Sunday, November 6, 2011

Change the default SSH port on Linux

OpenSSH server uses TCP Port 22 by default.Since, it is a common target for hackers and brute-forces, it is a good practice to change the port to something higher.Let's assume that we want to change the port to 2222, then as root,

nano /etc/ssh/sshd_config


Edit the line which says Port 22 to Port 2222.

Do remember that the port should not be in use by another program or service.Now,restart SSH server via

service ssh restart


You may want to setup your IPtables rules or other firewall rules to allow incoming TCP packets in port 2222.In case you are using ufw ,you would do ,

ufw allow 2222/tcp

Tuesday, November 1, 2011

Setup Static IP Address on Debian 6 (Squeeze)

During installation, Debian uses DHCP by default.You should disable DHCP feature for primary network interface by editing /etc/network/interfaces
By default, it looks like following:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo
inet loopback


# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp



We should make this look like:


# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo
inet loopback


# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.1
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1



You may not need to enter network and broadcast details.
Now, restart service by 
/etc/init.d/networking restart

Installing Virtualmin on Debian 6 (Squeeze)

I am using Debian Squeeze for installing Virtualmin. So, here are the steps:


Step 1 : Fresh Install Your System
Virtualmin installs everything for you.No particular partitioning is required.


Step 2 : Set up Fully Qualified Domain Name for your System
Refer to http://linuxdo.blogspot.com/2011/11/fully-qualified-domain-name-on-debian.html


Step 3 : Download Virtualmin Installer Script
Available at http://software.virtualmin.com/gpl/scripts/install.sh

Step 4 : Run the script
sh ./install.sh



In minutes, everything will be installed and you can access the Control Panel on https://[your-ip]:10000 . And then log in as the "root" user, or any user with sudo access.



Fully Qualified Domain Name on Debian Squeeze

Debian uses a simple FQDN approach by getting the values from hosts file.So, if you would like to set up ns1.example.com as a FQDN for your server, then modify /etc/hosts file so it looks like

127.0.0.1 localhost 127.0.1.1 ns1.example.com ns1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts

Other values may depend on your system.

Tuesday, October 11, 2011

Exclude Directories or Files with Tar

I often do backups of my public_html but since I don't need folders like phpMyAdmin and logs, I found an easy way to do that in order to reduce backup size.The command to do this is:
tar -zcvf backup.tar.gz public_html/ --exclude "public_html/phpMyAdmin" --exclude "public_html/logs"


I am outside the public_html directory while doing this.For a more general case, it would be:
tar -zcvf filename.tar.gz directory_to_backup --exclude "directory_to_exclude"


This way, I save time and space.Hope this will be useful.
Remember that individual files can be too excluded by replacing directory with filename.

Catching all emails for a domain with Postfix(Catch all Emails)


We have to add a wildcard entry in /etc/postfix/virtual or any virtual mapping files.For simplicity we use /etc/postfix/virtual  file and append this:
@example.com  admin
And we have to do this to map that:
postmap /etc/postfix/virtual
And add this line if it does’t exist in /etc/postfix/main.cf:
virtual_alias_maps = hash:/etc/postfix/virtual
Finally,
/etc/init.d/postfix restart

This way every email sent to anything@example.com will be redirected to admin@example.com

Changing User Login Shell On Linux


There are many kinds of shells available.I prefer bash shell which is default on Debian Systems.
To see available shells,do:
cat /etc/shells
To change the shell for a user,we have to edit /etc/passwd file and replace the line /bin/shellname to  your preferred shell.
For example, replace /bin/sh to /bin/bash for user to which it is being done.

Sunday, October 9, 2011

Creating a backup tar archive

With tar, it is easy to backup whole directory including its permissions.To do this on a directory called 'web', we would type:
tar -pczf web.tar.gz web/
Thus, a tar archive is created and you can restore it with:
tar -pxzf web.tar.gz



Saturday, October 1, 2011

Easy SEO friendly htaccess and Nginx rules for Wordpress

Wordpress has always been SEO-friendly right from the box.But if you want it to be more,then here is a sample htaccess and Nginx rules that may help you.These rules redirect every errors to Wordpress error pages as well as forward non-canonical links to canonical links.Even non-www urls are redirected.

