Munin is a monitoring tool for servers. It uses RRDtool to log and graph data from your servers. The plugin API is very easy to grasp. Actually, I haven’t read the API documentation yet. I just looked at the output of the plugins and it looks easy to achieve. The data can be accessed through the web.
Munin works by polling your servers for the data hence two applications, Munin and Munin Node. The former periodically gathers data (cronned) and the latter serves the data to the former. Please refer to the following for our example configuration. You can make up a domain if you want Munin to group your servers similar to the live demo.
Munin “Graph Server” – graph-server.net (10.10.10.1)
A Munin Node – munin-sample.net (100.100.100.2)
1. Installing and Configuring Munin
In this section, we set it up on graph-server.net
Add the RPMforge repository.
#rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm
This step is optional if your Linux distribution has the packages in its default repositories.
Install munin.
#yum -y install munin
Change the ownership of the Munin web docroot to munin.
#chown -R munin:munin /var/www/munin
The default configuration file (in version 1.2.5-1) the value for the web docroot points to the wrong directory. Replace the value of htmldir from /var/www/html/munin to /var/www/munin at /etc/munin/munin.conf (line 7).
Restart Apache and Cron, service httpd restart && service crond restart
You can check if it’s working through your browser (i.e. http://10.10.10.1/munin/). You will get a 404 (not found) if you don’t supply a trailing slash.
2. Add a Node
In this section, we will configure munin-sample.net.
Add the RPMforge repository (see 1.1).
Install Munin Node.
#yum -y install munin-node
Configure. Edit /etc/munin/munin-node.conf with your favorite text editor.
Allow the graph server (graph-server.net/10.10.10.1) to poll the node.
allow ^192\.168\.1\.1$
If your server doesn’t report the correct hostname, add the following line
host_name munin-sample.net
If your servers have two interfaces and on the same LAN (e.g. one for Internet and another for LAN), you can configure the node to bind and listen on the local interface by changing the value of host (line 13) from * to the local IP of the node.
Start munin-node and set to start on bootup.
#service munin-node start
#chkconfig munin-node on
Edit Munin’s configuration on the graph server (/etc/munin/munin.conf).
[munin-sample.net]
address 100.100.100.2
use_node_name yes
Wait for at least 5 minutes for the new node to appear. You can also install the node on the graph server. The default node configuration will work out of the box.
3. Install/Activate Some Plugins
This section should familiarize you with the plugin installation routine. Plugins are installed in the nodes.
Apache
Create a symbolic link to the Apache plugins (stored in /usr/share/munin/plugins) in the plugin folder.
#ln -s /usr/share/munin/plugins/apache_* /etc/munin/plugins/
Enable server status reports. Add the following to Apache’s configuration file.
ExtendedStatus On
<Location /server-status>
SetHandler server-status
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Location>
Restart Apache and the node
service httpd restart && service munin-node restart
Asterisk
Download the plugins for your Asterisk version from here.
Extract them to /usr/share/munin/plugins.
Make the files executable
#chmod 755 /usr/share/munin/plugins/asterisk_*
Configure Asterisk Manager by adding/changing the following in /etc/asterisk/manager.conf
[general]
enabled = yes
port = 5038
[munin]
secret = somepassword
permit = 127.0.0.1 ;if this doesn't work, use the local IP
write = system,call,log,verbose,command,agent,user
Add the following to the plugin configuration file in /etc/munin/plugin-conf.d/munin-node
[asterisk_*]
env.username munin
env.secret somepassword
Reload Asterisk's configuration and restart the node.
asterisk -rx reload >> /dev/null && service munin-node restart
MySQL
Create a symbolic link to the MySQL plugins (stored in /usr/share/munin/plugins) in the plugin folder.
#ln -s /usr/share/munin/plugins/mysql_* /etc/munin/plugins/
If your root user has a password (or want to use a different user), edit the plugin configuration file in /etc/munin/plugin-conf.d/munin-node and uncomment line 16 by removing the leading hash (#). Then change the parameters that will be used when mysqladmin is run.
Restart the node
#service munin-node restart
MTR
Make sure you have the latest version of MTR.
#yum -y install mtr && yum -y update mtr
Extract to /usr/share/munin/plugins
Make the file executable.
#chmod 755 /usr/share/munin/plugins/mtr100_
Create a symbolic link to the plugin (stored in /usr/share/munin/plugins) in the plugin folder. Append the host that you want to query to the link of the name.
