Wednesday, June 20, 2007 

Simple HOW TO’s … How to setup a Passwordless SSH

Simple HOW TO’s …

How to setup a Passwordless SSH:


from source:

1. Generate source key on root account...

# ssh-keygen -t dsa

Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
key fingerprint is:
6f:c5:86:c7:67:69:02:1a:e4:a9:20:e6:16:13:5d:e5 admin1@gohan

2. vi /root/.ssh/id_dsa then copy all content to notepad (need to be one-liner only)


from destination:

3. Do the following

# cd
# mkdir -p .ssh
# chmod 700 .ssh
# vi .ssh/authorized_keys ;then paste key generated from source then save
# chmod 600 .ssh/authorized_keys

DONE!!!


Shortcut:
cat ~/.ssh/id_dsa.pub | ssh user@remotebox "(mkdir .ssh&>/dev/null; chmod 700 .ssh && cat - >> .ssh/authorized_keys )&&chmod 600 .ssh/authorized_keys"

 

Simple HOW TO’s …. How to redirect an URL

Simple HOW TO’s ….

How to redirect an URL:


IIS Redirect

* In internet services manager, right click on the file or folder you wish to redirect
* Select the radio titled "a redirection to a URL".
* Enter the redirection page
* Check "The exact url entered above" and the "A permanent redirection for this resource"
* Click on 'Apply'

ColdFusion Redirect
<.cfheader statuscode="301" statustext="Moved permanently">
<.cfheader name="Location" value="http://www.new-url.com">

PHP Redirect
Header( "HTTP/1.1 301 Moved Permanently" );
Header( "Location: http://www.new-url.com" );
?>

ASP Redirect
<%@ Language=VBScript %>
<%
Response.Status="301 Moved Permanently";
Response.AddHeader("Location","http://www.new-url.com/");
%>

ASP .NET Redirect


JSP (Java) Redirect
<%
response.setStatus(301);
response.setHeader( "Location", "http://www.new-url.com/" );
response.setHeader( "Connection", "close" );
%>

CGI PERL Redirect
$q = new CGI;
print $q->redirect("http://www.new-url.com/");

Ruby on Rails Redirect
def old_action
headers["Status"] = "301 Moved Permanently"
redirect_to "http://www.new-url.com/"
end

Redirect Old domain to New domain (htaccess redirect)

Create a .htaccess file with the below code, it will ensure that all your directories and pages of your old domain will get correctly redirected to your new domain.
The .htaccess file needs to be placed in the root directory of your old website (i.e the same directory where your index file is placed)

Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://www.newdomain.com/$1 [R=301,L]

Please REPLACE www.newdomain.com in the above code with your actual domain name.

In addition to the redirect I would suggest that you contact every backlinking site to modify their backlink to point to your new website.

Note* This .htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled.

Redirect to www (htaccess redirect)

Create a .htaccess file with the below code, it will ensure that all requests coming in to domain.com will get redirected to www.domain.com
The .htaccess file needs to be placed in the root directory of your old website (i.e the same directory where your index file is placed)

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]

Please REPLACE domain.com and www.newdomain.com with your actual domain name.

Note* This .htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled.

How to Redirect HTML

Please refer to section titled 'How to Redirect with htaccess', if your site is hosted on a Linux Server and 'IIS Redirect', if your site is hosted on a Windows Server.

 

Simple HOW TO’s …. How to setup a Syslog Server

Simple HOW TO’s ….

How to setup a Syslog Server:

Step #1. Configuring the client machines logging facilities.

The first step when setting up your log server is to configure your linux machines syslog daemon to send there log files to an alternate location, the logserver. /etc/syslogd.conf is the configuration file that controls how linux will log data and where it will log it. Use your favourite text editor (pico or vi for example) and add the following line:

[root@localhost]# vi /etc/syslogd.conf

*.* [hit tab a few times] @logserver

NOTE: This will tell syslogd to send logs to a machine called "logserver"

Step #2. Restart syslogd on the client machine.

After making your changes, restart syslogd so it will start with its new configuration.

[root@localhost]# killall -HUP syslogd


Step #3. Configure your client machines firewall.