Save this as .htaccess:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{HTTP_HOST} ^linuxdo\.blogspot\.com$ [NC]
RewriteRule ^(.*)$ http://www.linuxdo.blogspot.com/$1 [R=301,L]
</IfModule>
# END WordPress


--Replace linuxdo.blogspot.com with your webpage url.--

Insert this in Nginx virtual host conf file:

if (!-f $request_filename){
set $rule_0 1$rule_0;
}
if (!-d $request_filename){
set $rule_0 2$rule_0;
}
if ($rule_0 = "21"){
rewrite /. /index.php last;
}
if ($http_host ~* "^linuxdo\.blogspot\.com$"){
set $rule_1 1$rule_1;
}
if ($rule_1 = "1"){
rewrite ^/(.*)$ http://www.linuxdo.blogspot.com/$1 permanent;
break;
}


--Replace linuxdo.blogspot.com with your webpage url.--

Hope this helps.



PHP script to show system status

Here is a simple PHP script to show system status:



<html>
<body>
<pre>
Uptime:
<?php system("uptime"); ?>
System Information:
<?php system("uname -a"); ?>
Memory Usage (MB):
<?php system("free -m"); ?>
Disk Usage:
<?php system("df -h"); ?>
CPU Information:
<?php system("cat /proc/cpuinfo | grep \"model name\|processor\""); ?>
Hostname:
<?php system("hostname -s"); ?>
</pre>
</body>
</html>
Save this as status.php or anything you like.Note that the system function should be enabled.

Sunday, June 12, 2011

Apache and other services in alternative ports on Dynamic IP hosting

If you don't want to mess up with Apache and other mail services on alternative port esecially on dynamic hosting,then there is a easy way out:
Issue this command:


iptables -t nat -A PREROUTING -i eth0 -p tcp --dport $srcPortNumber -j REDIRECT --to-port $dstPortNumber


So if you want to redirect port 81 to Apache:


iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 81 -j REDIRECT --to-port 80


So you can set up alternative port in your Dynamic DNS provider and host your own server.

Saturday, May 28, 2011

fuser, alternative for Windows application Unlocker

fuser displays the PIDs of processes using the specified files or file systems.For example if you have a locked file named foo.txt on /home/user/,the you would type:


fuser /home/user/foo.txt


The command displays some numbers.Its the pid of process using the file.Now as a root type:


kill <pid>
or
sudo kill <pid>



without the redirectors.Linux has everything you wish for.

Speeding web browsing with Squid

Squid is a caching proxy server.I live in the place where a high speed internet connection is just a fake dream.So using Squid really helped me a lot.


Requirements:
Squid-Available from your repo.
Yast2-Squid-If you use openSUSE, this is the graphical method of configuring Squid.If you have other Linux variant,you could try ostatic.com/squid-config as an alternative.


Head over to Yast and launch Squid configuration.Check 'Start Squid at boot time' and on cache directory option, increase the value of cache size to optimum size.Open your browser, go to Preferences ------>Network and change proxy to
Address:127.0.0.1
Port:3128
Restart the computer and check the differences after some days.

Friday, May 27, 2011

Convert an ext3 file system into ext4

Ext4 file system provides better performance and faster file system check than the ext3 file system.
If you want to convert your existing file systems,the the first requirement is with the kernel.


Type
uname -a 


and make sure it is higher than 2.6.28.
To switch over to the Ext4drivers without changing any files,edit the fstab file located in /etc and replace every occurrence of ext3 to ext4.
Now issue:


sudo tune2fs -o extents,uninit_bg,dir_index <dev>


where dev stands for disk edited in the previous step.
As for example,if my disk was /dev/sda1, then I would do:


sudo tune2fs -o extents,uninit_bg,dir_index dev/sda1


Now restart your computer and do:


grub-install <dev> 


to install Grub to latest build.
Now, new files will be utilizing the features of new file system and old ones will be using ext3.