#ln -s /usr/share/munin/plugins/mtr100_ /etc/munin/plugins/mtr100_somehost.com
To add another host to query, just create another symbolic link.
Add the following to the plugin configuration file in /etc/munin/plugin-conf.d/munin-node
[mtr100_*]
timeout 60
Restart the node
#service munin-node restart
Why Email Server in Linux are popular?
Supports POP3, IMAP and Web mail access. These are standard services that ideally should be available in any mail system for flexible email access.
Is extremely fast, reliable and scalable. Linux performs well and its uptime is very, very good.
Does not require expensive hardware. Thanks to its fast and efficient services, expensive high end hardware is not necessary.
Is very secured. The Linux operating system is very difficult to exploit. The National Security Agency even contributed to allow Linux to support even stronger levels of security.
Has a powerful anti-spam filter. SpamAssassin uses a wide variety of local and network tests to identify spam signatures.
Has an effective and regularly updated anti-virus. The open source nature of Clam Antivirus allows it to respond to new viruses even faster than commercial antivirus softwares.
Has small to zero (as in free) software cost depending on your support needs. Depending on your support needs, you have the option of using a community supported Linux or a company supported one.
Works with Microsoft Active Directory. You can integrate Microsoft Active Directory user accounts and distribution list into your Linux mail server to simplify administration.
configure: error: C++ compiler cannot create executables
SOLUTIONS:
If you are getting the following error while running configuration file
configure: error: C++ compiler cannot create executables
It means that you have not installed c++ libraries to fix that please execute the below command.
yum install *gcc-c++*
which will install gcc-c++ libraries which will fix the issue.
Mail Server Setup in details
For deploying a consistent, efficient email server, pay heeds to the following considerations
Linux Distribution
Red Hat Enterprise Linux is a Linux distribution produced by Red Hat and targeted toward the commercial market, including mainframes. Red Hat commits to supporting each version of RHEL for 7 years after its release.
CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by Red Hat.
Mail Delivery and Transfer
Postfix is an open source SMTP Server that is fast, easy to administer, flexible while at the same time being sendmail compatible enough to not upset existing users. Written by security expert Wietse Venema, it is built from the ground up to be secure.
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems. It complements Postfix with its high performance, ease of administration and rock solid security.
Web Mail Access
Apache is an open-source HTTP server supporting a wide range of operating systems including UNIX and Windows NT. Apache is a secure, efficient and extensible HTTP server that provides HTTP services in sync with the current HTTP standards.
Squirrelmail is an open source standards-based webmail package written in PHP.
Anti-Spam and Anti-Virus
MailScanner is an open source anti-virus and anti-spam filter for email servers. The anti-virus and anti-spam portion is delegated to third party applications.
ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.
SpamAssassin is a mail filter, written in Perl, that identifies spam using a wide range of heuristic tests on mail headers and body text.
Lightweight Directory Access Protocol (LDAP)
Fedora Directory Server is an enterprise-class Open Source LDAP server for Linux. It is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world.
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
JXplorer is a standards compliant general purpose open source ldap browser that can be used to read and search any ldap directory, or any X500 directory with an ldap interface.
Active Directory Integration
Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients.
System Administration
Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more.
For more: http://linux-circles.blogspot.com/2012/07/email-server-in-details.html
Linux Distribution
CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by Red Hat.
Mail Delivery and Transfer
Postfix is an open source SMTP Server that is fast, easy to administer, flexible while at the same time being sendmail compatible enough to not upset existing users. Written by security expert Wietse Venema, it is built from the ground up to be secure.Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems. It complements Postfix with its high performance, ease of administration and rock solid security.
Web Mail Access
Apache is an open-source HTTP server supporting a wide range of operating systems including UNIX and Windows NT. Apache is a secure, efficient and extensible HTTP server that provides HTTP services in sync with the current HTTP standards.
Squirrelmail is an open source standards-based webmail package written in PHP.Anti-Spam and Anti-Virus
MailScanner is an open source anti-virus and anti-spam filter for email servers. The anti-virus and anti-spam portion is delegated to third party applications.ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.SpamAssassin is a mail filter, written in Perl, that identifies spam using a wide range of heuristic tests on mail headers and body text.
