mkdir /etc/apache2/ssl
cd /etc/apache2/ssl
openssl genrsa -des3 -out server-sec.key 4096
openssl req -new -key server-sec.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server-sec.key -out server.crt
openssl rsa -in server-sec.key -out server.key
ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl
Edit "/etc/apache2/sites-available/default-ssl" with nano or your favourite text editor
Edit the SSLCertificateFile and SSLCertificateKeyFile variables to that they reflect your certificate path
<Virtualhost *:443>
ServerAdmin webmaster@localhost
ServerName localhost
DocumentRoot /var/www-ssl/html/
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
End editing
a2enmod ssl
# restart apache server
/etc/init.d/apache2 restart OR service apache2 restart
Our SSL certificate is ready to be imported to another server
openssl s_client -connect IPOFSERVER:443 | tee ANYNAMEYOULIKE
QUIT
nano ANYNAMEYOULIKE and get rid of the junk. Keep only the text between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
# taken from madboa
# Make this a sh file and chmod +x in your certificate folder
# Opensuse => /etc/ssl/certs/
#!/bin/sh
#
# usage: certlink.sh filename [filename ...]
for CERTFILE in $*; do
# make sure file exists and is a valid cert
test -f "$CERTFILE" || continue
HASH=$(openssl x509 -noout -hash -in "$CERTFILE")
test -n "$HASH" || continue
# use lowest available iterator for symlink
for ITER in 0 1 2 3 4 5 6 7 8 9; do
test -f "${HASH}.${ITER}" && continue
ln -s "$CERTFILE" "${HASH}.${ITER}"
test -L "${HASH}.${ITER}" && break
done
done
After that just enter "./certlink.sh ANYNAMEYOULIKE"
now you have SSL communicatin between those servers.
21 Kasım 2014 Cuma
18 Kasım 2014 Salı
Disable SELINUX and IPTABLES on Centos 7
# DISABLE SELINUX AND IPTABLESsetenforce 0
sed -i.bak "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
systemctl disable iptables.service
systemctl stop iptables.service
systemctl disable firewalld.service
systemctl stop firewalld.service
# /usr/sbin/reboot
sed -i.bak "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
systemctl disable iptables.service
systemctl stop iptables.service
systemctl disable firewalld.service
systemctl stop firewalld.service
# /usr/sbin/reboot
Install EL and EPEL repositories for CentOS 7
# EL REPO REPOSITORY
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
# EPEL REPOSITORY
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
rpm -Uvh epel-release-7*.rpm
rm -rf epel-release-7-2.noarch.rpm
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
# EPEL REPOSITORY
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
rpm -Uvh epel-release-7*.rpm
rm -rf epel-release-7-2.noarch.rpm
Change timezone in centOS 7
ls -la /usr/share/zoneinfo/
cp /usr/share/zoneinfo/YOURTIMEZONE /etc/localtime
timedatectl set-timezone YOURTIMEZONE
cp /usr/share/zoneinfo/YOURTIMEZONE /etc/localtime
timedatectl set-timezone YOURTIMEZONE
Disable smbus and floppy for vmware virtual CentOS 7
echo "blacklist i2c-piix4" >> /etc/modprobe.d/blacklist.conf
echo "blacklist floppy" >> /etc/modprobe.d/blacklist.conf
echo "blacklist floppy" >> /etc/modprobe.d/blacklist.conf
CentOS 7 change ethernet interface name
sed -i.bak "s/quiet/quiet net.ifnames=0 biosdevname=0/g" /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
Spacewalk on CentOS 6
SERVER SETUP CENTOS 6
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/6/x86_64/spacewalk-repo-2.2-1.el6.noarch.rpm
cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
[jpackage-generic]
name=JPackage generic
#baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/
mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0
enabled=1
gpgcheck=1
gpgkey=http://www.jpackage.org/jpackage.asc
EOF
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install spacewalk-setup-postgresql spacewalk-postgresql spacewalk-setup --disconnected -y
/usr/sbin/reboot
/usr/sbin/spacewalk-service [stop|start|restart].
