Tuesday, 21 October 2014

SSH & SCP Slow Login Fix

SSH & SCP Slow Login Fix

Little clarification for the options.
Those that used useDNS have totally different issue than
what is solved by GSSAPIAuthentication. When you log using SSH, the
server does multiple operations.

One of it is to try to reverse resolve your IP to fetch your hostname.
Why? Developer knows, but I strongly suspect host specific
configuration (i.e hosts.deny).
So if your server is unable to reach
the DNS server (for any reason), the ssh daemon tries to reverse
lookup and wait until it times out (~30 seconds). The useDNS yes
(which is also the default behavior if commented) controls this
behavior. If set to useDNS no, then the reverse lookup doesn’t occur
and the IP is used. BEWARE: This is like patching an intense bleeding.
If this is your issue, then your DNS/network configuration is probably
wrong and should be repaired, not patched. Use the useDNS only for
server that shouldn’t/doesn’t have a DNS.

The GSSAPIAuthentication is a totally different issue. This flag tells
SSH to use a GSSAPI server to validate the authentication (from my
understanding). As for the DNS issue, if you do not have such a
server, it will wait until time out before processing further (~30
secondes). The GSSAPIAuthentication is the flag that controls this
behavior. Contrary to the useDNS flag, the GSSAPIAuthentication is
defaulted to no. Commenting it out will prevent the server from trying
to reach that server.

So both have the same symptoms ~30 login delay) caused by the same
reason (server connection time out) but they do NOT try to reach the
same server. To determine which one is required for you, do as the
article states (ssh -vvv ) and look where it froze. If the issue is


On fresh installed Linux servers you might have encountered that it takes quite some time before you get to see the
password prompt when you connect using SSH. 

As soon as you entered the password everything is lightning fast.
There are two items that might cause this problem:

    DNS Resolving
    Authentication methods that are not supported.


---------------------
DNS Resolving
---------------------


The DNS problem is easy to fix, make sure the SSH server is able to resolve DNS queries by configuring a DNS server.
Here’s how to do it on a CentOS server:

[root@server ~]# vim /etc/resolv.conf

And add the following lines:

nameserver 8.8.8.8
nameserver 8.8.8.8

I’m using the DNS servers from OpenDNS, use any server you like. This will allow your server to perform DNS lookups.
You can also tell SSH to disable DNS lookups like this:

[root@server ~]# vim /etc/ssh/sshd_config

And change the “UseDNS yes” field to “UseDNS no”.

This will ensure that SSH doesn’t try to do any reverse lookups.
Don’t forget to restart SSH! If your SSH connection time is still slow after these changes, read on…





---------------------
Authentication
---------------------


SSH supports a number of authentication methods besides username/password.
Let me show you what is happening behind the scenes when you are waiting for the password prompt:

deven@host ~ $ ssh -v root@192.168.1.100


I’m going to connect to a SSH server but I’ll use the “v” parameter (verbose). Here’s what you will see:

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password


debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Trying private key: /home/host/.ssh/id_rsa
debug1: Trying private key: /home/host/.ssh/id_dsa
debug1: Trying private key: /home/host/.ssh/id_ecdsa
debug1: Next authentication method: password


Before it shows you the password prompt, SSH will first try to connect using GSSAPI-KEYEX, GSSAPI-WITH-MIC and Public Key.
Since I’m not using these it’s causing a delay when trying to connect to SSH.
Especially the GSSAPI-WITH-MIC is taking a long time…let’s disable it:

[root@server ~]# vim /etc/ssh/sshd_config

Now change the “GSSAPIAuthentication yes” line to “GSSAPIAuthentication no”.



Restart SSH and try to connect again:

deven@host ~ $ssh -v root@192.168.1.100

debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/renemolenaar/.ssh/id_rsa
debug1: Trying private key: /home/renemolenaar/.ssh/id_dsa
debug1: Trying private key: /home/renemolenaar/.ssh/id_ecdsa
debug1: Next authentication method: password





With GSSAPI disabled it’s flying!

