Install SSH Server on Linux (Debian, Ubuntu, Fedora, CentOS, RedHat)

You can use the Linux /etc/fstab to automatically mount hard drives on system boot up. In the file you should see all your default system mount points, to add another hard drive or mount point, just create a new line at the bottom of the file and put in the following info

/dev/drive          /mount/point    filesystem   options    0      0

Example:

/dev/sdb1           /mnt/    ext4       rw,defaults         0      0

You can also use the UUID of the drive. You can find the UUID by running the following command

sudo blkid

In the fstab file just replace the /dev/drivename with the UUID

UUID=ba84c923-4413-090a-441d-6e12f32991b3         /mnt    ext4  rw   0      0

Setup SNMP v3 on Debian or Ubuntu

Posted on November 1, 2017 by admin

All the following commands should work on Ubuntu, or just about any other Debian based Linux distro. If you have a firewall on the server, you’ll need to allow UDP on port 161.

Install SNMP

Install snmp, snmpd, and libsnmp.

sudo apt-get -y install snmp snmpd libsnmp-dev

Stop the snmpd service so we can add a user

sudo service snmpd stop

Add SNMP v3 user

Change AuthPassword to your Authentication password
Change CryptoPassword to your Crypto Password
Change privUser to your private users username

sudo net-snmp-config --create-snmpv3-user -ro -A AuthPassword -X CryptoPassword -a MD5 -x AES privUser

Change System Location, System Contact, and allow SNMP on all interfaces

Open up the SNMP config file usually in /etc/snmp/snmpd.conf

vi /etc/snmp/snmpd.conf

Search for “sysLocation” and change to whatever your system location is.

Search for “sysContact” and change it. It should be right underneath sysLocation.

Now allow SNMP on all interfaces. Find the following line and comment it out.

agentAddress udp:127.0.0.1:161

Add a # to the beginning.

#agentAddress udp:127.0.0.1:161

Now find this line (should be a couple lines down from the line you just commented out)

#agentAddress udp:161,udp6:[::1]:161

and uncomment it

agentAddress udp:161,udp6:[::1]:161

That will enable it so you can read the SNMP info using the servers IP address, as opposed to being limited to localhost.

Start the SNMP service and Test

Start the SNMP service

service snmpd start

Test with

snmpwalk -v3 -a MD5 -A AuthPassword -X CryptoPassword -l authNoPriv -u privUser localhost

Install LibreNMS on Ubuntu with HTTPS

Posted on October 12, 2017 by admin

The goal of this guide is to install LibreNMS on an Ubuntu Server with a self signed certificate. Most of the steps are copied out of the LibreNMS Documentation found here.

Install required packages

sudo apt install apache2 composer fping git graphviz imagemagick libapache2-mod-php7.0 mariadb-client mariadb-server mtr-tiny nmap php7.0-cli php7.0-curl php7.0-gd php7.0-json php7.0-mcrypt php7.0-mysql php7.0-snmp php7.0-xml php7.0-zip python-memcache python-mysqldb rrdtool snmp snmpd whois

Create LibreNMS user

sudo useradd librenms -d /opt/librenms -M -r
sudo usermod -a -G librenms www-data

Install LibreNMS

cd /opt
sudo git clone https://github.com/librenms/librenms.git librenms

Configure MySQL

sudo systemctl restart mysql
sudo mysql -uroot -p

Run the following MySQL commands to create the LibreNMS user. Change password to your own password.

CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

Edit following file

sudo vi /etc/mysql/mariadb.conf.d/50-server.cnf

Add the following inside the [mysqld] section

innodb_file_per_table=1
sql-mode=""
lower_case_table_names=0

Restart MySQL

sudo systemctl restart mysql

Configure PHP

Edit the two files and set the time zone, date.timezone. Example “America/New_York”

sudo vi /etc/php/7.0/apache2/php.ini
sudo vi /etc/php/7.0/cli/php.ini

Then run these commands

sudo a2enmod php7.0
sudo a2dismod mpm_event
sudo a2enmod mpm_prefork
sudo phpenmod mcrypt

Generate Self signed certificate

Enable ssl in apache

sudo a2enmod ssl

Generate Cert

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/localhost.key -out /etc/ssl/certs/localhost.crt

Configure Apache

Edit the following config file

sudo vi /etc/apache2/sites-available/librenms.conf

Add the following

<VirtualHost *:443>
 DocumentRoot /opt/librenms/html/
 ServerName librenms.example.com
 SSLEngine on
 SSLCertificateFile /etc/ssl/certs/localhost.crt
 SSLCertificateKeyFile /etc/ssl/private/localhost.key
 CustomLog /opt/librenms/logs/access_log combined
 ErrorLog /opt/librenms/logs/error_log
 AllowEncodedSlashes NoDecode
 <Directory "/opt/librenms/html/">
 Require all granted
 AllowOverride All
 Options FollowSymLinks MultiViews
 </Directory>
</VirtualHost>

Run the following commands

sudo a2ensite librenms.conf
sudo a2enmod rewrite
sudo systemctl restart apache2

Configure snmpd

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

Set the SNMP community string in the following file

sudo vi /etc/snmp/snmpd.conf

Then run these commands

sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
sudo chmod +x /usr/bin/distro
sudo systemctl restart snmpd

Setup Crontab

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

Copy logrotate config

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

Set permissions

mkdir -p /opt/librenms/rrd /opt/librenms/logs
sudo chown -R librenms:librenms /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs

Web Installer

Restart apache

sudo systemctl restart apache2

Finish the install by going to

https://your-server/install.php

Change “your-server” to your server’s ip address, or hostname. Since we created a self signed certificate, you’ll need to accept the https error.

Validate

Back on the command line run the php validation script

sudo /opt/librenms/validate.php

Finally log into your new LibreNMS instance by going to

https://your-server

Change “your-server” to your server’s IP address or hostname.

Freeradius unauthorize clients in a group

Posted on September 28, 2017 by admin

First you’ll need a group that all your disabled clients are going to.

Next add the following lines to the user file “/etc/raddb/users”. Change SQL-Group to Group if your groups are not in a SQL database.

DEFAULT SQL-Group == "disabled", Auth-Type := Reject
 Reply-Message = "Your account has been disabled."

Save, exit and test.

This should keep all clients in the disabled group from authorizing.

How to replace Grub with default Windows Bootloader

Posted on September 28, 2017 by admin

Note that running this procedure could render any Linux partitions inaccessible.

Boot up into recovery, launch the Command Prompt and run the following command

BootRe.exe /fixmbr

The command should remove Grub and replace it with the Windows bootloader, so when you reboot it should go straight to Windows.

Moving emails to new host with imapsync

Posted on March 23, 2017 by admin

More info about imapsync here

Install imapsync

CentOS 7, Works on cPanel servers too

yum install epel-release && yum install imapsync

Once installed check and make sure it works.

imapsync --version

If it gives you the version number you should be good to go.

Move email account

imapsync --host1 mail.emaildomain.com --user1 username@emaildomain.com --password1  "password1" --host2 mail.exampledomain.com --user2 username@movetodomain.com --password2  "password2"

Example :

imapsync --host1 mail.myemail.com --user1 bob@myemail.com --password1  "password1" --host2 mail.incredigeek.com --user2 bob@incredigeek.com --password2  "password2"

Moving Multiple accounts

Best way to move multiple accounts is to use a script and and a list that contains all the usernames and passwords to the accounts you want to move.

example scripts can be found on the imapsync website here is a script example and here is the example file.txt

Example script.

