Examples to Backup Linux Using dd Command (Including Disk to Disk)

Data loss will be costly. At the very least, critical data loss will have a financial impact on companies of all sizes. In some cases, it can cost your job. I’ve seen cases where sysadmins learned this in the hard way.

There are several ways to backup a Linux system, including rsync and rsnapshot that we discussed a while back.

This article provides 6 practical examples on using dd command to backup the Linux system. dd is a powerful UNIX utility, which is used by the Linux kernel makefiles to make boot images. It can also be used to copy data. Only superuser can execute dd command.

Warning: While using dd command, if you are not careful, and if you don’t know what you are doing, you will lose your data!

Example 1. Backup Entire Harddisk 

To backup an entire copy of a hard disk to another hard disk connected to the same system, execute the dd command as shown below. In this dd command example, the UNIX device name of the source hard disk is /dev/hda, and device name of the target hard disk is /dev/hdb.

# dd if=/dev/sda of=/dev/sdb

“if” represents inputfile, and “of” represents output file. So the exact copy of /dev/sda will be available in /dev/sdb.
If there are any errors, the above command will fail. If you give the parameter “conv=noerror” then it will continue to copy if there are read errors.
Input file and output file should be mentioned very carefully, if you mention source device in the target and vice versa, you might loss all your data.

In the copy of hard drive to hard drive using dd command given below, sync option allows you to copy everything using synchronized I/O.

# dd if=/dev/sda of=/dev/sdb conv=noerror,sync 

Example 2. Create an Image of a Hard Disk

Instead of taking a backup of the hard disk, you can create an image file of the hard disk and save it in other storage devices.There are many advantages to backing up your data to a disk image, one being the ease of use. This method is typically faster than other types of backups, enabling you to quickly restore data following an unexpected catastrophe.

# dd if=/dev/hda of=~/hdadisk.img

The above creates the image of a harddisk /dev/hda. Refer our earlier article How to view initrd.image for more details.

Example 3. Restore using Hard Disk Image

To restore a hard disk with the image file of an another hard disk, use the following dd command example.

# dd if=hdadisk.img of=/dev/hdb

The image file hdadisk.img file, is the image of a /dev/hda, so the above command will restore the image of /dev/hda to /dev/hdb. 

Example 4. Creating a Floppy Image 

Using dd command, you can create a copy of the floppy image very quickly. In input file, give the floppy device location, and in the output file, give the name of your floppy image file as shown below.

# dd if=/dev/fd0 of=myfloppy.img 

Example 5. Backup a Partition

You can use the device name of a partition in the input file, and in the output either you can specify your target path or image file as shown in the dd command example below.

# dd if=/dev/hda1 of=~/partition1.img 

Example 6. CDROM Backup

dd command allows you to create an iso file from a source file. So we can insert the CD and enter dd command to create an iso file of a CD content.

# dd if=/dev/cdrom of=tgsservice.iso bs=2048

dd command reads one block of input and process it and writes it into an output file. You can specify the block size for input and output file. In the above dd command example, the parameter “bs” specifies the block size for the both the input and output file. So dd uses 2048bytes as a block size in the above command.

Note: If CD is auto mounted, before creating an iso image using dd command, its always good if you unmount the CD device to avoid any unnecessary access to the CD ROM. 

how many domains available under server or any webhost company clients:

This will help full for find our server clients


ex:

http://www.sitedossier.com/ip/1.2.3.4/


just chage that ip:1.2.3.4

Steps to Setup User and Group Disk Quota on UNIX / Linux

On Linux, you can setup disk quota using one of the following methods:

• File system base disk quota allocation
• 
  User or group based disk quota allocation

On the user or group based quota, following are three important factors to consider:

Hard limit – For example, if you specify 2GB as hard limit, user will not be able to create new files after 2GB

Soft limit – For example, if you specify 1GB as soft limit, user will get a warning message “disk quota exceeded”, once they reach 1GB limit. But, they’ll still be able to create new files until they reach the hard limit

Grace Period – For example, if you specify 10 days as a grace period, after user reach their hard limit, they would be allowed additional 10 days to create new files. In that time period, they should try to get back to the quota limit.

1. Enable quota check on filesystem



First, you should specify which filesystem are allowed for quota check.