In case you are wondering, GSSAPI stands for Generic Security Services API and is a standard interface so SSH can communicate with Kerberos.




Thursday, 16 October 2014

Argument list too long Issue in Linux


Argument list too long Issue in Linux
Argument list too long” a simple solution

I was trying to delete a client’s all bounce emails and rm -rf didn’t help me at this point



First of Check the default value of argument list for your server:

root@server:~# getconf ARG_MAX
2621440

And you can sipmly increase this value by typing:
root@server:~# ulimit -s 665536

So you will see that argument list size increases by re-typing:
root@server:~# getconf ARG_MAX
170377216

Most useful Linux Commands

 Most useful Linux Commands


========================================================================================================
 Most useful Linux Commands
========================================================================================================
ls     ------------------------------ List all files and directories
ls -l  ------------------------------ List all files and directories with some extra information
dir  ------------------------------  Display directories
mkdir <name> ------------------------------ Create a directory
mkidr -p <dir_name1>/<dir_name2>------------------------------Create multiple directories
rmdir <dir_name>------------------------------Remove an empty directory
rm <file_name>------------------------------Remove a file/directory with confirmation
rm -rf <file/dir_name>------------------------------Remove file/directory without confirmation
cat <file_name>------------------------------View a file
cat > <file_name>------------------------------Create a new file and edit it
touch <file_name>------------------------------Create a file
vi <file_name>------------------------------File editor
vim <file_name>------------------------------File editor
command >file_name------------------------------Write output of the command into the file
cd      ------------------------------Change directory
cd ..   ------------------------------Move one directory back
cd -    ------------------------------Move to previous directory
cd ~    ------------------------------Move to current user’s home directory
cd /home/me ------------------------------Move to /home/me directory
shutdown -h now ------------------------------Shuts the system down to halt immediately.
shutdown -r now ------------------------------Shuts the system down immediately and the system reboots.
mv -i myfile yourfile ------------------------------Move the file from “myfile” to “yourfile”. This effectively changes the name of “myfile” to “yourfile”.
mv -i /data/myfile .  ------------------------------Move the file from “myfile” from the directory “/data” to the current working directory.
echo <text>  ------------------------------Display the text
find              ------------------------------Search for files in a directory hierarchy
locate           ------------------------------Search for files in a directory hierarchy
grep             ------------------------------Depth Search
wc               ------------------------------Word count
kill               ------------------------------To kill a process
reboot         ------------------------------Reboot the system
poweroff     ------------------------------poweroff the system
mount          ------------------------------mount a partition
umount        ------------------------------unmount a partition
fdisk -l        ------------------------------Partition manipulator



========================================================================================================
System Informations
========================================================================================================
pwd  ------------------------------Prints present working directory
hostname ------------------------------Prints hostname
uname    ------------------------------ prints the name of OS
whoami  ------------------------------ Prints your login name
date       ------------------------------ Prints system date
cal <year> ------------------------------Prints calendar of the year
who          ------------------------------ Determine the users logged on the machine
w             ------------------------------  Determine who is logged on the system
rwho -a   ------------------------------   Determine the remote users
finger <user_name>  ------------------------------System info about user
last     ------------------------------Show list of users last logged-in on your system
lastb   ------------------------------Show last unsuccessful login attempts on your system
history  ------------------------------Show the used commands
history -c ------------------------------Clears all history
comman    ------------------------------Run the most recent command from the bash history commands that start with the string “ comman “
uptime  ------------------------------Display the system uptime
ps    ------------------------------Process status
ps -aux | more ------------------------------ List all the currently running process
top        ------------------------------ List the currently running process, sorted by CPU usage
gtop, ktop, htop   ------------------------------ GUI choice for top
arch       ------------------------------ Display the system architecture
Xorg -version    ------------------------------ Show the version of X windows I have on my system
cat /etc/issue ------------------------------ Check what distribution you are using
free -m    ------------------------------ Check your usage, free memory of primary memory
df -h   ------------------------------ Disk free information in human readable form
du / -bh | more   ------------------------------ Print detailed disk usage for each sub-directory starting at the “/” (root) directory
cat /proc/cpuinfo ------------------------------ Displays cpu information
cat /etc/interrupts ------------------------------ List the interrupts in use
cat /proc/version ------------------------------ Linux version and other info
cat /proc/filesystems ------------------------------ Show the type of filesystem currently in use
cat /etc/printcap | less ------------------------------ Show the setup of printers
lsmod   ------------------------------ Show the currently loaded kernel modules
set | more ------------------------------ Show the current user environment
env | more ------------------------------ Show environment variables
dmesg | less ------------------------------ Print kernel messages
chage -l <user_login_name>  ------------------------------See my password expiry information
chage username   ------------------------------ Change User's Expiry
quota    ------------------------------ Display my disk quota
sysctl -a | more ------------------------------ Display  all the configurable Linux kernel parameters
runlevel    ------------------------------ Print the previous and current runlevel