Lightweight Directory Access Protocol (LDAP)
Fedora Directory Server is an enterprise-class Open Source LDAP server for Linux. It is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world.OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
JXplorer is a standards compliant general purpose open source ldap browser that can be used to read and search any ldap directory, or any X500 directory with an ldap interface.Active Directory Integration
Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients.System Administration
Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more.
For more: http://linux-circles.blogspot.com/2012/07/email-server-in-details.html
Configure NTP in linux
Configure NTP in centOS
1. Click System, select Administration and click Date & Time.
2. In the Date/Time Properties window, click the Network Time Protocol tab.
3. Check Enable Network Time Protocol. Next click Show advanced options and check Synchronize system clock before starting service. Finally, click OK.
Configure NTP (Console)
#/usr/sbin/ntpdate pool.ntp.org
immediately synchronizes the system clock. Make sure the ntpd service is not running before using this command.
#/sbin/service ntpd start
starts the ntpd service
#/sbin/service ntpd stop
stops the ntpd service
#/etc/ntp.conf
the above is not a command, it is the location of the ntpd configuration file
find command in details
Sample1: # find all the files in /home with name test.txt. Here –name is used to specify the filename.
# find /home –name test.txt
Sample2: # find the files whose name is test.txt and in present working directory
# find . –name test.txt
Sample3: # find all the files whose name contains both capital letters and small letters in it.
# find /home –iname test.txt
Sample4: Search for only directories whose name is var in / directory
# find / -type d –name var
Sample5: Search for an mp3 files whose name is temp.mp3
# find / -type f –name temp.mp3
Sample6:Search for a file name test.txt and its permissions are 775 in a given box
# find / -perm 775 –name test.txt
Sample7: How about searcing files with SUID bit set and file permissions are 755?
# find / -perm 4755
Sample8:How can i # find SGID bit set files with 644 permissions?
# find / -perm 2644
Sample9: How can i # find Sticky bit set files in my system with permissions 551?
# find / -perm 1551
Sample10:Search for all the files whose SUID bit is set
# find / -perm /u=s
Sample11: Search for all the files whose SGID bit is set
# find / -perm /g+s
Sample12: Search for all the files whose StickyBit is set
# find / -perm /o=t
Sample13: Search for all the files whose owener permissions is read only.
# find / -perm /u=r
Sample14:Search for all the files which have user, group and others with executable permissions
# find / -perm /a=x
Sample15: Search for all the files with name test.txt and the owner of this file is user
# find / -user user –name test.txt
Sample16: # find all the files whos name is test.txt and owned by a group called redcluster
# find / -group redcluster –name test.txt
Sample17: Search for a file: test.txt whose file status is changed more than 90 days back
# find / -ctime +90 –name test.txt
Sample18: Search for all the files which are modified exactly 90 days back
# find / -mtime 90
Sample19: Search for all the files with name test.txt which is accessed less than 90 days
# find / -atime -90
Sample20: # find all the files which are modified more than 90 days back and less than 180 days
# find / -mtime +90 –mtime -180
Sample21: # find all the files changed less than 30mins
# find / -cmin -30
Sample22: # find all the files modified exactly 30 mins back
# find / -mmin 30
Sample23: # find all the files accessed more than 30 mins back
# find / -amin +30
Sample24: # find all the files which are modified more than 5mins back and less than 25mins
# find / -mmin +5 –mmin -25
Sample25: I have new file called test.txt which is just created, now I want to get all the files which are created later this file creation.
# find / -newer test.txt
Sample26: Search for files whose size is more than 10bytes
# find / -size +10c
Sample27: Search for files which are exactly 10kb in /opt folder
# find /opt –size 10k
Sample28: Search for files which are less than 10MB in /var folder
# find /var –size -10M
Sample29: Search for files which are more than 1GB size in /usr folder
# find /usr –size +1G
Sample30: # find all the empty files in my system
# find / -size 0k
Sample31:# find all the files which are with more than size 100MB and less than 1GB and the owner of the file is xyz and the file name is Adda.txt in /red folder
# find /red –size +100M –size -1G –user xyz –iname adda.txt
Sample32:# find all the files with SGID for the group sales and with size exactly 100MB with file name as pass.txt under /opt
# find /opt –size 100M –group sales –perm g+s –name pass.txt
Sample33: # find all the files which are more than 100MB and less than 1GB in size.
# find / -size +100M –size -1G
or
# find / -size +100M -a -size -1G
Sample34:# find a file with passwd.txt in /var folder and long list this file for checking file properties.
