Saturday, December 4, 2010

Install linux in a pendrive.

Install Linux in pen drive
Yea guys, this time I will show you how to install a Linux distribution in your pen drive. You can use this how-to install almost all the Linux distributions including Ubuntu, fedora, CentOS, Debian, KNOPPIX and much more.


What you need:
  • Universal USB Installer tool.
  • Windows XP/Vista/7 to create the USB (Win 98/2K WILL NOT Work! 
  • Fat32 Formatted Flash Drive, 
  • Your Favourite Linux ISO
And of course a PC supporting USB booting to boot from your pen drive.

You can download the Universal USB Installer tool from this link:
 
The Universal USB Installer is a Live Linux USB creator which allows you to choose from a list of Linux distributions and install it in your pen drive. It also allows you to download the required Linux distribution.
The process is just a piece of cake, just run the tool, select your distribution, browse to the distribution, select the flash drive and click install.

Thursday, November 11, 2010

How to reset root password in Ubuntu 10.04 LTS


In this how to we shall discuss how to reset root password in Ubuntu 10.04 LTS. I guess this howto will be of highly useful if you forgot your root password in Linux servers particularly in debian based systems like Ubuntu.

Single User Mode in Ubuntu 
To reset the root password you have to boot to single user mode. Follow to steps below to boot to the single user mode in Ubuntu 10.04 LTS.

Please note that Ubuntu 10.04 LTS use the GRUB 2 as bootloader. The first boot option will be used by GRUB 2 by default and it will be used for booting without waiting for user input. So you need to interrupt the boot process for getting boot menu.

Thursday, October 7, 2010

Set date and time in Ubuntu LTS 10.04

How to set Date and Time in Ubuntu 10.04 LTS Lucid Lynx via command line.

You can use the “date’ command for setting Date in any ubuntu bases distributions.

It is better to take a peek into the man pages of the ‘data’ command via:

                  # man date

The man page of date command in Ubuntu might be a bit confusing for all. Let me explain the process to you!!!

Type in the following command, replacing:

                  nn with two digit month (e.g. 01, 05, 12),
                  dd with two digit day (e.g. 02, 24, 31),
                  hh with two digit hour in 24 hour clock format ( 00, 03, 23), 
                  yy/yyyy with the year in two digit or four digit (optional),
and after a period symbol (.) ss with two digit second (00, 05, 59).

The syntax of the date command is:
            # date nnddhhmmyyyy.ss
or
            # date nnddhhmmyy.ss :- in two digit year format
or      
            # date nnddhhmm :- With minimum required parameters (without year and second)
or         
            # date nnddhhmm.ss :- Without year

Month from 01 to 12 (nn)
Day from 01 to 30/31 (dd)

Hour from 00 to 23 (hh)
Minute from 00 to 59 (mm)
Year in four or two digit format (yy yyyy)
Seconds after the period (.) symbol from 00 to 59 (ss)


Example for specifying 21st september, 2010 6:54:20 PM, you should type in the command

             # date 092118542010.20

To specify set NTP server for automatic time synchronyzation:

            # sudo ntpdate NTP-SERVER_URL_OR_IP

I guess I made it faily simple for updating date and time in Ubuntu Server / Desktop LTS 10.04. Also you can try this command in any of the linux based distributions such as RedHat Enterprise Linux, SUSE Enterprise Linux, Fedora etc.
     

Monday, September 20, 2010

Setting up DNS in Ubuntu 10.04 LTS Lucid Lynx

The DNS setup is also a starignt forward job in Ubuntu 10.04 LTS. Like all other major distributions like Redhat Enterprise Linux, Ubuntu distributions also use the /etc/resolv.conf file for DNS resolving.


To cause your machine to consult with a particular server for name lookups you simply add their addresses to /etc/resolv.conf.

Open the /etc/resolv.conf file in your favoirite editor and specify the DNS server in it.

               # sudo vi /etc/resolv.conf
              
              search example.com
              nameserver 192.168.10.1

Here 192.168.10.1 is my DNS server in my example.com domain. Now if your server does not have the file resolv.conf in your /etc directory, dont worry you can simply create it and edit it as above.