#!/bin/sh
#
# $Id: sync_loop_unix.sh,v 1.6 2015/11/04 18:23:04 gilles Exp gilles $

# Example for imapsync massive migration on Unix systems.
# See also http://imapsync.lamiral.info/FAQ.d/FAQ.Massive.txt
#
# Data is supposed to be in file.txt in the following format:
# host001_1;user001_1;password001_1;host001_2;user001_2;password001_2;
# ...
# Separator is character semi-colon ";" it can be changed by any character changing IFS=';' 
# in the while loop below.
# # Each line contains 6 columns, columns are parameter values for 
# --host1 --user1 --password1 --host2 --user2 --password2
# and a trailing empty fake column to avaid CR LF part going 
# in the 6th parameter password2. Don't forget the last semicolon.
#
# You can add extra options after the variable "$@" 
# Use character backslash \ at the end of each suplementary line, except for the last one.
# You can also pass extra options via the parameters of this script since
# they will be in "$@"

# The credentials filename "file.txt" used for the loop can be renamed 
# by changing "file.txt" below.


echo Looping on account credentials found in file.txt
echo

{ while IFS=';' read  h1 u1 p1 h2 u2 p2 fake
    do 
        { echo "$h1" | egrep "^#" ; } > /dev/null && continue # this skip commented lines in file.txt
        echo "==== Starting imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
        imapsync --host1 "$h1" --user1 "$u1" --password1 "$p1" \
                 --host2 "$h2" --user2 "$u2" --password2 "$p2" \
                 "$@"  
        echo "==== Ended imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
        echo
    done 
} < file.txt

Example list of accounts to

mail.maildomain.com;user1@incredigeek.com;password1;mail.incredigeek.com;user2@incredigeek.com;password2;

How to use,

You can run these command from a Linux computer

Download script

wget www.incredigeek.com/home/downloads/imapsync/imapsync_loop.sh

Make the script executable

chmod +x imapsync_loop.sh

Create a text file named “imapsync_list.txt”

This file will contain the mail server to transfer from, username, and password, and then the mail server to transfer to, username and password. Add one line per account.

Example:

mail.servertotransferfrom.com;Username1;Password1;mail.servertomoveto.com;Username2;Password2;
mail.servertotransferfrom.com;testuser;123456;mail.servertomoveto.com;bob;123456;

Execute the script to start moving mail

./imapsync_loop.sh

Troubleshooting

In the username you may need to use the username@domainname.tld, so if the username is bob, and the mail domain is incredigeek.com, use bob@incredigeek.com for the username in the imapsync_list.txt.

Install Slackcat on Raspberry Pi (Raspbian)

Posted on January 14, 2017 by admin

Slackcat allows you to send Slack messages from the Linux command line.

Update pi

sudo apt-get update

Install Ruby and other components

sudo apt-get install ruby1.9.1 ruby ruby-dev rubygems

Install Slackcat

sudo gem install slackcat

Use Slackcat. You will need to generate an API Key from Slacks website.

echo "Hello World" | slackcat -k API-KEY -p --channels=#CHANNEL_NAME

Examples :
Send to Channel

echo "Hello World" | slackcat -k xoxp-94827839414-94819543146-441447827184-h7dt2hg2h8ggs7d24ce638edrw9q8def -p --channels=#General

Send Direct Message

echo "Hello World" | slackcat -k xoxp-94827839414-94819543146-441447827184-h7dt2hg2h8ggs7d24ce638edrw9q8def -p --users=#General

Set Bash as users default shell

Posted on November 28, 2016 by admin

You can change the default shell for a Linux user with the following command. Change “/bin/bash” to whatever shell you want and replace USERNAME with the Linux user.

chsh /bin/bash USERNAME

Enter in the users password and then log out and back in and the users shell will be whatever shell you specified. In this case bash.

You can also do this by manually editing the /etc/passwd file. Find the user by their username, and then replace the last part of the line with the new shell path.

Some Linux distributions (like Kali Linux) use /bin/sh as the default shell for new users. Changing it to bash makes the shell a little more usable.

Incredigeek

Tag Archives: linux