# find /var –iname passwd.txt –exec ls –l {} \;
Sample35: # find all the files with name test.txt in /mnt and change the ownership of the files from user to Narendra
# find /mnt –user user –name test.txt –exec chown narendra: {} \;
-exec command {} \; –for executing a command on # find files -inum -For # finding a file with inode number
Sample36:# find all the files with name test.sh in /abc folder and then grep if for word is there in that file or not
# find /abc –name test.sh –exec grep ‘for’ {} \;
chmod, grep, ls, rm, mv, cp,md5sum
Sample37: # find all the files with name xyz.txt owned by user in /var/ftp/pub and change the permissions to 775 to them.
# find /var/ftp –user user –name xyz.txt –exec chmod 775 {} \;
Sample 38:# find all the files with name temp.txt in /xyz folder and backup then compress them to send it for saving
# find /xyz –name xyz.txt –exec tar xvfz temp.tar.gz {} \;
Sample39:# find files with name abc.txt in /home directory and take backup of each file before modifying it.
# find /home –name abc.txt –exec cp {} {}.bkf \;
This above command will create files with .bkf extension whenever it # finds abc.txt file.
Sample40:# find files which are more than 1GB and not accessed for the past 6 months and delete them.
# find / -size +1G -mtime +180 –exec rm –rf {} \;
Sample41:# find all the files with executable permissions and display their checksum value
# find / -perm /a=x -exec md5sum {} \;
Sample42:# find all the files with name abc.txt and owner as user then move them to /opt folder
# find / -user user -name abc.txt -exec mv {} /opt/ \;
Sample43:# find files with abc.txt name in /opt directory change the owner permissions from user to Narendra and change the permissions to 775
# find /opt –user user –name abc.txt –exec chown Narendra: {} \; -exec chmod 775 {} \;
Sample44: # find all the commands which ends with .sh file extension in /opt folder
# find /opt –name *.sh
Sample45:
# find /opt –name \*.sh
Or
# find /opt –name “*.sh”
Note: These two will work, because you negated your shell parsing * wild character.
Sample46:Search for all the files which start with abc and ends with different extension in /opt folder
# find /opt –name abc.\*
Sample47:Search for files which start with red and ends with many names such as redhat, redtop, redsoap etc.
# find / -name red\*
Sample 48:How about search for files which always end with dump.
# find / -name \*dump
Sample49: # find abc.txt file in /opt and /var folder at a time
# find /opt /var –name abc.txt
The above command will search in only two locations i.e. in /opt and /var Search multiple locations but not in particular location. Sample50:Search in entire system expect /proc folder
# find / -path /proc -prune -name cpuinfo
The -path variable to define the path of a location. And -prune combined with -path will say not to descend in to the mention path /proc
Sample51:Search for abc.txt in /opt and /var expect in /var/tmp folder
# find /opt /var -path /var/tmp -prune -name abc.txt
Sample52:I want to search for abc.txt and hash.c file at a time. This can be achieved by using -o operator
# find / -name abc.txt -o -name hash.c
Here when ever # find command sees -o it just or the options on its left and right hand side.
Sample53:How about i want to # find two directories say opt and var how can i # find them?
# find / -type d \( -name opt -o -name var \)
Sample54: Negation operator is useful for negating a search team. for Sample we want to # find all the files with name abc.txt which don’t have 755 permissions
# find . -type f ! -perm 755 -name abc.txt
# find /home –name test.txt
Sample2: # find the files whose name is test.txt and in present working directory
# find . –name test.txt
Sample3: # find all the files whose name contains both capital letters and small letters in it.
# find /home –iname test.txt
Sample4: Search for only directories whose name is var in / directory
# find / -type d –name var
Sample5: Search for an mp3 files whose name is temp.mp3
# find / -type f –name temp.mp3
Sample6:Search for a file name test.txt and its permissions are 775 in a given box
# find / -perm 775 –name test.txt
Sample7: How about searcing files with SUID bit set and file permissions are 755?
# find / -perm 4755
Sample8:How can i # find SGID bit set files with 644 permissions?
# find / -perm 2644
Sample9: How can i # find Sticky bit set files in my system with permissions 551?
# find / -perm 1551
Sample10:Search for all the files whose SUID bit is set
# find / -perm /u=s
Sample11: Search for all the files whose SGID bit is set
# find / -perm /g+s
Sample12: Search for all the files whose StickyBit is set
# find / -perm /o=t
Sample13: Search for all the files whose owener permissions is read only.
