System administration: Difference between revisions

From Han Wiki
Jump to navigation Jump to search
add bash > change to previous folder
mNo edit summary
 
(47 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= Links =
[[fail2ban]]
[[Mirth Connect]]
[[Web services]]
[[Web services]]
[[User accounts]]
[[Samba]]


[[Disk management]]
[[Disk management]]
Line 6: Line 16:


[[Network management]]
[[Network management]]
[[MySQL]]


[[Synergy]]
[[Synergy]]
Line 14: Line 22:


[[OS X]]
[[OS X]]
[[Hurd|Debian GNU/Hurd]]


[[Slackware]]
[[Slackware]]
[[Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware]] (WIP)


[[Category:System administration]]
[[Category:System administration]]


= System administration =
= Initial setup (for Ubuntu distribution) =


== Initial setup (for Ubuntu distribution) ==
== Set timezone ==
<syntaxhighlight lang="bash">
$ sudo timedatectl set-timezone America/Denver
</syntaxhighlight>
== Composer ==


=== SSH keys ===
{{testedon|2022-10-08|Ubuntu 22.04.1 LTS}}


Create private/public SSH key file using 2048 bit encryption and with a comment. The command creates files under ~/.ssh folder.
Composer is a PHP package management tool.  Usually needed for setting up web application development environment.
 
<syntaxhighlight lang="bash">
$ cd
$ mkdir bin
$ cd bin
$ wget https://private.michaelhan.net/getcomposer.txt
$ mv getcomposer.txt getcomposer
$ chmod u+x getcomposer
$ ./getcomposer
$ mv composer.phar composer
</syntaxhighlight>
 
 
== SSH keys ==
 
{{testedon|2022-10-08|Ubuntu 22.04.1 LTS}}
 
Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder.
 
<syntaxhighlight lang="bash">
$ ssh-keygen -C user@host.domain
</syntaxhighlight>


<source lang="bash">
$ ssh-keygen -b 2048 -C user@host.domain
</source>


=== SSH config for connection ===
== SSH config for connection ==


The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.


<source lang="html5">
<syntaxhighlight lang="linux-config">
Host hostname1
Host hostname1
     HostName hostname1.domain.com
     HostName hostname1.domain.com
     User username1
     User username1
     Port 1234
     Port 1234
</source>
</syntaxhighlight>


=== Adding a user to sudoers list ===
== Adding a user to sudoers list ==


<code>#includedir /etc/sudoers.d</code> should be at the end of /etc/sudoers file.
<code>#includedir /etc/sudoers.d</code> should be at the end of /etc/sudoers file.
Line 52: Line 87:
Run <code>$ chmod 0440 filename</code> afterwards.
Run <code>$ chmod 0440 filename</code> afterwards.


=== Enable color prompt ===
== Enable color prompt ==


On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.


<source lang="bash">
<syntaxhighlight lang="bash">
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
</source>
</syntaxhighlight>


=== Enable byobu ===
== Enable byobu ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ byobu-enable
$ byobu-enable
</source>
</syntaxhighlight>


=== Update .vimrc ===
== Update .vimrc ==


<source lang="vim">
<syntaxhighlight lang="vim">
syntax on
syntax on
set noexpandtab
set noexpandtab
Line 95: Line 130:
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>
</source>
</syntaxhighlight>
 
=== awesome-vim ===
For a preset of VIM development environment, awesome-vim is okay:<syntaxhighlight lang="bash">
$ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime
$ sh ~/.vim_runtime/install_awesome_vimrc.sh
</syntaxhighlight># Run inside vim: -- this will let you click and drag panes to resize or jump between (learning vim more and being able to jump panes
 
<nowiki>#</nowiki> makes this unecessary, but i'm not that good yet.)
 
<nowiki>:</nowiki>set mouse=a
 
<nowiki>#</nowiki> So now some sections on easy key commands/shortcuts
 
<nowiki>##</nowiki> Splitting VIM screen Horizontally and Vertically
 
To open a new VIM window next to the existing one, press <Ctrl>+<w> then press <v>.
 
<nowiki>##</nowiki> Move panes around vim (left/right or top/bottom)
 
Ctrl w + L - Move the current window to the "far right"
 
Ctrl w + H - Move the current window to the "far left"
 
Ctrl w + J - Move the current window to the "very bottom"
 
Ctrl w + K - Move the current window to the "very top"
 
<nowiki>##</nowiki> Copying everything into clipboard
 
gg"*yG
 
<nowiki>##</nowiki> Indenting all the code
 
<nowiki>#</nowiki> Still need to look into a more serious formatter like:
 
<nowiki>https://github.com/vim-autoformat/vim-autoformat</nowiki>
 
gg=G
 
<nowiki>#</nowiki> AwesomeVIM Leader Key Shortcut
 
You'll see vim plugins mention <leader>, that <leader> for awesome view is "," so whenever you see leader hit that key.
 
