Monday, November 24, 2014

FTP Configuration in RHEL7

                In this scenario, local Repository has been built with Operating System Media so that packages get installed from media,

In RHEL, as same as in previous versions, ftp services served by the package/daemon called vsftpd i.e. Very Secure FTP Daemon,
[root@linux ~]#
[root@linux ~]#
[root@linux ~]# yum install vsftpd

Command to install VSFTPD package is as follows,

[root@linux ~]# yum install vsftpd
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
local                                                                                                                                 | 4.1 kB  00:00:00
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:3.0.2-9.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================
 Package                             Arch                                Version                                    Repository                          Size
====================================================================
Installing:
 vsftpd                              x86_64                              3.0.2-9.el7                                local                              166 k

Transaction Summary
====================================================================
Install  1 Package

Total download size: 166 k
Installed size: 343 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : vsftpd-3.0.2-9.el7.x86_64                                                                                                                 1/1
  Verifying  : vsftpd-3.0.2-9.el7.x86_64                                                                                                                 1/1

Installed:
  vsftpd.x86_64 0:3.0.2-9.el7

Complete!
[root@linux ~]#

Once the installation of package completes, enable the vsftpd service at startup. This can be done using the following command,

[root@linux ~]# systemctl enable vsftpd.service
ln -s '/usr/lib/systemd/system/vsftpd.service' '/etc/systemd/system/multi-user.target.wants/vsftpd.service'
[root@linux ~]#

Then start the service using systemctl as below,

[root@linux ~]# systemctl start vsftpd.service
[root@linux ~]#

Now FTP Service is enabled and available for localhost. To make available through LAN or outside network, this has to be enabled through firewall,

To do the same, following is the command to allow ftp through firewall,

[root@linux ~]#
[root@linux ~]# firewall-cmd --permanent --add-service=ftp
Success

To save the rule, execute the following command,
[root@linux ~]# firewall-cmd --reload
success
[root@linux ~]#


Now we are ready with FTP Server configuration. From any other machine, just go to browser and type ftp://192.168.x.x/ and it will open list of files which are available in FTP default directory


at No comments:
Labels: , ,

Wednesday, November 19, 2014

Quiz3 - RHEL7 Introduction

RHEL7 - Introduction
1.       What is the default filesystem in RHEL7?
ext4
ext5
xfs
ext3

2.       Does RHEL7 support container?
Yes
     No

3.       RHEL7 is available only as 64 bit operating system.
True
             False

4.       Which is the new boot loader included in RHEL7?
LILO
Yaboot
Grub2
Grub3

5.       Which is the new system and service manager introduced in RHEL7 which is not on previous versions of RHEL?
init2d
systemd
sysd              
sysV

6.       What is the command line tool provided to allow users to interact with NetworkManager
nmi
nmcli
nmcmi
nmedit

7.       How to start the service in RHEL7?
systemctl start
chkconfig start
systemd start
initctl start

8.       Which is the new service unit introduced in RHEL7 for managing firewall?
iptables2
firewalld
firewall2
ip2tables

9.       Is NFSv2supported in RHEL7?
Yes
No

10.   What is the alternate command against "resize2fs" in RHEL7 with xfs filesystem?
xfsgrowfs
xfs_growfs
resizexfs
extendxfs


                
at No comments:

Quiz2 - Red Hat Linux


Red Hat Linux - 2
1.       What is the command to install rpm package in Linux?
rpm -I packagename
rpm -i packagename
rpm -a packagename
rpmpkg -i packagename
2.       What is the command to check the detailed information about installed package?
rpm -qi packagename
rpm -qI packagename
rpm -l packagename
rpm -q packagename
3.       What is the command to check list of files installed by any package?
rpm -ql packagename
rpm -h packagename
rpm -i packagename
rpm -D packagename
4.       Create new logical volume with 25 extends with the name "database" in volume group vg1?
lvcreate -l 25 -n /dev/vg1/database
lvcreate -e 25 /dev/vg1/database
lvcreate -L 25 database
lvcreate -E 25 /dev/database
5.       what is the command to delete all the rules of iptables immediately?
iptables -D
iptables -F
iptables -R
iptables -d

