Jul
07

Setting Up A SSH Trusted Connection & Bash Alias To Speed Up Automated Scripts

Written by Gregory Milby | Wednesday, July 7th, 2010

Need to automate some scripts?  Tired of constantly entering ssh user@server.address, then the password?  Having a trusted connection can drastically improve productivity if it is used in the correct conditions.  If you’re using a public machine, then this is NOT SMART.  If you’re using a machine that anyone else has access to, then again, this is not a solution, and shouldn’t be considered as an option.

However, if you have a private machine that you keep secure, and you want to setup some quick access to remote server, setup automatic backup scripts, take snapshots of drive data structures, then this will get you going quick!

Here’s the quick steps to get you on the road to automated scripts:

On your box, generate the ssh public key:

  • On your box, generate the ssh public key:
  • ssh-keygen -t dsa
  • when it asks for a passphrase, just hit return.
  • go to your home directory, then type, cd .ssh
  • cat id_dsa.pub – this is the generated ssh key you will give to the remote host.
  • On the remote host, as username@yourdomain.com
  • vi .ssh/authorized_keys
  • insert your ssh public key – the text from the .ssh/id_dsa.pub file on your box
  • make sure the text you copy is on a single line (it will not work if it’s not on a single line)
  • verify trusted SSH
  • In a terminal window type, ssh -Y username@yourdomain.com

If you want to take this one step further, and make it ever ‘faster’, setup an alias in the .bashrc file.

just add this line to your .bashrc in your home dir, and do not forget to close/reopen your terminal after you add this line, or you will not see it work (the config file will not be loaded):

alias home=’ssh username@yourdomain.com’

at the command prompt in terminal (after you’ve remembered to close & reopen it!) is type “home” and hit the enter key.

So, now you can type one word, get to your remote server in seconds rather than hassling through typing out the same info over and over.

One of your first tasks should be to write a backup script to backup your critical files like your .bashrc!

Enjoy,

Need a “Pick-Me-Up?”

No Comments

May
13

Ubuntu & Debian Firewall Mysteries Revealed a.k.a. how to get the app or service working ASAP!

Written by Gregory Milby | Thursday, May 13th, 2010
, , , ,

Fixing the mysteriously blocked applications, services and ports that elude traditional methods of common sense is quite the pain in the arse for the average guy just trying to get his server to work on an obscure port so his box doesn’t get hacked!

Here are some things to consider when you’re trying to enable a service, application or server in Ubuntu.  Bookmark this and pull it up the next time you need to make something work in Ubuntu, before you start hurling your pc across the room :)

Apparmor, may not be your friend… the average person who uses full-blown Ubuntu, also owns a firewall/router – Apparmor is ‘overkill’ in my humble opinion.  However, if you’re connected directly to your cable modem, it could be useful (see first sentence).

If YOU ARE behind a firewall/router, and you DO NOT need a software firewal solution, then use these commands to disable Apparmor. In most cases this will fix your connection issues:

AppArmor can be disabled, and the start-up module removed by entering the following:
sudo /etc/init.d/apparmor stop
sudo update-rc.d -f apparmor remove
To re-enable AppArmor enter:
sudo /etc/init.d/apparmor start
sudo update-rc.d apparmor defaults

UFW, is another term to be familiar with.  It’s the firewall app that is installed along side Apparmor. If you are trying to directly access ports, you can enable specific ports, or (again) totally disable to application if you know you are protected by a hardware router/firewall device (like a Linksys, Netgear DSL/Cable Router/Firewall)

Here are the common UFW control commands:

ufw needs to be enabled. From a terminal window enter:

sudo ufw enable
To open a port (this example is for ssh):
sudo ufw allow 22

Likewise, to close an opened port:
sudo ufw deny 22

To remove a rule, use delete followed by the rule:
sudo ufw delete deny 22

It is also possible to allow access from specific hosts to a port.
This example allows ssh access from host 192.168.0.5 to any ip address on this host:
sudo ufw allow proto tcp from 192.168.0.5 to any port 22

Replace 192.168.0.5 with 192.168.0.0/24 to allow ssh access from the entire subnet.

ufw can be disabled by:
sudo ufw disable

If the port you want to open or close is defined in /etc/services, you can use the port name instead of the number. In the above examples, replace 22 with ssh.

This quickstart will help you get your app’s online quick, and allow you to connect to them.

Please make any suggestions, and we will update the post. it’s good to see the Linux community coming together and giving M$ a run for their money :)

No Comments

Apr
28

CRONTAB The Super Easy No Non-sense Version

Written by Gregory Milby | Wednesday, April 28th, 2010

If you’re anything like the average linux user, then you’re probably re-learning & using crontab only when you need to.  Like those times you need to setup a new hard drive or system.  With any luck, we’ll cover the basics here, and make a quick reference point for you to find the no non-sense version of Crontab.

One thing that always seems to leave potential crontab’ers confused is the syntax of the file.  Knowing how to setup the time function to capture the intended task seems to be the biggest obstacle.

Considerations that you may want to consider before setting up a job would be:

  • Is the task going to have a high utilization?
  • Will the task take a long period to run?
  • How often does the task need to be executed?

If it is a task that is going to use a lot of system resource, then schedule it to run during off hours.  This seems like a no-brainer, but anyone who has worked in system administration can tell you a horror story about someone trying to run rsync backups during the day so they wouldn’t have to switch out tapes during the night – causing horrendous speed & processing drop-off  to everyone connected to the system.

In the same light, If it’s going to take forever to run (in excess of an hour), then schedule it for the overnight also. During times when people will not have need for system resources.

If you’re task qualifies as both, heavy use/long time to run, then schedule it for the weekend or over a holiday.

The charts this post demonstrate the same chart in a couple of different methods.  Being visual – my first choice is always a chart.

First off, to enter a crontab, type

~$crontab -e at the command prompt.

What these crontab columns mean are this:

example: 30 08 10 06 * /home/ramesh/full-backup

  • 30 – 30th Minute
  • 08 – 08 AM
  • 10 – 10th Day
  • 06 – 6th Month (June)
  • * – Every day of the week

The variation of scheduling can be subtle, but here are a few examples:

To schedule a job twice a day:

00 11,16 * * * /home/ramesh/bin/incremental-backup

  • 00 – 0th Minute (Top of the hour)
  • 11,16 – 11 AM and 4 PM
  • * – Every day
  • * – Every month
  • * – Every day of the week
an example crontab task may look like:
MAILTO=cron@username.plus.com
* * * * * /command/to/execute

An example crontab task may look something like:

MAILTO=cron@username.plus.com* * * * * /command/to/execute

Not to be thrown off, look at this cron job that will run every five minutes:

0,5,10,15,20,25,30,35,40,45,50,55 * * * * /command/to/execute

It’s common practice to have comma delimited lists in a column position to execute a command within units of the column it is in – especially in the minutes and hours column.

Hopefully this post will serve as a quick reference so that you can quickly setup a crontab without much trouble. Let me know (via comments) if you would like to explore any other aspect of this, and I will try to put something together.

    2 Comments

    Next Page »

    • Recommended by Attackr

      • Gravity Forms Plugin for WordPress
      • WordPress Themes by StudioPress

    • Article Contributors