Bad experience with Ubuntu 11.04

OK!
After rounds of hearing that Ubuntu is the easiest distro,I downloaded Ubuntu 11.04 after a year of downloading 10.XX(LTS).
Unity interface really sucked.I spent 10 minutes just searching for Graphical settings and found that there was not any.YAST made me too lazy.
In a country with 128 Kbps internet, I had no problem updating openSUSE, thanks to delta packages.


When I tried updating Ubuntu released 10 days before,a whooping 168MB of update made me press the reset button, go to openSUSE, open Disk utility and delete the partition at once.


But I thought openSUSE has to learn something from Ubuntu.The unified Application store is one of these to be inspired of.

Mounting NTFS partitions with full read-write support




By default,NTFS filesystems are
readable by users and writable by root only.But it may pose a difficulty to people doing dualboot with Windows.So here is a easy way out:
  • Copy fstab from /etc/ to your
    Desktop or any other folder.
  • Open it and edit as


Original


To do


fmask=133


fmask=113


dmask=022


dmask=002


In my case it was:
/dev/disk/by-id/ata-WDC_WD5000AADS-00S9B0_WD-WCAV9C076470-part7 /windows/g ntfs-3g user,users,gid=users,fmask=113,dmask=002,locale=en_US.UTF-8 0 0

And remember to add user to the end.

Sunday, April 24, 2011

Printing To PDF using CUPS

CUPS-PDF is designed to produce PDF files in a heterogeneous network by providing a PDF printer on the central fileserver. It is available under the GPL and is packaged for many different distributions or can be built directly out of the source files.
Here are the steps to get working:
  • Use the "root" username and password.
  • Select the Administration tab and click "Find New Printers".
  • Click "Add This Printer" and then "Continue"(It may be automatically added)
And you are done.Select print from any application and start making PDFs.It saves generated pages on


/var/spool/cups-pdf/yourusername/
 
To change this, edit the /etc/cups/cups-pdf.conf file. For example to store the PDF files in the "Desktop" directory in each user's home directory you may set:
Out ${HOME}/Desktop
 
Happy Printing To PDF. 
     
     
     
     

    Monday, April 18, 2011

    What Windows cannot do?


    Yet newcomers might think Windows is slick and can do almost anything. However there are some things and even many that Linux can do and Windows cannot.
    It cant give you the source code free of cost.
    It can’t let you write a program that can freely talk with the devices.
    It can’t stop spying on you.(Consider Alexa)
    It can’t resist people making modified and forged versions of Windows.
    It can’t stop forcing you to install different packs like Security Essentials and annoying Activation technologies.
    And much more...................................................................................................................................

    Friday, April 1, 2011

    Canterbury Distribution,a reality or an April fool?

    Debian, Gentoo, Grml, openSUSE and Arch Linux have unified to merge their effort to Canterbury project to develop an operating system based on all the features of these Linux distributions.This is a very good news but this day is April 1st and I hope that this is not a prank led on April.This is a great leap towards development of Linux.If this happens, then Windows will surely fall apart.
    On their words
    "We are pleased to announce the birth of the Canterbury distribution. Canterbury is a merge of the efforts of the community distributions formerly known as Debian, Gentoo, Grml, openSUSE and Arch Linux.
    The target is to produce a really unified effort and be able to stand up in a combined effort against proprietary operating systems, to show off that the Free Software community is actually able to work together for a common goal instead of creating more diversity."
    Following will perhaps be the consequences of this amalgamation:
      • Unified binary(RPM and DEB will be unified with interoperability)
      • Faster updates and greater helping community
      • Support for much larger spectrum of Hardware.
      • Polished user interface for novices.
    And much more.......
    Now it is time to wait and see.
    Have a look at these sites:
    openSUSE Homepage
    ArchLinux Homepage
    Debian Homepage
    Gentoo Homepage
    GRML Homepage


    Update: It was an April fool.