6.       What is the command to check whether package is installed?
rpm -q packagename
rpm -ll packagename
rpm -l packagename
rpm -Q packagename
7.       Expand NTP
Network Time port
Network Time protocol
Network Transfer protocol
Network transfer port
8.       Which is the default MTA used in RHEL 6?
sendmail
postfix
qmail
rainmail
9.       which is the default file system in RHEL 6?
ext4
ext5
ext3
xfs
10.    Create a user raja with id 1456 and he should not have interactive login shell
useradd -x nologin raja –U 1456
useradd -S /bin/nologin –u 1456raja
useradd -s /sbin/nologin –u 1456 raja
useradd -s login disable –u 1456 raja
at No comments:

Quiz1 - Red Hat Linux

Red Hat Linux

1. Communication through telnet is in encrypted form. True or False?

a. True
b. False


2. in which file, default runlevel is set?

a. /etc/init.conf
b. /etc/rc.sysinit
c. /etc/boot.conf
d. /etc/inittab

3. Which is the option used along with ls to see hidden files in a directory?

a. -a
b. -h
c. -s
d. -A

4. Which is the default configuration file for FTP Daemon/Service?

a. /etc/ftp.cfg
b. /etc/vsftpd/vsftpd.conf
c. /etc/sftpd/sftpd.conf
d. /etc/ftp.conf

5. Which file should be edited to set hostname?

a. /etc/hosts
b. /etc/sysconfig/network
c. /etc/nss.conf
d. /etc/hosts.allow

6. What is the command to delete all the iptable rules?

a. iptables -D
b. iptables -F
c. iptables -d
d. iptables delete all

7. How to get list of files installed by a package? (Package already installed in system)

a. rpm -qf package name
b. rpm -ql package name
c. rpm -qv package name
d. rpm -qd package name

8. Which is the following are correct with respect to service and port?

a. telnet-23, ssh-22, smtp-25
b. telnet-22, ssh-25, smtp-110
c. telnet-22, ssh-25, pop=110

9. Is it possible to configure password less login between two servers through ssh session?

a. Yes.
b. No

10. What is the command to see IP configuration in a system?

a. ifconf
b. ifconfig
c. ipconfig

d. ifnet
at No comments:

Thursday, August 14, 2014

Recovering Ubuntu after loading windows in dual booting environment

How to recover Ubuntu 10 after installing windows in dual booting environment?

How to recover Ubuntu 10 after installing windows in dual booting environment?

Setup:
Machine with 2 disks and Ubnutu 10 and Windows xp installed in second disk /dev/sdb. Due to some problem in Windows, reinstalled the windows XP. After re-installation, ubuntu grub is over writen by windows and only windows is booting.
Procedure to recover:
1. Boot through Ubnutu Live CD
2. Type $ sudo fdisk -l to confirm the disk availbility.
3. Here Ubuntu is installed in /dev/sdb7 which is / partition and /dev/sdb8 is swap and /dev/sdb1 is windows partition.
4. For modifying Grub, root partition to be mounted first.
$ sudo mount /dev/sdb7 /mnt
5. For installing grub on /dev/sdb , give following command,
$ sudo grub-install --root-directory=/mnt /dev/sdb
6. Rebooted the machine. Now grub options coming for Ubnutu. But If we select windows, it gives "Insert system disk" error and was not booting.
7. Now booted in Ubnutu OS and given following command for updating grub.
$ sudo update-grub2
8. Restared the desktop now and verified both Ubnutu and windows XP booting.
9. Problem solved.
at No comments:
Labels: , ,

Tuesday, August 5, 2014

SSL Certificate Signing Request



SSL Certificate Signing Request

                Ensure the openssl package is not vulnerable to Heartbleed attack. To ensure the same, check the version of openssl  package. Following are the versions which are not vulnerable,

Ø  Openssl 1.0.1g
Ø  Openssl 1.0.0 branch
Ø  Openssl 0.9.8 branch

Only  openssl 1.0.1 through 1.0.1f are vulnerable to Heartbleed attack. If server has any version between 1.0.1 and 1.0.1f, then openssl needs to be updated before generating the CSR/Key. This can be checked using following command.

# rpm –qa | grep openssl

1.        Generate Private key

# openssl genrsa -des3 -out server.key 1024

Pass phrase needed. Give the passphrase as it would be kept secret.