Modify the /etc/fstab, and add the keyword usrquota and grpquota to the corresponding filesystem that you would like to monitor.

The following example indicates that both user and group quota check is enabled on /home filesystem
# cat /etc/fstab
LABEL=/home /home ext2 defaults,usrquota,grpquota 1 2

Reboot the server after the above change.

2. Initial quota check on Linux filesystem using quotacheck

Once you’ve enabled disk quota check on the filesystem, collect all quota information initially as shown below.
# quotacheck -avug
quotacheck: Scanning /dev/sda3 [/home] done
quotacheck: Checked 5182 directories and 31566 files
quotacheck: Old file not found.
quotacheck: Old file not found.

In the above command:
a: Check all quota-enabled filesystem
v: Verbose mode
u: Check for user disk quota
g: Check for group disk quota

The above command will create a aquota file for user and group under the filesystem directory as shown below.
# ls -l /home/

-rw------- 1 root root 11264 Jun 21 14:49 aquota.user
-rw------- 1 root root 11264 Jun 21 14:49 aquota.group 

3. Assign disk quota to a user using edquota command

Use the edquota command as shown below, to edit the quota information for a specific user.

For example, to change the disk quota for user ‘ramesh’, use edquota command, which will open the soft, hard limit values in an editor as shown below.
# edquota ramesh

Disk quotas for user ramesh (uid 500):
Filesystem blocks soft hard inodes soft hard
/dev/sda3 1419352 0 0 1686 0 0

Once the edquota command opens the quota settings for the specific user in a editor, you can set the following limits:
soft and hard limit for disk quota size for the particular user.
soft and hard limit for the total number of inodes that are allowed for the particular user.

4. Report the disk quota usage for users and group using repquota

Use the repquota command as shown below to report the disk quota usage for the users and groups.
# repquota /home
*** Report for user quotas on device /dev/sda3
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 566488 0 0 5401 0 0
nobody -- 1448 0 0 30 0 0
ramesh -- 1419352 0 0 1686 0 0
john -- 26604 0 0 172 0 0

5. Add quotacheck to daily cron job

Add the quotacheck to the daily cron job. Create a quotacheck file as shown below under the /etc/cron.daily directory, that will run the quotacheck command everyday. This will send the output of the quotacheck command to root email address.
# cat /etc/cron.daily/quotacheck
quotacheck -avug

DIFFERENT ADMIN LEVELS AND RESPONCIBILY:>>

Level I: Novice System Administrator
Required Skills

• 1.Strong interpersonal and communication skills; capable of explaining simple procedures in writing or verbally; good phone skills.
• 2.Familiar with an operating system and its commands/utilities at a user level; can edit files, issue commands, find users' home directories, navigate through the file system, and use I/O redirection.
• 3.Able to follow instructions well.

Required Background
* Two years of college or equivalent post-high school education or experience.
Desirable Background and Skills

• 1 A degree or certificate in computer science or a related field.
• 2 Previous experience in customer support, computer operations, system administration, or another related area.
• 3 Motivated to advance in the profession.

Appropriate Responsibilities

• Performs routine tasks under the direct supervision of a more experienced administrator.
• Acts as a front-line interface to users, accepting trouble reports and dispatching them to appropriate system administrators.

Level II: Junior System Administrator
Required Skills
1 Strong interpersonal and communication skills; capable of training users in applications and operating system fundamentals and writing basic documentation.
 2  High skill with most operating system commands/utilities.
3  Familiarity with most basic system administration tools and processes; for example, can boot/shut down a machine, add and remove user accounts, use backup programs and fsck or chkdsk, maintain system database files (groups, hosts, aliases, usermanager).
4 Fundamental understanding of an operating system; for example, understands job control, soft and hard links or shortcuts, distinctions between the kernel and the user environment.

Required Background

• 1 One to three years of system administration experience.
• 2 Desirable Background and Skills
• 3 A degree in computer science or a related field.
• 4 Familiarity with networked/distributed computing environment concepts; for example, can use the route command or administer routing and remote access service, add a workstation to a network, and mount remote filesystems.
• Ability to write scripts in some administrative language (Tk, Perl, VBScript, a shell).
•  5 Programming experience in any applicable language.

Appropriate Responsibilities

• Administers a small, uniform site alone or assists in the administration of a larger system.
• Works under the general supervision of a system administrator or computer systems manager.