# find / -perm /u=r
Sample14:Search for all the files which have user, group and others with executable permissions
# find / -perm /a=x
Sample15: Search for all the files with name test.txt and the owner of this file is user
# find / -user user –name test.txt
Sample16: # find all the files whos name is test.txt and owned by a group called redcluster
# find / -group redcluster –name test.txt
Sample17: Search for a file: test.txt whose file status is changed more than 90 days back
# find / -ctime +90 –name test.txt
Sample18: Search for all the files which are modified exactly 90 days back
# find / -mtime 90
Sample19: Search for all the files with name test.txt which is accessed less than 90 days
# find / -atime -90
Sample20: # find all the files which are modified more than 90 days back and less than 180 days
# find / -mtime +90 –mtime -180
Sample21: # find all the files changed less than 30mins
# find / -cmin -30
Sample22: # find all the files modified exactly 30 mins back
# find / -mmin 30
Sample23: # find all the files accessed more than 30 mins back
# find / -amin +30
Sample24: # find all the files which are modified more than 5mins back and less than 25mins
# find / -mmin +5 –mmin -25
Sample25: I have new file called test.txt which is just created, now I want to get all the files which are created later this file creation.
# find / -newer test.txt
Sample26: Search for files whose size is more than 10bytes
# find / -size +10c
Sample27: Search for files which are exactly 10kb in /opt folder
# find /opt –size 10k
Sample28: Search for files which are less than 10MB in /var folder
# find /var –size -10M
Sample29: Search for files which are more than 1GB size in /usr folder
# find /usr –size +1G
Sample30: # find all the empty files in my system
# find / -size 0k
Sample31:# find all the files which are with more than size 100MB and less than 1GB and the owner of the file is xyz and the file name is Adda.txt in /red folder
# find /red –size +100M –size -1G –user xyz –iname adda.txt
Sample32:# find all the files with SGID for the group sales and with size exactly 100MB with file name as pass.txt under /opt
# find /opt –size 100M –group sales –perm g+s –name pass.txt
Sample33: # find all the files which are more than 100MB and less than 1GB in size.
# find / -size +100M –size -1G
or
# find / -size +100M -a -size -1G
Sample34:# find a file with passwd.txt in /var folder and long list this file for checking file properties.
# find /var –iname passwd.txt –exec ls –l {} \;
Sample35: # find all the files with name test.txt in /mnt and change the ownership of the files from user to Narendra
# find /mnt –user user –name test.txt –exec chown narendra: {} \;
-exec command {} \; –for executing a command on # find files -inum -For # finding a file with inode number
Sample36:# find all the files with name test.sh in /abc folder and then grep if for word is there in that file or not
# find /abc –name test.sh –exec grep ‘for’ {} \;
chmod, grep, ls, rm, mv, cp,md5sum
Sample37: # find all the files with name xyz.txt owned by user in /var/ftp/pub and change the permissions to 775 to them.
# find /var/ftp –user user –name xyz.txt –exec chmod 775 {} \;
Sample 38:# find all the files with name temp.txt in /xyz folder and backup then compress them to send it for saving
# find /xyz –name xyz.txt –exec tar xvfz temp.tar.gz {} \;
Sample39:# find files with name abc.txt in /home directory and take backup of each file before modifying it.
# find /home –name abc.txt –exec cp {} {}.bkf \;
This above command will create files with .bkf extension whenever it # finds abc.txt file.
Sample40:# find files which are more than 1GB and not accessed for the past 6 months and delete them.
# find / -size +1G -mtime +180 –exec rm –rf {} \;
Sample41:# find all the files with executable permissions and display their checksum value
# find / -perm /a=x -exec md5sum {} \;
Sample42:# find all the files with name abc.txt and owner as user then move them to /opt folder
# find / -user user -name abc.txt -exec mv {} /opt/ \;
Sample43:# find files with abc.txt name in /opt directory change the owner permissions from user to Narendra and change the permissions to 775
# find /opt –user user –name abc.txt –exec chown Narendra: {} \; -exec chmod 775 {} \;
Sample44: # find all the commands which ends with .sh file extension in /opt folder
# find /opt –name *.sh
Sample45:
# find /opt –name \*.sh
Or
# find /opt –name “*.sh”
Note: These two will work, because you negated your shell parsing * wild character.