The generated private key looks like follows,

# cat server.key

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,485B3C6371C9916E
ymehJu/RowzrclMcixAyxdbfzQphfUAk9oK9kK2
jadfoiyqthakLKNqw9z1MoaqkPyqeHevUm26no
AJKIETHKJADFS2BGb0n61/Ksk8isp7evLM4+QY
KAQETKjdiahteksMJOjXLq+vf5Ra299fZPON7yr
-----END RSA PRIVATE KEY-----

2.        Generate Certificate signing request

# openssl req -new -key server.key -out server.csr

Enter pass phrase for server.key:

Enter the same passphrase which we have given in point 1. You are about to be asked to enter information that will be incorporated into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value, If you enter '.', the field will be left blank. -----
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:  Valid Email ID for which certificate to be sent

Please enter the following 'extra' attributes to be sent with your certificate request

A challenge password []:
An optional company name []:

# ls -ltr server.*

-rw-r--r-- 1 root root   963 Jun 13 20:26 server.key
-rw-r--r-- 1 root root   664 Jun 13 20:35 server.csr

3.       Then server.csr needs to be sent to Certifying authority for SSL certificate.

at No comments:
Labels: , ,

Monday, May 26, 2014

Dropped RX packets in ifconfig output

Operating System:
SLES 10 SP2 64 Bit

Problem :
Ifconfig shows dropped packets in RX packets and it keeps on increasing while working


Ifconfig output may shows as follows,

# ifconfig eth0

eth0 Link encap:Ethernet HWaddr 00:1C:C4:96:DE:EA
inet addr:192.168.39.170 Bcast:192.168.39.255 Mask:255.255.255.0
inet6 addr: fe80::21c:c4ff:fe96:deea/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5307978 errors:0 dropped:34356 overruns:0 frame:0
TX packets:1522673 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1775345955 (1693.1 Mb) TX bytes:967976568 (923.1 Mb)
Interrupt:169 Memory:dc000000-dc012100

 In above, you can see dropped packets highlighted. NIC Driver used in bnx2 and controller is Broadcom 5708 NetXtreme II in HP DL 580 G5

NIC Driver bnx2 version : 1.6.7c . This can be confirmed using command "modinfo bnx2"

filename: /lib/modules/2.6.16.60-0.33-xenpae/kernel/drivers/net/bnx2.ko
version: 1.6.7c
license: GPL
description: Broadcom NetXtreme II BCM5706/5708 Driver
author: Michael Chan
srcversion: D41ADC8BC49443A4DAE505E
alias: pci:v000014E4d0000163Asv*sd*bc*sc*i*
alias: pci:v000014E4d00001639sv*sd*bc*sc*i*
alias: pci:v000014E4d000016ACsv*sd*bc*sc*i*
alias: pci:v000014E4d000016AAsv*sd*bc*sc*i*
alias: pci:v000014E4d000016AAsv0000103Csd00003102bc*sc*i*
alias: pci:v000014E4d0000164Csv*sd*bc*sc*i*
alias: pci:v000014E4d0000164Asv*sd*bc*sc*i*
alias: pci:v000014E4d0000164Asv0000103Csd00003106bc*sc*i*
alias: pci:v000014E4d0000164Asv0000103Csd00003101bc*sc*i*
depends:
supported: yes
vermagic: 2.6.16.60-0.33-xenpae SMP Xen 686 REGPARM gcc-4.1
parm: disable_msi:Disable Message Signaled Interrupt (MSI) (int)


linux-hvb0:~ # lspci | grep -i broadcom
05:00.0 PCI bridge: Broadcom EPB PCI-Express to PCI-X Bridge (rev c3)
06:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5708 Gigabit Ethernet (rev 12)
07:00.0 PCI bridge: Broadcom EPB PCI-Express to PCI-X Bridge (rev c3)
08:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM5708 Gigabit Ethernet (rev 12)
linux-hvb0:~ #


Downloaded and installed kernel 2.6.16.60-0.42.10-default for SLES 10 SP2, then NIC Driver found updated to 1.7.6b and there are no dropped packets in eth0. Same is confirmed from ifconfig output



Now there is no dropped packets. Problem solved. Enjoy the solution.
at No comments:
Labels: ,

Thursday, May 15, 2014

How to transfer files through ftp without affecting the integrity of file?

How to transfer files through ftp without affecting the integrity of file?

Login to FTP Server and always select BINARY mode for transferring files.

This will allow the system to transfer files properly. Once transferred, file integrity i.e. chksum md5 value can be checked using md5sum command.

Both source file and destination files will show same md5sum value.
at No comments:
Labels: ,
Subscribe to: Posts (Atom)

Ansible Playbook to collect uptime of servers

Hi,  This is to explain how we can write a small playbook to collect uptime of all servers in our environment. We can use our own server l...