Level III: Intermediate/Advanced System Administrator
Required Skills

• Strong interpersonal and communication skills; capable of writing purchase justifications, training users in complex topics, making presentations to an internal audience, and interacting positively with upper management.
• Independent problem-solving, self-direction.
• Comfortable with most aspects of operating system administration; for example, configuration of mail systems, system installation and configuration, printer systems, fundamentals of security, installing third-party software.
• Has a solid understanding of a UNIX-based operating system; understands paging and swapping, inter-process communication, devices and what device drivers do, filesystem concepts (inode, clustering, logical partitions).
• Familiarity with fundamental networking/distributed computing environment concepts; can configure NFS and NIS, NT domains; can use nslookup or dig to check information in the DNS; understands basic routing concepts.
• Ability to write scripts in some administrative language (Tk, Perl, VBScript, a shell).
• Ability to do minimal debugging and modification of C programs.

Required Background

• Three to five years of system administration experience.
• Desirable Background and Skills
• A degree in computer science or a related field.
• Significant programming background in any applicable language.

Appropriate Responsibilities

• Receives general instructions for new responsibilities from supervisor.
• Administers a complex site alone or assists in the administration of a larger site.
• Initiates some new responsibilities and helps to plan for the future of the site/network.
• Manages novice system administrators or operators.
• Evaluates and/or recommends purchases; has strong influence on purchasing process.

Level IV: Senior System Administrator
Required Skills
i Strong interpersonal and communications skills; capable of writing proposals or papers, acting as a vendor liaison, making presentations to customers or client audiences or professional peers, and working closely with upper management.
ii Ability to solve problems quickly and automate processes.
iii A solid understanding of an operating system; understands paging and swapping, inter-process communications, devices and what device drivers do, filesystem concepts (inode, clustering, logical partitions), can use performance analysis to tune systems.
iiii A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide filesystem layouts.
iiiii Ability to program in an administrative language (Tk, Perl, VBScript, a shell), to port C programs from one platform to another, and to write small C or C# programs.

Required Background 

>More than five years of previous system administration experience.
Desirable Background and Skills

i A degree in computer science or a related field.
ii Extensive programming background in any applicable language.
iii Publications within the field of system administration.

Appropriate Responsibilities
1 Designs/implements complex local and wide-area networks of machines.
2 Manages a large, complex site or network.
3 Works under general direction from senior management.
4 Establishes/recommends policies on system use and services.
5 Provides technical lead and/or supervises system administrators, system programmers, or others of equivalent seniority.
6 Has purchasing authority and responsibility for purchase justification.

**********************************all the best****************************** 

How to crack a Windows XP password

1. Download Ophcrack LiveCD
2. This program is now an ISO image. Just burn it with Nero or whatever you’re already using for burning images( for burning only ISO images download this burning program – ISORecorder)
3. Now reboot your computer with the CD inside (if the CD will not boot you need to set the boot priority inside BIOS, so that the CD-ROM is the first in the list)
4. A menu like this will appear:

Select the Ophcrack Graphic Mode
5. After the CD is done loading, a user interface like this will appear:

The last right column are the passwords for the given users.

Now depending on many reasons, the cracking of the password could take a long time.

Now just reboot your computer and log into Windows. :)

ip alias soft ware link fake ip

http://ultrasurf.en.softonic.com/download

Howto Red hat enterprise Linux 5 configure the network card

Red hat Linux provides following tools to make changes to Network configuration such as add new card, assign IP address, change DNS server etc.[a] GUI tool (X Windows required) - system-config-network
[b] Command line text based GUI tool (No X Windows required) - system-config-network
[c] Edit configuration files stored in /etc/sysconfig/network-scripts/ directory.