       # touch /etc/resolv.conf

Similarly you can assign static lookups in your /etc/hosts file.

             # sudo vi /etc/hosts


             #
 
             192.168.10.100 test test.example.com

If you specify these host explicitely in the /etc/hosts file then the domain name rsolution will takes place fastly.

Setting hostname in Ubuntu 10.04 LTS

In my last post i have described how to configure network in Ubuntu 10.04 LTS in bare metal form. Now we will check how to configure hostname in Ubuntu based distributions. First of all let me asure that the process of seting up hostname is very straight forward in Ubuntu 10.04 LTS.


You can directly query or set the hostname with the "hostname" command.

The current hostname can be viewed using:

             # sudo /bin/hostname

To set hostname you can use the command:

                     # sudo /bin/hostname demo.demoserver.in

NOTE: Need not to say that you should change the hostname from demo.demoserver.in to your requirements.

While rebooting Ubuntu based distributions will read the hostname from /etc/hostname file.

So you can open the file /etc/hostname in your favourite editor and specify the hostname there to make the change persistant.

                # sudo vi /etc/hostname


             # specify your hostname here.
             demo.demoserver.in

Network Interface Configuration in Ubuntu 10.04 LTS Lucid Lynx

Normally all the users will create and configure their network while installing the Operating System Itself. However here I am post the process of configuring the network using command line in Ubuntu 10.04 LTS Lucid Lynx. You can also configure network using GUI utilities in Ubuntu 10.04 LTS such as network-admin or else your famous ifcfg command etc.


Here I am following the bare metal method and will edit the main network configuration files for providing the network information. The main network configuration file of any Ubuntu based distribution is the "/etc/network/interfaces" file. Just open the file in your favourite editor and start configuring it as follows.

Wednesday, August 4, 2010

Tips for secure SSH connection to remote servers

Some tips for secured SSH connection to remote servers. 


Also please go through my previous posts for detailed howto.


  • Use only SSH V2 -- V1 is vulnerable to compromise. On Linux, this is usually done by default and managed in your /etc/ssh/sshd_config file by the Protocols option.
  • Don't allow root or Administrators to log in directly. Only normal users should be allowed to log in and then if required they can escalate their privileges by using su or sudo. On Linux this is controlled, again in the sshd_config file, by the PermitRootLogin option.
  • Ensure you use suitable authentication, for example passwords or keys.
  • Try to avoid using port 22 for your SSH connections. Automated brute force attack tools are commonly used by attackers to scan port 22 and try to brute usernames and passwords. Changing the port to something else, for example 2222, is a quick and simple way of reducing this risk.
  • lternatively, if you must use port 22, you can use tools like BlockSSHD or Fail2Ban to block excessive or inappropriate login attempts.
  • Ensure you have configured suitable logging of your SSH daemon and that you review your logs for illicit login attempts. Ttools like Swatch and SEC can assist with this.
  • Only bind SSH to the addresses required. If you have multiple interfaces in your host, for example an interface on your internal network and another on an external network such as the Internet, then only bind the daemon to the interface through which you need to connect. This is controlled on Linux using the ListenAddress option.
These are some general tips and how to implement these depends on the platform you are using. Anyway I hope this helps.

Monday, August 2, 2010

Things I do not like about Ubuntu LTS 10.04

The new Ubuntu 10.04 release is a great release and it is really a task to find things you dislike. Anyhow no operating system is perfect and this one also has some flaws. But now itself I am telling you that this is from my point of view and my dislikes may not be your dislikes!!!!
  • The new themes
Well the first thing I dislike about the Ubuntu 10.04 LTS is its new themes. These new themes do nothing but set back the looks of the previous versions. Ok, these themes must be on account of the GNOME 3.0 but the default theme selected is, according to my opinion, is a great mistake. This is also coming on the heels of the rumors of the possible inclusion of RGB support in the GTK widgets, which would have enabled real transparency in all widget sets. This did not happen (and is still not happening). My concern is that most new users will install 10.04 and have trouble getting beyond the default themes.