<nowiki>##</nowiki> phpunit
 
<nowiki>###</nowiki> Set the path of phpunit (most cases for me, vendor/bin/phpunit)
 
let g:phpunit_bin = 'phpunit'
 
<nowiki>###</nowiki> Shortcuts
 
<leader>ta - Run all test cases
 
<leader>ts - Switch between source & test file
 
<leader>tf - Run current test case class
 
<nowiki>#</nowiki> Folding
 
`zo` to open folding
 
`zc` to close folding
 
<nowiki>#</nowiki> NerdTREE
 
<leader>nn - Toggles NerdTREE
 
While inside NerdTREE hit "m" to do a number of modifications from renaming, deleting or adding files.


=== Set up environment for web development ===
== Set up environment for web development ==


Install the LAMP stack
Install the LAMP stack
<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo apt-get install tasksel
$ sudo apt-get install tasksel


$ sudo tasksel install lamp-server
$ sudo tasksel install lamp-server
</source>
</syntaxhighlight>


Install git and other PHP related extensions
Install git and other PHP related extensions
<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl
</source>
</syntaxhighlight>


==== .gitconfig ====
=== .gitconfig ===
<source lang="html5">
<syntaxhighlight lang="linux-config">
[core]
[core]
   editor = vim
   editor = vim
Line 141: Line 244:
[merge]
[merge]
   defaultToUpstream = true
   defaultToUpstream = true
</source>
</syntaxhighlight>


== Change default shell ==
== Change default shell ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ chsh
$ chsh
</source>
</syntaxhighlight>


== Edit passwd files ==
== Edit passwd files ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo vipw
$ sudo vipw
</source>
</syntaxhighlight>


== Resources ==
= RHEL-specific =


=== Check disk space usage ===
[[RHEL]]-specific notes


You can check the file space usage with the command <span class="package">du</span>.
Optimize using Tuned.  Optimize for general performance.


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
$ du -h
# tuned-adm profile throughput-performance
</syntaxhighlight>
</syntaxhighlight>


=== Check disk space left ===
Optimize for KVM
 
<span class="package">df</span> is for checking the amount of disk space used and available on file systems.


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
$ df -h
# tuned-adm profile throughput-performance
</syntaxhighlight>
</syntaxhighlight>


= User Accounts =
= Debian/Ubuntu-specific =


== Groups ==
[[Ubuntu]]-specific notes


=== Add a new group ===
== Security ==


<source lang="bash">
* Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts.
$ sudo addgroup webdev
</source>


=== Delete a group ===
== Update the server ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo delgroup webdev
$ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove
</source>
</syntaxhighlight>


=== Add a user to a group ===
== Reconfigure console font ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo adduser username groupname
$ dpkg-reconfigure console-setup
</source>
</syntaxhighlight>


=== Set a directory writable by a certain group ===
== Change the default editor ==


Make /srv/www folder readable/writable/executable by dev group
Used by visudo and other programs for invoking an editor.


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo setfacl -d -m g:dev:rwx /srv/www
$ sudo update-alternatives --config editor
</source>
</syntaxhighlight>


== Add a user account ==
== Change time zone ==


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo useradd -d /home/jsmith -m jsmith -G webdev
$ dpkg-reconfigure tzdata
$ sudo passwd jsmith
</syntaxhighlight>
</source>


== Delete a user account ==
== Kill other user terminal sessions ==


Force removal and delete files
*Tested on: Ubuntu 14.04.5 Trusty


<source lang="bash">
Sometimes it is necessary to kill other remote sessions that have been '''zombified'''.
$ sudo userdel -fr username
</source>


or
* First determine your own shell


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo deluser -remove-home username
$ tty
</source>
</syntaxhighlight>
 
== Lock or unlock a user account ==
 
<source lang="bash">
$ sudo passwd -l username
$ sudo passwd -u username
</source>
 
== Adding sudoers ==
 
A file can be added for groups of users or specific users to /etc/sudoers.d/ directory. This line would make someone a sudoer with no password requirement.
 
<source lang="html5">
jsmith ALL=(ALL) NOPASSWD:ALL
</source>
 
If you want the user to type a password.
 