Following instructions are compatible with
(1) Cent OS Linux
(2) Fedora Core Linux
(3) Red Hat Enterprise Linux (RHEL) 3/4/5

Note: If you are using Debian or Ubuntu Linux, please see this configuration howto.
Method # 1: GUI tool system-config-network

Type the following command at shell prompt (open x terminal):
$ system-config-network &

Method : Edit configuration files stored in /etc/sysconfig/network-scripts/

You can configure network card by editing text files stored in /etc/sysconfig/network-scripts/ directory. First change directory to /etc/sysconfig/network-scripts/:
# cd /etc/sysconfig/network-scripts/

You need to edit / create files as follows:
/etc/sysconfig/network-scripts/ifcfg-eth0 : First Ethernet card configuration file

To edit/create first NIC file, type command:
# vi ifcfg-eth0

Append/modify as follows:

DEVICE=eth0
BOOTPROTO=static
DHCPCLASS=
HWADDR=00:30:48:56:A6:2E
IPADDR=10.10.29.66
NETMASK=255.255.255.192
ONBOOT=yes

Save and close the file. Define default gateway (router IP) and hostname in /etc/sysconfig//network file:
# vi /etc/sysconfig/network

Append/modify configuration as follows:
NETWORKING=yes
 HOSTNAME=www.cheenu.com
GATEWAY=10.10.29.65

Save and close the file. Restart networking:
# /etc/init.d/network restart

Make sure you have correct DNS server defined in /etc/resolv.conf file:
# vi /etc/resolv.conf

Setup DNS Server as follows:
nameserver 10.0.80.11
nameserver 10.0.80.12

Save and close the file. Now you can ping the gateway/other hosts:
$ ping 10.0.80.12

Output:
PING 10.0.80.12 (10.0.80.12) 56(84) bytes of data.
64 bytes from 10.0.80.12: icmp_seq=1 ttl=251 time=0.972 ms
64 bytes from 10.0.80.12: icmp_seq=2 ttl=251 time=1.11 ms

***************all the best**********************

How Do I Enable Remote Access To MySQL Database Server?

By default remote access to MySQL database server is disabled for security reasons. However, some time you need to provide remote access to database server from home or a web server.
MySQL Remote Access
You need type the following commands which will allow remote connections.
Step # 1: Login Using SSH (if server is outside your data center)
First, login over ssh to remote MySQL database server:
ssh user@mysql.nixcraft.i
Step # 2: Edit my.cnf File
Once connected you need to edit the MySQL server configuration file my.cnf using a text editor such as vi.
If you are using Debian Linux file is located at /etc/mysql/my.cnf location
If you are using Red Hat Linux/Fedora/Centos Linux file is located at /etc/my.cnf location
If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf
Edit /etc/my.cnf, run:
# vi /etc/my.cnf
Step # 3: Once file opened, locate line that read as follows
[mysqld]
Make sure line skip-networking is commented (or remove line) and add following line
bind-address=YOUR-SERVER-IP
For example, if your MySQL server IP is 65.55.55.2 then entire block should be look like as follows:
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/English
bind-address = 65.55.55.2
# skip-networking
....
..
....
Where,
bind-address : IP address to bind to.
skip-networking : Don’t listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.
Step# 4 Save and Close the file
Restart the mysql server, enter:
# /etc/init.d/mysql restart
Step # 5 Grant access to remote IP address
Connect to mysql server:
$ mysql -u root -p mysql
Grant access to a new database
If you want to add a new database called foo for user bar and remote IP 202.54.10.20 then you need to type the following commands at mysql> prompt:
mysql> CREATE DATABASE foo;
mysql> GRANT ALL ON foo.* TO bar@'202.54.10.20' IDENTIFIED BY 'PASSWORD';
How Do I Grant Access To An Existing Database?
Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin, To grant access to this IP address type the following command At mysql> prompt for existing database, enter:
mysql> update db set Host='202.54.10.20' where Db='webdb';
mysql> update user set Host='202.54.10.20' where user='webadmin';
Step # 5: Logout of MySQL
Type exit command to logout mysql:
mysql> exit
Step # 6: Open port 3306
You need to open TCP port 3306 using iptables or BSD pf firewall.
A sample iptables rule to open Linux iptables firewall
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your web server located at 10.5.1.3:
/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your lan subnet 192.168.1.0/24:
/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --destination-port 3306 -j ACCEPT
Finally save all rules:
# service iptables save
A sample FreeBSD / OpenBSD pf rule ( /etc/pf.conf)
pass in on $ext_if proto tcp from any to any port 3306
OR allow only access from your web server located at 10.5.1.3:
pass in on $ext_if proto tcp from 10.5.1.3 to any port 3306 flags S/SA synproxy state
Step # 7: Test it
From your remote system or your desktop type the following command:
$ mysql -u webadmin –h 65.55.55.2 –p