========================================================================================================
IP tables
========================================================================================================
iptables –L ------------------------------ Lists the current filter rules
iptables –F ------------------------------ Flush the rules temporarily / Disable the rules temporarily
iptables –h ------------------------------ Prints help information



========================================================================================================
Networking
========================================================================================================
ifconfig ------------------------------ Displays all the interface information
ifstat ------------------------------ Check the current network usage
iptraf  ------------------------------ A network utility allows you check the network activities
ifup ------------------------------ Bring a network interface up
ifdown  ------------------------------ Bring a network interface down



========================================================================================================
Help
========================================================================================================
man <command_name> ------------------------------ Display man pages of the command
<command_name> –help ------------------------------ Command help
info <command_name> ------------------------------ Helping command
whatis <command_name> ------------------------------ Display man pages description




========================================================================================================
Compress and decompress
========================================================================================================
tar –cvf <file_name.tar> <file_name_1> <file_name_2> . .   ------------------------------ Compress files
tar –xvf <file_name.tar>     ------------------------------ Decompress the compressed file
tar –xvf <file_name.tar> – C <location>   ------------------------------ Decompress files to desired location
tar –zcvf <file_name.tar.gz> <file_name_1> <file_name_2>  ------------------------------ Compress files with gz
tar –zxvf <file_name.tar.gz> ------------------------------ Decompress the compressed gz files
tar –zxvf <file_name.tar.gz> -C <location> ------------------------------ Decompress files to desired location




========================================================================================================
apt-get commands
========================================================================================================
apt-get install <package_name> ------------------------------ Installing package(s)
apt-get remove <package_name>  ------------------------------ Removing package(s)
apt-get update  ------------------------------ Update the repository
apt-cdrom add  ------------------------------ Add CD ROM archives to repository
apt-cdrom ident ------------------------------ Identify CD-ROM disk
apt-get  -d install <package_name> ------------------------------ Download packages, no installation or unpacking
apt-get –purge remove <package_name>--------- Remove all traces of a package, incl. Configuration files etc.,
apt-get –u update ------------------- Upgrades all installed packages, but does not remove any packages to resolve dependencies
apt-get –u dist-upgrade -------------- Upgrades all the installed packages, removes or installs packages as needed to satisfy all dependencies
apt-cache search <package_name> -------------------- Search package in the cache
apt-get check ------------------------------ Check broken dependencies
apt-cache autoclean ------------------------------ Remove cached packages that are no longer needed
apt-cache clean  ------------------------------ Remove all cached packages
apt-get help ------------------------------ Help



========================================================================================================
dpkg commands
========================================================================================================
dpkg –l ------------------------------ List all the installed packages
dpkg –L  <package_name>------------------------------ List files belonging to a package
dpkg –S <file_name> ------------------------------ To See which package a file belongs to
dpkg –s <package_name>------------------------------ To show complete package information
dpkg –yet-to-unpack  ------------------------------ To look for downloaded, uninstalled packages
dpkg –audit ------------------------------ Show partially installed packages
dpkg -i <package> ------------------------------ Install a new package
dpkg -r <package> ------------------------------ Remove a package