Thursday, July 29, 2010

Things I love about Ubuntu 10.04 LTS Lucid Lynx

The things I Love and Hate about the new Ubuntu 10.0.4 Lucid Lynx.
  • GNOME 2.30
This is the final 2.x release before the major upgrade to 3. This will be the last time you will see the GNOME 2.X in Ubuntu flavor. For me it is fantastic. GNOME 3 will be a graceful successor to GNOME 2.x. In fact, I can promise that GNOME 3 will succeed where KDE 4 failed — in being a useful desktop upgrade right out of the starting gate.

  • HAL begone
Ubuntu 10.04 has done away with HAL (Hardware Abstraction Layer) during the boot process. This means that 10-second boot time has finally arrived. Hence the 10 second booting can be achieved in a charming way. The removal of HAL also drastically speeds up resume-from-suspend times for those of you in laptop land.

Friday, June 4, 2010

The system-config-firewall

secuThe firewall rules in the kernel can be configured by using iptables since 2.4 kernel. There are number of tools for configuring the firewall like command line tool, Shorewall, and a number of other GUIs. The default firewall configuration tool in Fedora systems is called “Firewall Configuration”, which can be accessed from Systemà Administration à Firewall in GNOME or from command line via, “system-config-firewall”.


This GUI allows you to set which services are allowed to be accessed via the Internet using a very simple interface. It defines a set of trusted services to be configured. To allow access, you simply need to check the box next to the entry. Each entry lists the service name, the port and protocol, and any additional iptables modules it uses. So if you wanted to allow Samba access to the system, you would check off the box next to the Samba and Samba Client service as in figure below.

The Oracle effect on Sun Microsystem VARs

The new policies introduced by Oracle in terms of “Oracle hardware support” for Sun servers are creating tensions among Sun VARs. The new policies from Oracle are “sinking” the customers as told by some VARs.

One Sun Microsystems systems integrator commented that it was getting pretty bad. The maintenance renewals and services are 3 times what they had in terms of price. Oracle also revoked the prepaid discounts and other flexibilities. Now Oracle charges 12% of the Sun hardware cost per year but in the past it depended on the hardware type and the multiplier was roughly 5% 0r 6%.

"Before this year, a customer buying a Sun 5240 server got three years of support for $3,800, including a discount for paying for the three years at once," this partner said. "That same box will now cost $7,699 to support for three years, a customer told.

Thursday, May 13, 2010

Landscape 1.5: Ubuntu Server Monitoring & Management Tool

Canonical has released its new server monitoring and management tool Landscape with its Ubuntu 10.04 LTS (Long Term Support) edition. The application is meant to make Ubuntu sever monitoring, management and package provisioning easy.

Ease of use is the main advantage of Ubuntu based distributions. However not much solutions were available to manage and monitor a group of Ubuntu servers simultaneously. Finally Canonical developed its own solution and that is “Landscape”. And with the release of their new distribution Ubuntu server 10.04 LTS Lucid Lynx, they have updated the older version to Landscape 1.5. The new version Landscape 1.5 is available as an on-site server and an online service from Canonical. Landscape is a simple and easy to use web based application that provides powerful automated system management capabilities such as management, monitoring and provisioning of packages across multiple machines, thereby lowering your per-systems cost of management and administration.

Tuesday, May 4, 2010

Ubuntu 10.04 LTS Server Edition Released

Canonical, on April 27 2010, announced the release of the Ubuntu 10.0.4 LTS server Edition release. This release includes extended security and maintenance updates free of charge to all users for five years. Ubuntu 10.04 LTS is the successor of the widely acclaimed Ubuntu 8.04 LTS. Ubuntu 10.04 LTS will be available for free download from Thursday 29 April.
   
Ubuntu 10.04 LTS will also spot a larger network of open-source and proprietary application providers certifying their applications on Ubuntu Server Edition than ever before. About 100 organizations have signaled their intent to certify applications on the platform, including Alfresco, Ingres, IBM, VMware, Zimbra, Yahoo! and many others with more expected to follow post-launch. Dell has announced its intention to support Ubuntu 10.04 LTS Server Edition and will offer Ubuntu Enterprise Cloud as an option on its PowerEdge-C product line - servers specifically designed for building cloud environments.