    Wednesday, March 30, 2011

    lmsensors,an intel active monitor alternative

    If you have an Intel Moterboard,there is a program in Windows called Intel Active Monitor that displays current temperature of the cabinet.It is also available in other motherboards like in MSI, but with its own application.


    lmsensors are specific libraries for accessing sensors on the computer.Sensors are mostly located in CPU and some new motherboards.If a hard disk is SMART enabled,then its temperature can be retrieved too.


    To get it working,download lmsensors from your Linux distribution repositories and the initiate 'sudo sensors' without quotes in terminal.It will ask for different questions step by step.Just type "y" and press enter between each questions.


    lmsensors also adds all the recognised modules to the boot flag.Restart the computer,and if you use KDE,then add Temperature Monitor widget and start getting temperatures.


    If you use Gnome,there is a similar applet called "GNOME Sensors Applet".

    Get Back Firefox Button in Linux

    I updated my Firefox to the latest version and was eager to see it working hard.Everything was superior but the Firefox button was missing.
    However there is an easy way to get it back.Just right click on free space near to menu bar and untick menu bar.Voila,your button is back.
    Happy surfing.

    Tuesday, March 22, 2011

    Finding files via Linux terminal

    Easy way to find files in terminal is to issue the command:


    sudo find / -name {filename with/without wildcards}


    For example:


    sudo find / -name *.rpm


    will result the entire rpm files in / directory to be listed with full path.
    Happy searching.

    Restoring default Gnome settings

    After messing up with Gnome settings, I couldn't find a way to restore them easily without creating a new account.
    But however an easy approach is to delete (.gnome or .gnome2) and .gconf folders located in /home/{user}


    Happy tweaking and messing with Gnome.

    Monday, March 21, 2011

    Wget,the best download manager for Linux

    Those using Download managers in Windows may be in difficulty finding a good download manager for Linux.However the best download manager for Linux is Wget.Although it doesn’t have a GUI and is a terminal based program,it is much responsive and faster than any other Download manager.
    Just fire up a terminal,and issue


    wget "download location"
    If the download location contains brackets,then you have to use inverted commas.
    To pause a task,issue Ctrl+Z.
    To start it again,type fg "number"
    where number is the job number given when you press Ctrl+Z.Typically first task is given number 1.If you want to start the unfinished download,hover to that directory containing the file,and issue same command as you would do to start download but with -c switch.
    Happy downloading..