CLIENT SETUP
CENTOS 6
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/6/x86_64/spacewalk-repo-2.2-1.el6.noarch.rpm
yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin -y
# System -> Activation Keys -> Create New Key
rhnreg_ks --serverUrl=http://SERVERIP/XMLRPC --activationkey=1-82650c43aa28fac96ea6f639b5b34f66
CENTOS 7
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/7/x86_64/spacewalk-repo-2.2-1.el7.noarch.rpm
yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin -y
# System -> Activation Keys -> Create New Key
rhnreg_ks --serverUrl=http://SERVERIP/XMLRPC --activationkey=1-82650c43aa28fac96ea6f639b5b34f66
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/6/x86_64/spacewalk-repo-2.2-1.el6.noarch.rpm
cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
[jpackage-generic]
name=JPackage generic
#baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/
mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0
enabled=1
gpgcheck=1
gpgkey=http://www.jpackage.org/jpackage.asc
EOF
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install spacewalk-setup-postgresql spacewalk-postgresql spacewalk-setup --disconnected -y
/usr/sbin/reboot
/usr/sbin/spacewalk-service [stop|start|restart].
CLIENT SETUP
CENTOS 6
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/6/x86_64/spacewalk-repo-2.2-1.el6.noarch.rpm
yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin -y
# System -> Activation Keys -> Create New Key
rhnreg_ks --serverUrl=http://SERVERIP/XMLRPC --activationkey=1-82650c43aa28fac96ea6f639b5b34f66
CENTOS 7
----------------------------------------------
rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/7/x86_64/spacewalk-repo-2.2-1.el7.noarch.rpm
yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin -y
# System -> Activation Keys -> Create New Key
rhnreg_ks --serverUrl=http://SERVERIP/XMLRPC --activationkey=1-82650c43aa28fac96ea6f639b5b34f66
ApacheDS on CentOS 7
yum install openldap-clients -y
wget "http://ftp.itu.edu.tr/Mirror/Apache//directory/apacheds/dist/2.0.0-M17/apacheds-2.0.0-M17-64bit.bin"
chmod u+x apacheds-2.0.0-M17-64bit.bin
./apacheds-2.0.0-M17-64bit.bin
ln -s /etc/init.d/apacheds-2.0.0-M17-default /etc/init.d/apacheds
uid=admin,ou=system
secret
REPLICATION (node 1 2)
-----------------------------------------------------------------------------------------------
dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
changetype: modify
add: ads-replReqHandler
ads-replReqHandler: org.apache.directory.server.ldap.replication.provider.SyncReplRequestHandler
/etc/init.d/apacheds restart
ADD CONSUMER FROM Apache Directory Studio (node 1 2)
dn: ads-replConsumerId=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
objectClass: ads-base
objectClass: ads-replConsumer
objectClass: top
ads-replAliasDerefMode: never
ads-replAttributes: *
ads-replConsumerId: 1
ads-replProvHostName: ldap1.example.com
ads-replProvPort: 10389
ads-replRefreshInterval: 60000
ads-replRefreshNPersist: true
ads-replSearchFilter: (objectClass=*)
ads-replSearchScope: sub
ads-replSearchSizeLimit: 0
ads-replSearchTimeOut: 0
ads-replUserDn: uid=admin,ou=system
ads-replUserPassword:: c2VjcmV0
ads-searchBaseDN: ou=system
dn: ads-replConsumerId=2,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
objectClass: ads-base
objectClass: ads-replConsumer
objectClass: top
ads-replAliasDerefMode: never
ads-replAttributes: *
ads-replConsumerId: 2
ads-replProvHostName: ldap2.example.com
ads-replProvPort: 10389
ads-replRefreshInterval: 60000
ads-replRefreshNPersist: true
ads-replSearchFilter: (objectClass=*)
ads-replSearchScope: sub
ads-replSearchSizeLimit: 0
ads-replSearchTimeOut: 0
ads-replUserDn: uid=admin,ou=system
ads-replUserPassword:: c2VjcmV0
ads-searchBaseDN: ou=system
# or you can use Apache Directory Studio to setup replication
wget "http://ftp.itu.edu.tr/Mirror/Apache//directory/apacheds/dist/2.0.0-M17/apacheds-2.0.0-M17-64bit.bin"