========================================================================================================
Yum Commands
========================================================================================================
yum list [available|installed|extras|updates|obsoletes|all|recent] [pkgspec]
yum list ------------------------------ List packages enabled in the repository
yum list all ------------------------------ List packages enabled in the repository
yum list available ----Lists all the packages available to be installed in any enabled repository on your system
yum list installed -------------------------- Lists all the packages installed on the system
yum list extras -------- Lists any installed package which no longer appears in any of your enabled repositories
yum list obsoletes ------Lists any obsoleting relationships between any available package and any installed package
yum list updates -----Lists any package in an enabled repository which is an update for any installed package
yum list recent -----------------Lists any package added to any enabled repository in the last seven(7) days
yum list pkgspec ---------------------Refine your listing for particular packages
yum check-update -----------------------It returns an exit code of 100 if there are any updates available
yum info -----------------------------Displays information about any package installed or available
yum search ------------------------------ Search and list the packages
yum provides/yum whatprovides Searches for which packages provide the requested dependency of file and also takes wildcards for files
yum clean  ------------------------- Clean up the cache of metadata and packages
yum clean packages ----------Cleans up any cached packages in any enabled repository cache directory
yum clean metadata -------Cleans up any xml metadata that may have been cached from any enabled repository
yum clean dbcache ---------------- Clean up the cached copies of those from any enabled repository cache
yum clean all ------------------------------ Clean all cached files from any enabled repository



========================================================================================================
RPM Commands
========================================================================================================
rpm –ivh <package_name>--------------------- Install a new package
rpm –Uvh <package_name>------------------- Update an already installed package
rpm –e<package_name> -------------------------- Remove a package
rpm –aq ------------------------------  To list all rpm packages installed on your system
rpm –F <package_name> ------------------------------ Freshening up the already installed package
rpm –version ------------------------------  Prints rpm version



========================================================================================================
========================================================================================================

Tuesday, 14 October 2014

Protect a shell script with password

   How to protect a shell script with password 


Add following container before Your Shell Script or Any file which u want to Protect.

realpswd="Devendra"
read -s -p "Type Your Password: " pass
echo ""

[ "$pass" != "$realpswd" ] && echo "Wrong Password.. exiting..." && exit || echo "Continue"



 

--------------------------------------------------------------------------------------------------------------

For Ex. There is an example script.


root@devendra-desktop:~#vi deva.sh        #Paste Following Container to Your Shell Script#

realpswd="Devendra"
read -s -p "Type Your Password: " pass
echo ""

[ "$pass" != "$realpswd" ] && echo "Wrong Password.. exiting..." && exit || echo "Continue"
#!/bin/bash

echo -n "How many random numbers do you want to generate? "
read max

for (( start = 1; start <= $max; start++ ))
do
  echo -e $RANDOM
done



root@devendra-desktop:~#chmod a+x deva.sh
root@devendra-desktop:~#chmod ./deva.sh

root@devendra-desktop:~# ./deva.sh
Type Your Password:






####This protects your script from other users except root:

root@devendra-desktop:/opt# chmod 700 deva.sh


--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------

Saturday, 4 October 2014

Change the MySQL root Password

How to Change the MySQL root Password in Linux or OSX via Command Line



If you have forgot the MySQL root password, can’t remember 
And want to break in…..



Stop MySQL

root@server:~# /usr/local/mysql/support-files/mysql.server stop

                                                   OR
root@server:~# /etc/init.d/mysqld stop
   

Start it in safe mode:
root@server:~# mysqld_safe --skip-grant-tables




This will be an ongoing command until the process is finished so open another shell/terminal window, log in without a password:


root@server:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.1.73 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>


mysql> UPDATE mysql.user SET Password=PASSWORD('password') WHERE User='root'; 
mysql> Change the lowercase password to what you want – with single quotes.
 

mysql> FLUSH PRIVILEGES;mysql> quit

   



Start MySQL

 
root@server:~# /usr/local/mysql/support-files/mysql.server start

                          OR 
root@server:~# /etc/init.d/mysqld start