Where,
-u webadmin: webadmin is MySQL username
-h IP or hostname: 65.55.55.2 is MySQL server IP address or hostname (FQDN)
-p : Prompt for password
You can also use telnet to connect to port 3306 for testing purpose:
$ telnet 65.55.55.2 3306

Linux routing basics

Creating routes in Linux : Basic Linux routing 
Add a route to a network:

#route add -net network/mask gw default-gateway

Example

#route add -net 10.10.10.0/24 gw 192.168.0.1

Adding default gateway
#route add default gw default-gateway

Example

#route add default gw 192.168.0.1

Adding a route to specific host
#route add -host host-name gw default-gateway

Example:

#rotue add -host 2.34.5.6 gw 192.168.0.1

Deleting route to a network
#route del -network network/subnet default-gateway

Example

#route del -net 10.10.10.0/24 gw 192.168.0.1

Deleting default gateway

#route del default gw default-gatway
Example :
#route del default gw 192.168.0.1
Deleting specific host from routing table

#route del -host ip-add gw default-gateway

Example

#route del -host 10.10.10.45 gw 192.168.0.1

Seeing routing table

#netstat -rn
#route

Note : The old gate way will still remain and may need to be taken out for the system to function properly. Routes are made permanent in Red Hat Linux by adding routes to/etc/sysconfig/static-routes. 

Linux File Systems: Ext2 vs Ext3 vs Ext4

ext2, ext3 and ext4 are all filesystems created for Linux. This article explains the following:
High level difference between these filesystems.
How to create these filesystems.
How to convert from one filesystem type to another.

 Ext2

Ext2 stands for second extended file system.
It was introduced in 1993. Developed by Rémy Card.
This was developed to overcome the limitation of the original ext file system.
Ext2 does not have journaling feature.
On flash drives, usb drives, ext2 is recommended, as it doesn’t need to do the over head of journaling.
Maximum individual file size can be from 16 GB to 2 TB
Overall ext2 file system size can be from 2 TB to 32 TB

Ext3
Ext3 stands for third extended file system.
It was introduced in 2001. Developed by Stephen Tweedie.
Starting from Linux Kernel 2.4.15 ext3 was available.
The main benefit of ext3 is that it allows journaling.
Journaling has a dedicated area in the file system, where all the changes are tracked. When the system crashes, the possibility of file system corruption is less because of journaling.
Maximum individual file size can be from 16 GB to 2 TB
Overall ext3 file system size can be from 2 TB to 32 TB
There are three types of journaling available in ext3 file system.
Journal – Metadata and content are saved in the journal.
Ordered – Only metadata is saved in the journal. Metadata are journaled only after writing the content to disk. This is the default.
Writeback – Only metadata is saved in the journal. Metadata might be journaled either before or after the content is written to the disk.
You can convert a ext2 file system to ext3 file system directly (without backup/restore).
Ext4
 
Ext4 stands for fourth extended file system.
It was introduced in 2008.
Starting from Linux Kernel 2.6.19 ext4 was available.
Supports huge individual file size and overall file system size.
Maximum individual file size can be from 16 GB to 16 TB
Overall maximum ext3 file system size is 1 EB (exabyte). 1 EB = 1024 PB (petabyte). 1 PB = 1024 TB (terabyte).
Directory can contain a maximum of 64,000 subdirectories (as opposed to 32,000 in ext3)
You can also mount an existing ext3 fs as ext4 fs (without having to upgrade it).
Several other new features are introduced in ext4: multiblock allocation, delayed allocation, journal checksum. fast fsck, etc. All you need to know is that these new features have improved the performance and reliability of the filesystem when compared to ext3.
In ext4, you also have the option of turning the journaling feature “off”.
Warning: Don’t execute any of the commands given below, if you don’t know what you are doing. You will lose your data!