chmod u+x apacheds-2.0.0-M17-64bit.bin
./apacheds-2.0.0-M17-64bit.bin
ln -s /etc/init.d/apacheds-2.0.0-M17-default /etc/init.d/apacheds
uid=admin,ou=system
secret
REPLICATION (node 1 2)
-----------------------------------------------------------------------------------------------
dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
changetype: modify
add: ads-replReqHandler
ads-replReqHandler: org.apache.directory.server.ldap.replication.provider.SyncReplRequestHandler
/etc/init.d/apacheds restart
ADD CONSUMER FROM Apache Directory Studio (node 1 2)
dn: ads-replConsumerId=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
objectClass: ads-base
objectClass: ads-replConsumer
objectClass: top
ads-replAliasDerefMode: never
ads-replAttributes: *
ads-replConsumerId: 1
ads-replProvHostName: ldap1.example.com
ads-replProvPort: 10389
ads-replRefreshInterval: 60000
ads-replRefreshNPersist: true
ads-replSearchFilter: (objectClass=*)
ads-replSearchScope: sub
ads-replSearchSizeLimit: 0
ads-replSearchTimeOut: 0
ads-replUserDn: uid=admin,ou=system
ads-replUserPassword:: c2VjcmV0
ads-searchBaseDN: ou=system
dn: ads-replConsumerId=2,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
objectClass: ads-base
objectClass: ads-replConsumer
objectClass: top
ads-replAliasDerefMode: never
ads-replAttributes: *
ads-replConsumerId: 2
ads-replProvHostName: ldap2.example.com
ads-replProvPort: 10389
ads-replRefreshInterval: 60000
ads-replRefreshNPersist: true
ads-replSearchFilter: (objectClass=*)
ads-replSearchScope: sub
ads-replSearchSizeLimit: 0
ads-replSearchTimeOut: 0
ads-replUserDn: uid=admin,ou=system
ads-replUserPassword:: c2VjcmV0
ads-searchBaseDN: ou=system
# or you can use Apache Directory Studio to setup replication
Youtube Download mp3 from a linux box
# Download the mp3 file
youtube-dl -citw --extract-audio --audio-format mp3 URL
# Convert the downloaded mp3 file to 128 bit for general purpose mp3 players
mkdir 128
for f in *.mp3 ; do lame --mp3input -b 128 --resample 44.1 "$f" 128/"$f" && rm -rf "$f" && mv "128/$f" "$f" ; done
# Remove mp3 useless information
eyeD3 --remove-comments --remove-lyrics --remove-images --remove-all *.mp3
youtube-dl -citw --extract-audio --audio-format mp3 URL
# Convert the downloaded mp3 file to 128 bit for general purpose mp3 players
mkdir 128
for f in *.mp3 ; do lame --mp3input -b 128 --resample 44.1 "$f" 128/"$f" && rm -rf "$f" && mv "128/$f" "$f" ; done
# Remove mp3 useless information
eyeD3 --remove-comments --remove-lyrics --remove-images --remove-all *.mp3
Find Files and Delete in a linux box
# Command finds files with gz extention recursively from the directory you are in to sub directories. Modify as you like.
find . -type f -name '*.gz' -exec rm -f {} \;
find . -type f -name '*.gz' -exec rm -f {} \;
Netcat Remote Bash
# On ‘server’ side:
rm -f /tmp/f; mkfifo /tmp/f
cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
#On ‘client’ side:
nc 127.0.0.1 1234
rm -f /tmp/f; mkfifo /tmp/f
cat /tmp/f | /bin/sh -i 2>&1 | nc -l 127.0.0.1 1234 > /tmp/f
#On ‘client’ side:
nc 127.0.0.1 1234
Scan New SCSI disk on the fly in a physical or virtual linux box without reboot
ls /sys/class/scsi_host/ | while read host ; do echo "- - -" > /sys/class/scsi_host/$host/scan ; done
OR
echo "- - -" > /sys/class/scsi_host/host0/scan
OR
echo "- - -" > /sys/class/scsi_host/host0/scan
Ubuntu & Derivatives Set Locale
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
locale-gen en_US.UTF-8
dpkg-reconfigure locales
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
locale-gen en_US.UTF-8
dpkg-reconfigure locales
MySQL Server Track ABORTED_CONNECTS
mysqladmin ext | grep Abort
mysqladmin ext | grep Abort | grep -v 0
tcpdump -s 1500 -w tcp.out port 3306
strings tcpdump.out
mysqladmin ext | grep Abort | grep -v 0
tcpdump -s 1500 -w tcp.out port 3306
strings tcpdump.out
Kaydol:
Kayıtlar (Atom)