If you’re using the root account to set up keys for a user account, it’s also important that the ~/.ssh directory belongs to the user and not to root:

   
Code: [Select]
chown -R sammy:sammy ~/.ssh
In this tutorial our user is named sammy but you should substitute the appropriate username into the above command.

We can now attempt passwordless authentication with our Debian server.
Step 3 — Authenticate to Debian Server Using SSH Keys

If you have successfully completed one of the procedures above, you should be able to log into the remote host without the remote account's password.

The basic process is the same:

   
Code: [Select]
ssh username@remote_host
If this is your first time connecting to this host (if you used the last method above), you may see something like this:

Code: [Select]
Output
The authenticity of host '203.0.113.1 (203.0.113.1)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes
This means that your local computer does not recognize the remote host. Type "yes" and then press ENTER to continue.

If you did not supply a passphrase for your private key, you will be logged in immediately. If you supplied a passphrase for the private key when you created the key, you will be prompted to enter it now (note that your keystrokes will not display in the terminal session for security). After authenticating, a new shell session should open for you with the configured account on the Debian server.

If key-based authentication was successful, continue on to learn how to further secure your system by disabling password authentication.
Step 4 — Disable Password Authentication on your Server

If you were able to log into your account using SSH without a password, you have successfully configured SSH-key-based authentication to your account. However, your password-based authentication mechanism is still active, meaning that your server is still exposed to brute-force attacks.

Before completing the steps in this section, make sure that you either have SSH-key-based authentication configured for the root account on this server, or preferably, that you have SSH-key-based authentication configured for a non-root account on this server with sudo privileges. This step will lock down password-based logins, so ensuring that you will still be able to get administrative access is crucial.

Once you've confirmed that your remote account has administrative privileges, log into your remote server with SSH keys, either as root or with an account with sudo privileges. Then, open up the SSH daemon's configuration file:

   
Code: [Select]
sudo nano /etc/ssh/sshd_config
Inside the file, search for a directive called PasswordAuthentication. This may be commented out. Uncomment the line and set the value to "no". This will disable your ability to log in via SSH using account passwords:
/etc/ssh/sshd_config

Code: [Select]
...
PasswordAuthentication no
...
Save and close the file when you are finished by pressing CTRL + X, then Y to confirm saving the file, and finally ENTER to exit nano. To actually implement these changes, we need to restart the sshd service:

   
Code: [Select]
sudo systemctl restart ssh
As a precaution, open up a new terminal window and test that the SSH service is functioning correctly before closing this session:

   
Code: [Select]
ssh username@remote_host
Once you have verified your SSH service, you can safely close all current server sessions.

The SSH daemon on your Debian server now only responds to SSH keys. Password-based authentication has successfully been disabled.
Conclusion

You should now have SSH-key-based authentication configured on your server, allowing you to sign in without providing an account password.
10
General Linux / How To Install Wine 3.0 on CentOS, RHEL and Fedora
« Last post by vichithrakumart on September 01, 2018, 11:02:58 am »
Install 'Development  Tools' using yum

Code: [Select]
#yum groupinstall 'Development Tools'
#yum install libX11-devel freetype-devel zlib-devel libxcb-devel \
      libxslt-devel libgcrypt-devel libxml2-devel gnutls-devel \
      libpng-devel libjpeg-turbo-devel libtiff-devel gstreamer-devel \
      dbus-devel fontconfig-devel

Install Wine from source

Code: [Select]
# cd /usr/src
# wget http://dl.winehq.org/wine/source/3.0/wine-3.0.tar.xz
# tar -Jxf wine-3.0.tar.xz
# cd wine-3.0

Configure it

Code: [Select]
# ./configure
Compile and install the source code

Code: [Select]
# make
# make install
Pages: [1] 2 3 ... 10