<source lang="html5">
jsmith ALL=(ALL:ALL) ALL
</source>
 
 
= Samba =
 
== Reset password for Samba server ==
<source lang="bash">
$ samba-tool user setpassword administrator
</source>
 
 
= OpenSSL =
 
== Creating self-signed certificates (usually for SSL connection) ==
 
<source lang="bash">
$ sudo a2enmod ssl
$ sudo service apache2 restart


$ sudo mkdir /etc/apache2/ssl
* Show all of your running processes
 
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.pem -outform PEM
</source>
 
= Debian/Ubuntu-specific =
 
== Reconfigure console font ==


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
$ dpkg-reconfigure console-setup
$ ps -fu mhan
UID        PID  PPID  C STIME TTY          TIME CMD
mhan    21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
mhan    21581 21580  0 19:02 pts/2    00:00:00 -bash
mhan    21607 21581  0 19:02 pts/2    00:00:00 screen
mhan    21608 21607  0 19:02 ?        00:00:00 SCREEN
mhan    21609 21608  0 19:02 pts/3    00:00:00 /bin/bash
mhan    21939 21609  0 19:06 pts/3    00:00:00 ps -fu mhan
mhan    21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
</syntaxhighlight>
</syntaxhighlight>


== Change time zone ==
* If I want to kill pts/2 then the PID to kill is 21580.


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
$ dpkg-reconfigure tzdata
$ kill -HUP 21580
</syntaxhighlight>
</syntaxhighlight>


Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017)


== Setting niceness (aka priority) on Linux processes ==
== Setting niceness (aka priority) on Linux processes ==
Line 292: Line 352:
As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first.
As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first.


<source lang="bash">
<syntaxhighlight lang="bash">
$ pidof qemu-system-arm
$ pidof qemu-system-arm
3016
3016
</source>
</syntaxhighlight>


Then check what the current nice value of the process is:
Then check what the current nice value of the process is:
<source lang="bash">
<syntaxhighlight lang="bash">
$ ps -o pid,comm,nice -p 3016
$ ps -o pid,comm,nice -p 3016
   PID COMMAND        NI
   PID COMMAND        NI
  3016 qemu-system-arm  0
  3016 qemu-system-arm  0
</source>
</syntaxhighlight>


According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.
According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.


<source lang="bash">
<syntaxhighlight lang="bash">
$ sudo renice -10 -p 3016
$ sudo renice -10 -p 3016
</source>
</syntaxhighlight>


To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file.
To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file.
Line 316: Line 376:
http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)
http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)


<references/>
== Tips ==
* 'etckeeper' allows you to save changes you make to /etc/ in a bazaar repository. Useful to track and revert changes. https://help.ubuntu.com/11.10/serverguide/C/etckeeper.html
= Basic =
== Pull a random line from a log ==
<syntaxhighlight lang="bash">
$ shuf -n 1 /etc/pihole/gravity.list
</syntaxhighlight>
== Viewing of the log in real time ==
<syntaxhighlight lang="bash">
$ tail -f /var/log/some.log
</syntaxhighlight>
[[Multitail]]
== Change to previous folder ==
This changes the folder to the previous folder you were in.
<syntaxhighlight lang="bash">
$ cd -
</syntaxhighlight>


= Byobu =
== Check disk space usage ==


== keyboard shortcuts ==
You can check the file space usage with the command <span class="package">du</span>.


C-a c - Create a new screen window
<syntaxhighlight lang="bash">
$ du -h
</syntaxhighlight>


C-a A - Rename the screen
== Check disk space left ==


C-a C-a - Go back to the previous window
<span class="package">df</span> is for checking the amount of disk space used and available on file systems.


C-a <0-9> - Switch to screen #0-9 (quick toggle)
<syntaxhighlight lang="bash">
$ df -h
</syntaxhighlight>


C-a " - View a list of the current screens, which will allow you to select one from the list
== Disable Ctrl-Q freeze ==


C-a ' - Enter a screen number to switch to (slower version of C-a <0-9>)
<syntaxhighlight lang="bash">
$ stty -ixon
</syntaxhighlight>


C-a d - Detach the whole screen session and fork to the background. Very useful for remote sessions you want to leave open. The command "screen -r" will resume your screen session.
== Enable SSH public key authentication with an encrypted home folder ==


C-a <Escape> - Scroll up through your command line "history" and see what output you previously got. Hitting <Escape> again cancels it.
''Last tested on Ubuntu 16.04 LTS''