RedHat Enterprise Linux 6 Beta released.

Good news for all the RedHat enthusiasts: Red Hat Enterprise Edition 6 Beta has released. This beta release is the first step forward to the next major release of the Red Hat Enterprise Edition platform 6. Red Hat Enterprise Linux is expected to address the modern IT requirements and diminish the gap between virtual, physical and cloud computing. This first beta release of the RHEL 6 features updated core technology from the kernel to the application infrastructure to the development tool chain. RHEL 6 is going to meet the needs of the coming generations of hardware and software technologies.

The major themes of the release include pervasive virtualization, improved scalability and availability, increased power efficiency, and delivery of some of the latest software technologies. Now I will describe the highlights and noteworthy improvements in this RHEL 6 beta release.

  • Comprehensive power management capabilities:

RedHat Enterprise Linux 6 is more focused on power consumption by improving the 'Time-keeping' within the kernel. It helps to transit the processors which don't have active tasks to idle state frequently. The result is cooler CPUs and greater power savings. The new monitoring tools like 'powertop' and tuning tools like 'tuned' are also worth mentioning.

Tuesday, April 13, 2010

Set multiple IPs in single nic.

Hello guys...
Ever wondered how to set multiple IPs in a single network card? Here is the solution.

Multiple IP binded in a single network card allows you run different services in different IPs, for example you can run HTTP on one IP and SMTP on another IP or a private LAN using a local IP and the alias holding your Public IP. The major benifit here is that you do not need an additional physical adaptor, you can bind many virtual IPs to a single network card. Here I have explained the procedure for creating multiple IPs for RedHat based and Debian bases systems

Redhat based systems.

Let me assume that your NIC is bound with a static IP address. Go to the folder /etc/sysconfig/network-scripts/, there you will find your network configuration files.

# cd /etc/sysconfig/network-scripts/

Let me also guess that your machine has only one network card (can be onboard too!!!), then you will find a file ifcfg-eth0 in the folder. This file holds the IP information for the first nic. If your machine has more nics you will have ifcfg-eth1, ifcfg-eth2 and so on... Now open the ifcfg-eth0 file, you can view the network configuration as below:

# cat ./ifcfg-eth0# File: ifcfg-eth0


DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.120
NETMASK=255.255.255.0
BROADCAST=192.168.1.255
NETWORK=192.168.1.0
HWADDR=xx:xx:xx:xx:xx:xx


Now to bind another IP address to the same network card, you just have to copy the ifcfg-eth0 file to ifcfg-eth0:1.
 
# cp ./ifcfg-etho ./ifcfg-eth0:1

RHEL 5.5 Released

Yea guys, the Red Hat Inc. has launched its 5th iteration of the Red Hat Enterprise Linux 5, RHEL 5.5 on March 29, 2010. There is no doubt that it would be a great release.


Added Hardware support in RHEL 5.5
It features support for modern Intel Nehalem EX, AMD Opteron 6000 amd IBM Power 7 processor based servers. These processors above specified are the promissing releases from said vendors. Intel has just released the Nehalam EX series in the same week and the other two, AMD Opteron 6000 series and Power 7 from IBM were released in last February 2010. Opteron 6000 series processosr boasts of 12 cores and IBM has equipped their Power7 with eight cores.

Saturday, March 6, 2010

Install Linux in USB pen drive

Now a days every one have a USB flash drive with them.Now what if a cool small Linux OS is installed on it and booting from the flash drive with the expense of merely a 200 MB space. I think its quiet cool to have a pen drive installed with an operating system. Today I am going to discuss the same thing with you people.

There are a number of Linux distros available for installing in a flash drive. However I think 'Slax' is the coolest one and here I am selecting the same in this post. Slax is actually a customized version of the famous 'Slaxware Linux'. The Slax will give you a full fledged Live OS environment from your pen drive.