Sample46:Search for all the files which start with abc and ends with different extension in /opt folder
# find /opt –name abc.\*
Sample47:Search for files which start with red and ends with many names such as redhat, redtop, redsoap etc.
# find / -name red\*
Sample 48:How about search for files which always end with dump.
# find / -name \*dump
Sample49: # find abc.txt file in /opt and /var folder at a time
# find /opt /var –name abc.txt
The above command will search in only two locations i.e. in /opt and /var Search multiple locations but not in particular location. Sample50:Search in entire system expect /proc folder
# find / -path /proc -prune -name cpuinfo
The -path variable to define the path of a location. And -prune combined with -path will say not to descend in to the mention path /proc
Sample51:Search for abc.txt in /opt and /var expect in /var/tmp folder
# find /opt /var -path /var/tmp -prune -name abc.txt
Sample52:I want to search for abc.txt and hash.c file at a time. This can be achieved by using -o operator
# find / -name abc.txt -o -name hash.c
Here when ever # find command sees -o it just or the options on its left and right hand side.
Sample53:How about i want to # find two directories say opt and var how can i # find them?
# find / -type d \( -name opt -o -name var \)
Sample54: Negation operator is useful for negating a search team. for Sample we want to # find all the files with name abc.txt which don’t have 755 permissions
# find . -type f ! -perm 755 -name abc.txt
Passwordless SSH Authentications
Howto Linux / UNIX setup SSH with DSA public key authentication (password less login)
Q. How do you set-up SSH with DSA public key authentication? I have Linux laptop called tom and remote Linux server called jerry. How do I setup DSA based authentication so I don’t have to type password?
A. DSA public key authentication can only be established on a per system / user basis only i.e. it is not system wide. You will be setting up ssh with DSA public key authentication for SSH version 2 on two machines:
#1 machine : your laptop called tom
#2 machine : your remote server called jerry
Command to type on your laptop/desktop (local computer)
First login to local computer called tom and type the following command.
Step #1: Generate DSA Key Pair
Use ssh-keygen command as follows:
$ ssh-keygen -t dsa
Output:
Enter file in which to save the key (/home/vivek/.ssh/id_dsa): Press [Enter] key
Enter passphrase (empty for no passphrase): myPassword
Enter same passphrase again: myPassword
Your identification has been saved in /home/vivek/.ssh/id_dsa.
Your public key has been saved in /home/vivek/.ssh/id_dsa.pub.
The key fingerprint is:
04:be:15:ca:1d:0a:1e:e2:a7:e5:de:98:4f:b1:a6:01 vivek@vivek-desktop
Caution: a) Please enter a passphrase different from your account password and confirm the same.
b) The public key is written to /home/you/.ssh/id_dsa.pub.
c) The private key is written to /home/you/.ssh/id_dsa.
d) It is important you never-ever give out your private key.
Step #2: Set directory permission
Next make sure you have correct permission on .ssh directory:
$ cd
$ chmod 755 .ssh
Step #3: Copy public key
Now copy file ~/.ssh/id_dsa.pub on Machine #1 (tom) to remote server jerry as ~/.ssh/authorized_keys:
$ scp ~/.ssh/id_dsa.pub user@jerry:.ssh/authorized_keys
Command to type on your remote server called jerry
Login to your remote server and make sure permissions are set correct:
$ chmod 600 ~/.ssh/authorized_keys
Linux Configure Netconsole To Log Messages Over UDP Network
Linux Configure Netconsole To Log Messages Over UDP Network
Linux can be configured to log dmesg output to another system via network using syslog. It is done using kernel level networking stuff ia UDP port 514. There is module called netconsole which logs kernel printk messages over udp allowing debugging of problem where disk logging fails and serial consoles are impractical. Most modern distro has this netconsole as a built-in module. netconsole initializes immediately after NIC cards. There are two steps to configure netconsole:
Syslogd server - Let us assume 192.168.1.100 IP having FQDN - syslogd.nixcraft.in. Please note that the remote host can run either 'netcat -u -l -p <port>' or syslogd.
All other systems running netconsole module in kernel
Step # 1: Configure Centralized syslogd
Login to syslogd.nixcraft.in server. Open syslogd configuration file. Different UNIX / Linux variant have different configuration files
Red Hat / CentOS / Fedora Linux Configuration
If you are using Red Hat / CentOS / Fedora Linux open /etc/sysconfig/syslog file and set SYSLOGD_OPTIONS option for udp logging.