=== links ===
<syntaxhighlight lang="bash">
$ /sbin/umount.ecryptfs_private
$ cd $HOME
$ chmod 700 .
$ mkdir -m 700 .ssh
$ chmod 500 .
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys
$ /sbin/mount.ecryptfs_private
</syntaxhighlight>


http://aperiodic.net/screen/quick_reference
== Remove some columns from an output ==


= Bash =
<syntaxhighlight lang="bash">
$ ls -l | awk '{print $3 " " $9}'
</syntaxhighlight>


== Change to previous folder ==
== Make a backup without typing the full path twice ==


This changes the folder to the previous folder you were in.
To make a backup without typing the full path twice with the suffix .orig


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
$ cd -
$ cp /long/path/to/file/name{,.orig}
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 08:19, 19 September 2024

Links

fail2ban

Mirth Connect

Web services

User accounts

Samba

Disk management

File management

Network management

Synergy

VIM

OS X

Debian GNU/Hurd

Slackware

Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware (WIP)

Initial setup (for Ubuntu distribution)

Set timezone

$ sudo timedatectl set-timezone America/Denver

Composer

  • Last tested on Ubuntu 22.04.1 LTS (2022-10-08)

Composer is a PHP package management tool. Usually needed for setting up web application development environment.

$ cd
$ mkdir bin
$ cd bin
$ wget https://private.michaelhan.net/getcomposer.txt
$ mv getcomposer.txt getcomposer
$ chmod u+x getcomposer
$ ./getcomposer
$ mv composer.phar composer


SSH keys

  • Last tested on Ubuntu 22.04.1 LTS (2022-10-08)

Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder.

$ ssh-keygen -C user@host.domain


SSH config for connection

The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.

Host hostname1
    HostName hostname1.domain.com
    User username1
    Port 1234

Adding a user to sudoers list

#includedir /etc/sudoers.d should be at the end of /etc/sudoers file.

Create a file under this directory (i.e. localusers) and add entries.

  • jsmith ALL=(ALL) NOPASSWD:ALL would allow a user to sudo without entering a password.
  • jpocahontas ALL=(ALL) ALL would force password entry

Run $ chmod 0440 filename afterwards.

Enable color prompt

On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

Enable byobu

$ byobu-enable

Update .vimrc

syntax on
set noexpandtab
set wrap
set tabstop=4
set shiftwidth=4
set smartindent
set autoindent
set encoding=utf-8 fileencodings=
set mouse=a
set fo=cqlro
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags
color elflord

" set foldmethod=marker
set foldmethod=indent
set foldnestmax=15
set nofoldenable
set foldlevel=1

" filetype plugin on
imap <c-k> <esc>:r! zdump GMT <bar> tail -c29 <bar> xargs -0 date +"\%-m/\%-d/\%-Y \%-l:\%M:\%S \%p" -d<enter>$i<right>

" PHP documenter script bound to Control-P
autocmd FileType php inoremap <C-p> <ESC>:call PhpDocSingle()<CR>i
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>

awesome-vim

For a preset of VIM development environment, awesome-vim is okay:

$ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime
$ sh ~/.vim_runtime/install_awesome_vimrc.sh

# Run inside vim: -- this will let you click and drag panes to resize or jump between (learning vim more and being able to jump panes

# makes this unecessary, but i'm not that good yet.)

:set mouse=a

# So now some sections on easy key commands/shortcuts

## Splitting VIM screen Horizontally and Vertically

To open a new VIM window next to the existing one, press <Ctrl>+<w> then press <v>.

## Move panes around vim (left/right or top/bottom)

Ctrl w + L - Move the current window to the "far right"

Ctrl w + H - Move the current window to the "far left"

Ctrl w + J - Move the current window to the "very bottom"

Ctrl w + K - Move the current window to the "very top"

## Copying everything into clipboard

gg"*yG

## Indenting all the code

# Still need to look into a more serious formatter like:

https://github.com/vim-autoformat/vim-autoformat

gg=G

# AwesomeVIM Leader Key Shortcut

You'll see vim plugins mention <leader>, that <leader> for awesome view is "," so whenever you see leader hit that key.

## phpunit

### Set the path of phpunit (most cases for me, vendor/bin/phpunit)

let g:phpunit_bin = 'phpunit'

### Shortcuts

<leader>ta - Run all test cases

<leader>ts - Switch between source & test file

<leader>tf - Run current test case class

# Folding

`zo` to open folding

`zc` to close folding

# NerdTREE

<leader>nn - Toggles NerdTREE

While inside NerdTREE hit "m" to do a number of modifications from renaming, deleting or adding files.