Let me give you an intro of the slax distro. As I mentioned earlier, slax is a stripped down version of the Slaxware Linux. It is available in two formats, .iso and .tar. However the contents of both are same. You can convert the iso image to tar and vice verse. Actually the iso is for writing to a compact disk and booting from it. The tar is meant for installing to a flash drive. It can be installed directly to a variety of storage devices like flash key, MP3 player, or even to a hard disk. the slax installer is all set to make the device in which you are installing it bootable and hence it will be like a fully functional operating system. It can be installed on the pen drive using a Windows box of Linux box.


Wednesday, March 3, 2010

Labeling a Linux partition - Volume Labels

Here we shall discuss about labeling a Linux partition and its advantages. 

You might have seen labeled partitions if you have opened and viewed the /etc/fstab file. There you can see that the 'root', 'home', 'boot, and other system partitions are labeled and are mounted using the label rather than referring the device name. The advantage is that, the root partition will be the same even if the device name got changed in an unlikely event during the system startup. The volume labels make the partition retain a consistent name regardless of where they are connected and what else are connected. And for your information such an unlikely event of changing the device name is quiet often if you are mounting mounting multiple iSCSI drives to your system. 

Hope you know about the iSCSI target and initiator stuffs, it is the low cost, high efficient alternative for costly storage solutions. Hope I could give you an elaborate post about iSCSI soon coz that too is one of my hot favorite topic.  However here we will discuss about labeling the Linux partition labeling.

setuid File Permission in UNIX/Linux

In this post I am going to describe you about the 'setuid' in UNIX and Linux.

setuid or 'set user ID upon execution' and setgid or 'set group ID upon execution' are UNIX access right flags which are used to allow users to run an executable file with the permission of the executable file's owner or group. If the setuid is enabled for an executable file, the user executing the file will get permissions of the user or group that owns the executable file. This is very useful for allowing users on a computer system to run programs with temporarily elevated privileges for performing a particular task. 

These programs are needed for performing some tasks like 'ping' from an unprivileged user. The ping executable in /usr/bin folder is set with setuid bit on and consider its owner is root. So that whenever the ping command is used it is executed with elevated privileges and hence all the unprivileged users can use the ping command unless they are explicitly blocked form using it via some other means. By this hope you got the concept of setuid. Please continue reading for knowing more about setting, listing and more about setuid. 

Tuesday, March 2, 2010

SSH login to remote servers without password.

Hello guys this time I give you a how-to for logging into a remote server/desktop without being prompted for password.

SSH or Secure Shell is a program that allows you to log into a remote machine over a network and execute commands. It also allows you to move files from one computer to another. All the communication including password transmission are highly encrypted. Hence it can be used to create a secure communication over insecure channels. It protects a network from attacks like DNS spoofing, IP spoofing and IP source routing. Thats the reason why the SSH has effectively replaced older remote log in protocols like rlogin, rsh, rcp, telnet etc.

While using SSH log in entire communication including password transmission is is encrypted. SSH uses 3DES, Blowfish, AES and arcfour as encryption algorithms. So it is virtually impossible for a hacker to eavesdrop your password. Here I will describe how to create a secure communication channel between two servers securely and enable password-less login between them. This would be quiet useful while using scripts for logging into remote machines and executing commands. You don't have to store the remote machine's password in the script and also it is quiet annoying to type in password every time you log in to the remote machine via SSH.

Saturday, February 27, 2010

How to install Windows XP in an existing Linux machine.

Intro:
Installing Linux in an existing Windows Machine is not at all a big deal, rather it is quiet straight forward. You just have to leave some hard disk space for Linux and install it on the remaining hard disk space. The Linux boot loader is INTELLIGENT enough to identify that a Windows OS is already installed there and it will automatically adjust the boot loader "GRUB" for dual booting.

However our famous Windows operating systems are not that intelligent but clumsy and it will delete the whole boot loader "GRUB" completely. We will reinstall the GRUB and edit the /etc/grub/grub.conf file to correct it.

I want to go generalized and this how-to is applicable for any version of Linux using GRUB bootloader and windows os. However here I used Ubuntu 9.1 and Windows Server 2003 both 32 bit.