Creating an ext2, or ext3, or ext4 filesystem
 
Once you’ve partitioned your hard disk using fdisk command, use mke2fs to create either ext2, ext3, or ext4 file system.
Create an ext2 file system:
mke2fs /dev/sda1
Create an ext3 file system:
mkfs.ext3 /dev/sda1

(or)

mke2fs –j /dev/sda1
Create an ext4 file system:
mkfs.ext4 /dev/sda1

(or)

mke2fs -t ext4 /dev/sda1
Converting ext2 to ext3
For example, if you are upgrading /dev/sda2 that is mounted as /home, from ext2 to ext3, do the following.
umount /dev/sda2

tune2fs -j /dev/sda2

mount /dev/sda2 /home
Note: You really don’t need to umount and mount it, as ext2 to ext3 conversion can happen on a live file system. But, I feel better doing the conversion offline.
Converting ext3 to ext4
If you are upgrading /dev/sda2 that is mounted as /home, from ext3 to ext4, do the following.
umount /dev/sda2

tune2fs -O extents,uninit_bg,dir_index /dev/sda2

e2fsck -pf /dev/sda2

mount /dev/sda2 /home
Again, try all of the above commands only on a test system, where you can afford to lose all your data.

Perform SSH and SCP Without Entering Password on openSSH

In this article, I’ll explain how to perform ssh and scp without entering the password using the SSH Public Key authentication with SSH Agent on openSSH
There are two levels of security in the SSH key based authentication. In order for you to login, you need both the private key and the passphrase. Even if one of them is compromised, attacker still cannot login to your account, as both of them are needed to login. This is far better than typical password based authentication, where if the password is compromised, attacker can gain access to the system.
There are two ways to perform ssh and scp without entering the password:
No passphrase. While creating key pair, leave the passphrase empty. Use this option for the automated batch processing. for e.g. if you are running a cron job to copy files between machines this is suitable option.
Use passphrase and SSH Agent. If you are using ssh and scp interactively from the command-line and you don’t want to use the password everytime you perform ssh or scp, I don’t recommend the previous option (no passphrase), as you’ve eliminated one level of security in the ssh key based authentication. Instead, use the passphrase while creating the key pair and use SSH Agent to perform ssh and scp without having to enter the password everytime as explained in the steps below.
Following 8 steps explains how to perform SSH and SCP from local-host to a remote-host without entering the password on openSSH system

1. Verify that local-host and remote-host is running openSSH

 [local-host]$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

[remote-host]$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

2. Generate key-pair on the local-host using ssh-keygen

[local-host]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):<Hit enter>
Enter passphrase (empty for no passphrase): <Enter your passphrase here>
Enter same passphrase again:<Enter your passphrase again>
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is:
31:3a:5d:dc:bc:81:81:71:be:31:2b:11:b8:e8:39:a0 jsmith@local-host

 The public key and private key are typically stored in .ssh folder under your home directory. In this example, it is under /home/jsmith/.sshd. You should not share the private key with anybody.
By default the ssh-keygen on openSSH generates RSA key pair. You can also generate DSA key pair using: ssh-keygen -t dsa command.

3. Install public key on the remote-host

Copy the content of the public key from the local-host and paste it to the /home/jsmith/.ssh/authorized_keys on the remote-host. If the /home/jsmith/.ssh/authorized_keys already has some other public key, you can append this to the end of it. If the .ssh directory under your home directory on remote-host doesn’t exist, please create it.

[remote-host]$ vi ~/.ssh/authorized_keys
ssh-rsa ABIwAAAQEAzRPh9rWfjZ1+7Q369zsBEa7wS1RxzWR jsmith@local-host

In simple words, copy the local-host:/home/jsmith/.ssh/id_rsa.pub to remote-host:/home/jsmith/.ssh/authorized_keys

4. Give appropriate permission to the .ssh directory on the remote-
 host.
 [remote-host]$ chmod 755 ~/.ssh
[remote-host]$ chmod 644 ~/.ssh/authorized_keys

 5. Login from the local-host to remote-host using the SSH key authentication to verify whether it works properly.

[local-host]$ <You are on local-host here>

[local-host]$ ssh -l jsmith remote-host
Enter passphrase for key '/home/jsmith/.ssh/id_rsa': <Enter your passphrase here>
Last login: Sat Jun 07 2008 23:03:04 -0700 from 192.168.1.102
No mail.