Set up environment for web development

Install the LAMP stack

$ sudo apt-get install tasksel

$ sudo tasksel install lamp-server

Install git and other PHP related extensions

$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl

.gitconfig

[core]
  editor = vim
  excludesfile = /home/mhan/.gitignore_global
# autocrlf = input
# safecrlf = true
[color]
  ui = always
[alias]
  co = checkout
  ci = commit
  st = status
  br = branch
  df = difftool
  hist = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short
  histall = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all
  hist10 = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short | head -n 10
  hist10all = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all | head -n 10
  type = cat-file -t
  dump = cat-file -p
  ignore = update-index --assume-unchanged
  track = update-index --no-assume-unchanged
  listignored = !git ls-files -v | grep -s ^'h ' | cut -b 1-2 --complement
[diff]
  tool = vimdiff
[difftool]
  prompt = false
[merge]
  defaultToUpstream = true

Change default shell

$ chsh

Edit passwd files

$ sudo vipw

RHEL-specific

RHEL-specific notes

Optimize using Tuned. Optimize for general performance.

# tuned-adm profile throughput-performance

Optimize for KVM

# tuned-adm profile throughput-performance

Debian/Ubuntu-specific

Ubuntu-specific notes

Security

  • Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts.

Update the server

$ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove

Reconfigure console font

$ dpkg-reconfigure console-setup

Change the default editor

Used by visudo and other programs for invoking an editor.

$ sudo update-alternatives --config editor

Change time zone

$ dpkg-reconfigure tzdata

Kill other user terminal sessions

  • Tested on: Ubuntu 14.04.5 Trusty

Sometimes it is necessary to kill other remote sessions that have been zombified.

  • First determine your own shell
$ tty
  • Show all of your running processes
$ ps -fu mhan
UID        PID  PPID  C STIME TTY          TIME CMD
mhan     21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
mhan     21581 21580  0 19:02 pts/2    00:00:00 -bash
mhan     21607 21581  0 19:02 pts/2    00:00:00 screen
mhan     21608 21607  0 19:02 ?        00:00:00 SCREEN
mhan     21609 21608  0 19:02 pts/3    00:00:00 /bin/bash
mhan     21939 21609  0 19:06 pts/3    00:00:00 ps -fu mhan
mhan     21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
  • If I want to kill pts/2 then the PID to kill is 21580.
$ kill -HUP 21580

Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017)

Setting niceness (aka priority) on Linux processes

  • Tested on: Ubuntu 12.04 Precise
  • Difficulty: 1/10
  • Time: <1 minute + your WPM

Niceness or nice value in Linux is just another name for the value of priority given to a process. The higher the number means the lower the priority. The nice value can also be negative, and such values will give a process higher than normal priority. Higher the priority (or lower the nice value), the more CPU time is given, therefore the application will be perceived as running faster.

As an example, let's say the process of interest is qemu-system-arm. You have to find out what PID (Process ID) is first.

$ pidof qemu-system-arm
3016

Then check what the current nice value of the process is:

$ ps -o pid,comm,nice -p 3016
  PID COMMAND         NI
 3016 qemu-system-arm  0

According to the output, the nice value of qemu-system-arm is 0. We want to decrease the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.

$ sudo renice -10 -p 3016

To set a permanent priority on all processes for a specific user or a group you can update /etc/security/limits.conf file.

References

http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)


Tips

Basic

Pull a random line from a log

$ shuf -n 1 /etc/pihole/gravity.list

Viewing of the log in real time

$ tail -f /var/log/some.log

Multitail

Change to previous folder

This changes the folder to the previous folder you were in.

$ cd -

Check disk space usage

You can check the file space usage with the command du.

$ du -h

Check disk space left

df is for checking the amount of disk space used and available on file systems.

$ df -h

Disable Ctrl-Q freeze

$ stty -ixon

Enable SSH public key authentication with an encrypted home folder

Last tested on Ubuntu 16.04 LTS

$ /sbin/umount.ecryptfs_private
$ cd $HOME
$ chmod 700 .
$ mkdir -m 700 .ssh
$ chmod 500 .
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys
$ /sbin/mount.ecryptfs_private

Remove some columns from an output

$ ls -l | awk '{print $3 " " $9}'

Make a backup without typing the full path twice

To make a backup without typing the full path twice with the suffix .orig

$ cp /long/path/to/file/name{,.orig}