If your client machine is running a firewall, then you need to add a rule that will allow outgoing udp packets from the client machine to the logserver.

[root@localhost]# /sbin/ipchains -A output -p udp -i eth0 -s 192.168.0.1 -d 192.168.0.2 514 -j ACCEPT

NOTE: this rule is only for users who are running a firewall on there machine. It allows outgoing udp packets on the client machine (192.168.0.1) on port 514 (syslog port) to the loghost (192.168.0.2). If your not running a firewall, disgard it.


Step #4. Configure the logserver for "remote reception".

Now that we have configured the client's machine to send log files to a machine called "logserver", lets setup the log server so that it accepts incoming logs from other machines. To stop the syslog daemon, you can find its process ID (PID) and kill it, then restart syslogd with "remote reception" enabled.

[root@logserver]# ps -aux | grep "syslogd"

root 1292 0.0 0.2 1404 176 ? S Aug10 0:00 /usr/sbin/syslogd

The process ID of syslogd is "1292" so we need to stop syslogd, make the change and then restart it.

[root@logserver]# kill 1292

(or try kill -9 1292 if the process did not terminate)

Now that the syslog daemon has be shutdown, we can now start it again with "remote reception" enabled.

[root@logserver]# /usr/sbin/syslogd -rm 0

NOTE: the -r means "remote reception" and the -m 0 turns of the annoying "--MARK--" timestamp.


Step #5. Verify the logserver's syslog daemon is correctly configured.


Verify that syslogd has been restarted with remote reception enabled by checking /var/log/messages (or /var/log/secure on some systems)

[root@logserver]# cat /var/log/messages

Near the bottom you should see..


Aug 11 21:20:30 logserver syslogd 1.3-3: restart. (remote reception)


Yup it worked. The linux machine called "logserver" is now setup for remote reception of log files from other machines on the network.

Step #6. Configure your firewall.

If your logserver is running a firewall, then you need to add a rule that will allow incoming udp packets from the client machine to the logserver.

[root@logserver]# /sbin/ipchains -A input -p udp -i eth0 -s 192.168.0.1 -d 192.168.0.2 514 -j ACCEPT


This rule is only for users who are running a firewall on their logserver. It allows incoming udp packets from the client machine (192.168.0.1) on port 514 (syslog port) to the logserver (192.168.0.2) If your not running a firewall, disgard it.

Step #7. Verify everything works correctly.

The last step is to verify that everything is working correctly. To do that, log out of your client machine and log back in, then go to your log server and check /var/log/messages (or /var/log/secure on some systems) and you should see the login from the client machine. If something does go wrong, make sure your network is setup correctly (ie are you able to ping other machines on your network? and is /etc/hosts setup on each machine?) make sure you have your log servers syslog daemon setup for remote recetpion (/usr/sbin/syslogd -rm 0) and make sure after you edit /etc/syslog.conf on the client machine you restart the syslog daemon (killall -HUP syslogd).

[root@localhost]# logout

Login: root

Password: xxxxxxxx

Now check your logservers log file (/var/log/messages or /var/log/secure) and you should see something like this

[root@logserver]# cat /var/log/messages

Aug 14 18:36:19 slackware login[2893]: ROOT LOGIN on `tty2'

NOTE: We are logged onto the logserver and root's login on the client machine showed up in our log files. So everything is working correctly. Congrats.


***You may also try to edit your syslog script to automatically start your syslog daemon to enable remote reception:

[root@logserver]# vi /etc/rc2.d/S12syslog

# Source config

if [ -f /etc/sysconfig/syslog ] ; then

. /etc/sysconfig/syslog

else

SYSLOGD_OPTIONS="-rm 0"

KLOGD_OPTIONS="-2"

fi

Add to Google

The Author

  • Nick Perrydoo
  • Spawn at Philippines
My profile

Links


Read Ons

Article of the Day

This Day in History

Today's Birthday

In the News

Quotation of the Day

Word of the Day


Powered by Blogger
and Blogger Templates
© Copyright 2006 Ba-zoo-ra - All Rights Reserved.