# vi /etc/sysconfig/syslog
Configure syslogd option as follows:
SYSLOGD_OPTIONS="-m 0 -r -x"
Save and close the file. Restart syslogd, enter:
# service syslog restart
Debian / Ubuntu Linux Configuration
If you are using Debian / Ubuntu Linux open file /etc/default/syslogd set SYSLOGD option for udp logging.
# vi /etc/default/syslogd
Configure syslogd option as follows:
SYSLOGD_OPTIONS="-r"
# /etc/init.d/sysklogd restart
FreeBSD configuration
If you are using FreeBSD open /etc/rc.conf and set syslogd_flags option option for udp logging. Please note that FreeBSD by default accepts network connections. Please refer to syslogd man page for more information.
Firewall configuration
You may need to open UDP port 514 to allow network login. Sample iptables rules to open UDP port 514:
MYNET="192.168.1.0/24"
SLSERVER="192.168.1.100"
iptables -A INPUT -p udp -s $MYNET --sport 1024:65535 -d $SLSERVER --dport 514 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s $SLSERVER --sport 514 -d $MYNET --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Step # 2: Configure Linux Netconsole
You need to configure netconsole service. Once this service started, you are allowed a remote syslog daemon to record console output from local system. The local port number that the netconsole module will use 6666 (default). You need to set the IP address of the remote syslog server to send messages.
Open /etc/sysconfig/netconsole file under CentOS / RHEL / Fedora Linux, enter:
# vi /etc/sysconfig/netconsole
Set SYSLOGADDR to 192.168.1.100 (IP address of remote syslog server)
SYSLOGADDR=192.168.0.1
Save and close the file. Restart netconsole service, enter:
# /etc/init.d/netconsole restart
A note about Debian / Ubuntu Linux
Red Hat has netconsole init script. However, under Debian / Ubuntu Linux, you need to manually configure netconsole. Type the following command to start netconsole by loading kernel netconsole module, enter:
# modprobe netconsole 6666@192.168.1.5/eth0,514@192.168.1.100/00:19:D1:2A:BA:A8
Where,
6666 - Local port
192.168.1.5 - Local system IP
eth0 - Local system interface
514 - Remote syslogd udp port
192.168.1.100 - Remote syslogd IP
00:19:D1:2A:BA:A8 - Remote syslogd Mac
You can add above modprobe line to /etc/rc.local to load module automatically. Another recommend option is create /etc/modprobe.d/netconsole file and append following text:
# echo 'options netconsole netconsole=6666@192.168.1.5/eth0,514@192.168.1.100/00:19:D1:2A:BA:A8 '> /etc/modprobe.d/netconsole
How do I verify netconsole is logging messages over UDP network?
Login to remote syslog udp server (i.e. 192.168.1.100 our sample syslogd system), enter:
# tail -f /var/log/messages
/var/log/messages is default log file under many distributions to log messages. Refer to /etc/syslog.conf for exact location of your file.
How do I use nc / netcat instead of messing with syslogd?
This is called one minute configuration. You can easily get output on 192.168.1.100 without using syslogd. All you have to do is run netcat (nc) command, on 192.168.1.100:
$ nc -l -p 30000 -u
Login to any other box, enter command:
# modprobe netconsole 6666@192.168.1.5/eth0,30000@192.168.1.100/00:19:D1:2A:BA:A8
Output should start to appear on 192.168.1.100 from 192.168.1.5 without configuring syslogd or anything else.
How to install PHPmyAdmin in Linux
Before installing make sure you have php install on your webserver.
yum install php php-* php-mysql
Step: 1
mkdir /download
Step: 2
cd /download
Step: 3
wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.1/phpMyAdmin
Step: 4
tar -xvf phpMyAdmin-3.5.1-english.tar.gz
Step: 5
mv phpMyAdmin-3.5.1-english /var/www/html/phpmyadmin
Step: 6
cd /var/www/html/phpmyadmin/
Step: 7
cp config.sample.inc.php config.inc.php
Step: 8
vi config.inc.php
Step: 9
cahnge Authentication type from cookie to http
save & exit
Step: 10
service httpd restart
time to test phpmyadmin on webserver
http://192.168.2.10/phpmyadmin
Subscribe to:
Posts (Atom)