    Saturday, March 19, 2011

    OpenSUSE 11.4 extensive review



    I downloaded the latest version of openSUSE. It was 11.4.I was really amazed as it meets my pre-thoughts. The improved kernel and many other fixes make this version of openSUSE stable, secure and faster. The new gnome is much more stable and KDE is also repainted. Looks like openSUSE team has given a lot of attention towards artwork. This latest version stars up in a handful of seconds and shuts down in about 10 seconds, much faster than bloaty windows. This review is based on openSUSE 64 bit DVD download.
    Installation
    Earlier openSUSE installations were unresponsive by time. But however the new installation is amazingly responsive and easy. As like previous installations, it suggests a partition setup based on the existing partitions. I had a free space on logical partition and also had a 250 GB partition. It automatically suggested me to shrink the volume and create a new partition. It also detected windows partitions and assigned it the proper mount points. OpenSUSE installation prefers separate home partition which is a nice feature. It also provides the ability to use separate root password unlike Ubuntu and other Linux based operating system.
    Installation from images really improved the installation speed. The kexec is enabled during setup which does the same thing as rebooting but without actually rebooting the PC. That’s why; unlike windows the setup doesn’t require restarts over restarts. During setup it automatically detects printers, TV card, network interface cards and setup it automatically for easier use.
    Gnome
    The new gnome "2.32.1" looks great. It responds much faster and with Compiz, the animations are superb and productive. On hovering a mouse on panel, it displays a quick preview of windows as like in windows 7.windows switching is also great. The pre-bundled wallpapers are handful but likely to be picked by hand. The font rendering is superior on my led screen. The windows are well managed and notifications are too provided the right place. Gnome’s “open in terminal” is the most useful feature that is available from early openSUSE and is also continued to 11.4.
    KDE
    KDE may look just as it was before but there has been great improvement in speed. The new Bluetooth manager namely "name" now solved my problem of not being able to pair with mobiles with MTK firmware’s (MTK is the main chipset for wide range of phones specially manufactured in Asia which includes Spice, Micromax, Zen, Iphone clones and many other phones. The widgets don’t show much difference but however they load data aster than before. openSUSE 11.3 had problem synchronizing weather with weather widget.
    Internet
    OpenSUSE 11.4 is equipped with Firefox 4 beta and will be upgraded to stable version when available. The new Firefox is well integrated with the environment and aims to provide the faster and safer browsing.
    Also with empathy, it’s easy to connect with popular IM protocols like AOL, Yahoo, Gmail and much more. Linphone provides easy VOIP calling.
    Productivity
    OpenSUSE is perhaps the first major operating system released with LibreOffice, the new branding to OpenOffice.org office suite. The latest koffice also has some improvements.
    32 bit support
    With 32 bit libraries available, openSUSE can run many of 32 bit applications without problems. The 32 bit libraries for wine and a separate terminal are also available.
    Repository and Non OSS software
    OpenSUSE repository contains non-oss programs like flash player, adobe reader and much more to provide easy installation of these programs. The openSUSE codecs installer eliminates the need of doing a painful job of installing codecs. Packman repository also provides easy installations of software’s that are not allowed to be included in an open source operating system as per GPL. The updated VLC repository also provides VLC and its dependencies to openSUSE 11.4.
    Security
    The new Linux kernel "2.6.37" is patched with many updates and bug fixes. It is much stable too. The scheduler and resource manager has also been updated.
    The AppArmor provides proactive defense against violating applications.
    Virtualization
    With Xen and Virtualbox, there is no need for separate OS installations as they works seamlessly with gnome or KDE. I had a virtual machine created in windows and I could immediately start that within a few clicks. Wine also runs without problems so as to run windows applications.
    Verdict
    OpenSUSE 11.4 may not be the operating system for one looking for lots of oh! and wah! but is suitable for one looking for a stable, productive and notably green operating system. To get accompanied with openSUSE, there are little things to know like knowing the naming conventions of Linux and handful of Linux jargon. However it is not as easy as using Ubuntu or its younger brothers. This is the operating system you must try.

    Monday, March 7, 2011

    OpenSUSE 11.4 is coming soon

    The most awaited update to OpenSUSE is coming on March 10.
    According to OpenSUSE,following are the main features and advancements over previous versions:
    • Branding and artwork has had a lot of attention, with the addition of the final wallpapers, splash screens and branding for 11.4.  The default wallpaper is called Celadon Stripes, taking its inspiration from the color codename for this release.
    • Package management has faster repository refresh and better proxy support thanks to curl and zsync
    • Freetype supports sub-pixel rendering
    • Linux 2.6.37 including free/open source Broadcom wlan drivers for some recent chips (4313, 43224, 43225)
    • Updater applets will now notify about package updates by default - not just patches anymore
    • Features in KDE:
      1. KDE SC 4.6.0 / KDEPIM 4.4.10
      2. Amarok 2.4.0
      3. KOffice 2.3.1
      4. Bluedevil is the new Bluetooth tool for KDE
      5. Plasmoid-networkmanagement replaces KNetworkManager
      6. Oxygen-gtk provides excellent visual integration of GTK applications in KDE
    And much more.
    So Hurry up and download it on MARCH 10.