[remote-host]$ <You are on remote-host here>

6. Start the SSH Agent on local-host to perform ssh and scp without having to enter the passphrase several times

Verify whether SSH agent is already running, if not start it as shown below.
[local-host]$ ps -ef | grep ssh-agent
511 9789 9425 0 00:05 pts/1 00:00:00 grep ssh-agent

[local-host]$ ssh-agent $SHELL

[local-host]$ ps -ef | grep ssh-agent
511 9791 9790 0 00:05 ? 00:00:00 ssh-agent /bin/bash
511 9793 9790 0 00:05 pts/1 00:00:00 grep ssh-agent

7. Load the private key to the SSH agent on the local-host

[local-host]$ ssh-addEnter passphrase for /home/jsmith/.ssh/id_rsa: <Enter your passphrase here>
Identity added: /home/jsmith/.ssh/id_rsa (/home/jsmith/.ssh/id_rsa)
Following are the different options available in the ssh-add:
ssh-add <key-file-name>: Load a specific key file.
ssh-add -l: List all the key loaded in the ssh agent.
ssh-add -d <key-file-name>: Delete a specificy key from the ssh agent
ssh-add -D: Delete all key

8. Perform SSH or SCP to remote-home from local-host without entering the password

local-host]$<You are on local-host here>
[local-host]$ ssh -l jsmith remote-host
Last login: Sat Jun 07 2008 23:03:04 -0700 from 192.168.1.102
No mail.
<ssh did not ask for passphrase this time>
[remote-host]$ <You are on remote-host here>

Linux disk recovery

After any power problem with the linux machine, the filesystem could be corrupted and you may not be able to login. When this happens, you will need e2fsck, the tool to recover ext2 or ext3 partitions. (Do not ever use it with a partition that has AFS or another format).

Boot with a live cd or the first cd of Redhat and write "linux rescue".
Do not let the rescue mode to detect the linux partitions, else it would mount them and you do not want to mount the partitions yet, the file system check (e2fsck) can cause severe problems on a mounted partition.

When you are at the rescue mode prompt, write:

# e2fsck -c -c -v -y /dev/hda1
It is important to user "-c -c" (twice) this means that badblocks will scan using a non-destructive read-write test.
"-v" to verbose and see the status of fsck.
"-y" says to answer "yes" to all the questinons from fsck.

REDHAT DVD ISO FILE FREE DOWNLOAD{http://freedownloadzone.org/operating_systems_2.html}

http://freedownloadzone.org/operating_systems_2.html

http://freedownloadzone.org/operating_systems_2.html

http://freedownloadzone.org/operating_systems_2.html

http://freedownloadzone.org/operating_systems_2.html



*********************ALL THE BEST** 

How to Add a new yum repository to install software under CentOS / Redhat Linux

CentOS / Fedora Core / RHEL 5 uses yum for software management. Yum allows you to add a new repository as a source to install binary software.

Understanding yum repository
 
yum repository configured using /etc/yum.conf file. Additional configuration files are also read from the directories set by the reposdir option (default is /etc/yum.repos.d and /etc/yum/repos.d.
RPMforge repository
Usually repository carries extra and useful packages. RPMforge is one of such repository. You can easily configure RPMforge repository for RHEL5 just by running following single RPM command:
# rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
For 64 bit RHEL 5 Linux, enter:
# rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
Now you can install software from RPMforge.

How do I install 3rd party repository manually?
 
Let us say you would like to install 3rd party repository from foo.nixcraft.com. Create a file called foo:
# cd /etc/yum.repos.d
# vi foo
Append following code:
[foo]
name=Foo for RHEL/ CentOS $releasever - $basearch
baseurl=http://foo.nixcraft.com/centos/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://foo.nixcraft.com/RPM-GPG-KEY.txt
Save and close the file.
Where,
[foo] : Repository name i.e. The [main] section must exist for yum to do anything.
name=Foo for RHEL/ CentOS $releasever - $basearch : A human readable string describing the repository name
baseurl=http://foo.nixcraft.com/centos/$releasever/$basearch/ : Must be a URL to the directory where the yum repository’s ‘repodata’ directory lives
enabled=1 : Enabled or disabled repo. To disable the repository temporarily, set the enabled to 0
gpgcheck=1 : Security feature, use GPG key
gpgkey=http://foo.nixcraft.com/RPM-GPG-KEY.txt : GPL file location
Also you need to import the gpg key for the repository as follows:
# rpm --import http://foo.nixcraft.com/RPM-GPG-KEY.txt
Now you are ready to install software from foo repository. For further information refer to yum.conf man page:
$ man yum.conf
$ man yum
Hope this tip will help you to configure repository as and when required

Linux: TMOUT To Automatically Log Users Out

How do I auto Logout my shell user in Linux after certain minutes of inactivity?

