System administration
Links
Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware (WIP)
Initial setup (for Ubuntu distribution)
SSH keys
Create private/public SSH key file using 2048 bit encryption and with a comment. The command creates files under ~/.ssh folder.
$ ssh-keygen -b 2048 -C user@host.domain
SSH config for connection
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.
Host hostname1
HostName hostname1.domain.com
User username1
Port 1234
Adding a user to sudoers list
#includedir /etc/sudoers.d
should be at the end of /etc/sudoers file.
Create a file under this directory (i.e. localusers) and add entries.
jsmith ALL=(ALL) NOPASSWD:ALL
would allow a user to sudo without entering a password.jpocahontas ALL=(ALL) ALL
would force password entry
Run $ chmod 0440 filename
afterwards.
Enable color prompt
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
Enable byobu
$ byobu-enable
Update .vimrc
syntax on
set noexpandtab
set wrap
set tabstop=4
set shiftwidth=4
set smartindent
set autoindent
set encoding=utf-8 fileencodings=
set mouse=a
set fo=cqlro
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags
color elflord
" set foldmethod=marker
set foldmethod=indent
set foldnestmax=15
set nofoldenable
set foldlevel=1
" filetype plugin on
imap <c-k> <esc>:r! zdump GMT <bar> tail -c29 <bar> xargs -0 date +"\%-m/\%-d/\%-Y \%-l:\%M:\%S \%p" -d<enter>$i<right>
" PHP documenter script bound to Control-P
autocmd FileType php inoremap <C-p> <ESC>:call PhpDocSingle()<CR>i
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>
Set up environment for web development
Install the LAMP stack
$ sudo apt-get install tasksel
$ sudo tasksel install lamp-server
Install git and other PHP related extensions
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl
.gitconfig
[core]
editor = vim
excludesfile = /home/mhan/.gitignore_global
# autocrlf = input
# safecrlf = true
[color]
ui = always
[alias]
co = checkout
ci = commit
st = status
br = branch
df = difftool
hist = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short
histall = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all
hist10 = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short | head -n 10
hist10all = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all | head -n 10
type = cat-file -t
dump = cat-file -p
ignore = update-index --assume-unchanged
track = update-index --no-assume-unchanged
listignored = !git ls-files -v | grep -s ^'h ' | cut -b 1-2 --complement
[diff]
tool = vimdiff
[difftool]
prompt = false
[merge]
defaultToUpstream = true
Change default shell
$ chsh
Edit passwd files
$ sudo vipw
Debian/Ubuntu-specific
Security
- Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts.
Reconfigure console font
$ dpkg-reconfigure console-setup
Change time zone
$ dpkg-reconfigure tzdata
Setting niceness (aka priority) on Linux processes
- Tested on: Ubuntu 12.04 Precise
- Difficulty: 1/10
- Time: <1 minute + your WPM
Niceness or nice value in Linux is just another name for the value of priority given to a process. The higher the number means the lower the priority. The nice value can also be negative, and such values will give a process higher than normal priority. Higher the priority (or lower the nice value), the more CPU time is given, therefore the application will be perceived as running faster.
As an example, let's say the process of interest is qemu-system-arm. You have to find out what PID (Process ID) is first.
$ pidof qemu-system-arm
3016
Then check what the current nice value of the process is:
$ ps -o pid,comm,nice -p 3016
PID COMMAND NI
3016 qemu-system-arm 0
According to the output, the nice value of qemu-system-arm is 0. We want to decrease the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.
$ sudo renice -10 -p 3016
To set a permanent priority on all processes for a specific user or a group you can update /etc/security/limits.conf file.
References
http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)
Tips
- 'etckeeper' allows you to save changes you make to /etc/ in a bazaar repository. Useful to track and revert changes. https://help.ubuntu.com/11.10/serverguide/C/etckeeper.html
Byobu
keyboard shortcuts
C-a c - Create a new screen window
C-a A - Rename the screen
C-a C-a - Go back to the previous window
C-a <0-9> - Switch to screen #0-9 (quick toggle)
C-a " - View a list of the current screens, which will allow you to select one from the list
C-a ' - Enter a screen number to switch to (slower version of C-a <0-9>)
C-a d - Detach the whole screen session and fork to the background. Very useful for remote sessions you want to leave open. The command "screen -r" will resume your screen session.
C-a <Escape> - Scroll up through your command line "history" and see what output you previously got. Hitting <Escape> again cancels it.
links
Bash
Change to previous folder
This changes the folder to the previous folder you were in.
$ cd -
Check disk space usage
You can check the file space usage with the command du.
$ du -h
Check disk space left
df is for checking the amount of disk space used and available on file systems.
$ df -h
Disable Ctrl-Q freeze
$ stty -ixon
Enable SSH public key authentication with an encrypted home folder
Last tested on Ubuntu 16.04 LTS
$ /sbin/umount.ecryptfs_private
$ cd $HOME
$ chmod 700 .
$ mkdir -m 700 .ssh
$ chmod 500 .
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys
$ /sbin/mount.ecryptfs_private