Linux bash shell allows you to define the TMOUT environment variable. Set TMOUT to automatically log users out after a period of inactivity. The value is defined in seconds. For example,

export TMOUT=120

The above command will implement a 2 minute idle time-out for the default /bin/bash shell. You can edit your ~/.bash_profile or /etc/profile file as follows to define a 5 minute idle time out:

# set a 5 min timeout policy for bash shell
TMOUT=300
readonly TMOUT
export TMOUT

Save and close the file. The readonly command is used to make variables and functions readonly i.e. you user cannot change the value of variable called TMOUT.
How Do I Disable TMOUT?

To disable auto-logout, just set the TMOUT to zero or unset it as follows:
$ export TMOUT=0
or
$ unset TMOUT
Please note that readonly variable can only be disabled by root in /etc/profile or ~/.bash_profile.

Howto: Upgrade Linux Kernel

How do I upgrade my Linux kernel? I would like to upgrade kernel without compiling from source code i.e. binary upgrade. How do I perform the actual upgrade of the kernel in Linux?

You need to compile kernel only if:
=> You need custom made kernel for specific task such as embedded kernel.
=> Apply third party security patches.
=> You need to apply specific patch to Linux
Upgrade of the kernel in Red Hat enterprise Linux version <= 4.x
If your system is registered with Red Hat Network (RHN), then you can use the up2date command as follows:
# up2date -f kernel
For SMP kernel (multi core or multiple CPU) use command:
# up2date -f kernel-smp
Upgrade of the kernel in Fedora Linux / CentOS / RHEL 5
Use yum command to upgrade kernel:
# yum update kernel
If you have downloaded RPM file use rpm command:
# rpm -ivh kernel*

portnumbers in servers

port number application
21 ftp
22 ssh
23 telnet
25 smtp mail port
53 dns port
67 dhcp server
79 finger command for smtp mail server ETRN finger port
80 http port
110 pop3 port
115 sftp port
123 network time protocal port
143 imap4 port
177 xmanager port tcp
389 ldap port
443 hhtp port (ssl)
445 microsoft active directory and smb protocal port
465 google mail outgoing mail server
636 ldap(ssl)
993 secure internet message access protocalport
1433 sql server port
1434 sql server monitoring port
1521 oracle port
2000 cisco ip phone port
3306 default mysql port
3389 remote desktop port and terminal server port
5900 real vnc default remote control port
6000 tcp port for xmanager port
8080 http internet traffic port

Root user login on VSFTP

As you know ftp servers normally wont allow to login as root user or any of the local user (Example : daemon,bin, sys, nobody…etc) due to security and preventing the ftp servers from ftp brute force scanner attacks. If you still want to enable root user login on vsFTP for some reasons, here is a short tutorial which allows you to do that.

Enabling Root User Login On VSFTP

SSH your server as root and then search for the files ftpusers, vsftpd.users (or) user_list (on Centos the locations should be under the /etc/vsftpd or under /etc). Edit the files on your favorit editor and remove the ” root ” from the list of users. Now edit the /etc/vsftpd.conf file and enable/uncomment the following two lines :

# vi /etc/vsftpd.conf

local_enable=YES
userlist_file=/etc/vsftpd/vsftpd.users (if exist)

Restart the vsftpd server to load with the new configuration.

# /etc/init.d/vsftpd restart
Now try login as root via ftp and see how it goes.

Find Out CPU Architecture Information on Linux

You can use /proc/cpuinfo file or use the lscpu command to get info about CPU architecture.

$ less /proc/cpuinfo

Or

$ lscpu

Disabling USB ports

If you administrating a small or large workstations running with Linux Desktops and want to disable the USB ports for security so that no one can copy the data via pen drive, try the following steps to disable the USB port(s).

Edit the grub.conf and add the following lines(you need to login as root).
# vi /boot/grub/grub.conf

Then add the following lines on the right kernel version

kernel /vmlinuz<your-kernel-version> rhgb quiet nousb

Save and exit the file and reboot the system to disable the USB ports and the boot time.