Linux Explore Stats
Linux Explore stats month March 2011
Hello world, Welcome to Linux Explore!
Linux is my favourite operating system. I want write about Linux features, tips & tricks and how to’s etc in this blog.
Linux Explore Tips & Tricks
File encryption/decryption Linux
Openssl is one of the best tools which can be used to encrypt/decrypt files. You can password protect your important data to avoid misuse.
To encrypt your files use the command:
openssl des3 -salt -in $FILENAME -out ${FILENAME}.des3
To decrypt the file use the command:
openssl des3 -d -salt -in ${FILENAME}.des3 -out ${FILENAME}
You can also use my script ‘tarcrypt.sh’ to encrypt/decrypt files. This script is using tar to compress/decompress with encryption/decryption functionality.
#!/bin/sh
#
# 'tarcrypt.sh' script can used to compress/decompress the data with encryption.
#
# This script is created & tested by Rahul Panwar.
# WARNING!!! Use it at your own risk.
# Please report the bugs or queries to panwar.rahul@gmail.com
VERSION="Version 1.1.0.1\nCreated by: Rahul Panwar"
PASS=""
PASS_OPTION=""
EXT_OPTION=""
COMP_FILE="encrypted_file"
DATA_FILES_ALL=""
# Usage
usage ()
{
echo "Usage:"
echo " ${0##*/} -c \" [ ... \" [-p ]"
echo " ${0##*/} -x [-C ] [-p ]"
echo " ${0##*/} -h"
echo " ${0##*/} -v"
echo "OPTIONS:"
echo " -c|--compress : Compress and encrypt the file(s) or directory(ies)
for multiple files use double quotes (for example \"file1 file2 dir1\")."
echo " -x|--decompress : Decrypt and uncompress the file"
echo " -p|--password : Password to encrypt/decrypt the file"
echo " -C|--extract : Change directory, to extract the compressed file, default is current directory"
echo " -h|--help : To see this help"
echo " -v|--version : Check the version"
}
[ $# = 0 ] && usage && exit 1
# to encrypt files using openssl
encrypt_file()
{
FNAME=$1
#openssl des3 -salt -in "$FNAME" -out "$FNAME.des3"
openssl des3 -salt -out "$FNAME" ${PASS_OPTION}
}
# to decrypt the files using openssl
decrypt_file()
{
FNAME=$1
#openssl des3 -d -salt -in "$FNAME" -out "${FNAME%.[^.]*}"
openssl des3 -d -salt -in "$FNAME" ${PASS_OPTION}
}
# compress and encrypt the files
en_comp()
{
tar -czp ${DATA_FILES} | encrypt_file ${COMP_FILE}
}
# decrypt and uncompress the files
de_comp()
{
decrypt_file ${COMP_FILE} | tar ${EXT_OPTION} -xz
}
# main function
main_function()
{
compress=""
decompress=""
extract=""
password=""
while test "$1" != "" ; do
OPT=$1
OPT_VAL1=$2
OPT_VAL2=$3
case "$OPT" in
--compress|-c)
DATA_FILES_ALL="${OPT_VAL1}"
[ ! "${OPT_VAL2}" ] && echo -e "No encrypt filename, using default name: ${COMP_FILE}"
COMP_FILE=${OPT_VAL2:-$COMP_FILE}
compress=1
shift
[ "$OPT_VAL2" ] && shift
;;
--decompress|-x)
COMP_FILE=${OPT_VAL1:-$COMP_FILE}
decompress=1
shift
;;
--password|-p)
PASS=${OPT_VAL1}
[ "$PASS" ] && password=1 && PASS_OPTION="-pass pass:${PASS}"
shift
;;
--extract|-C)
[ ! -d "$OPT_VAL1" ] && echo -e "Extract directory not exists" && exit 1
EXT_OPTION="-C ${OPT_VAL1:-$PWD}"
extract=1
shift
;;
--help|-h)
usage
exit 0
;;
--version|-v)
echo -e "${VERSION}"
exit 0
;;
-*)
echo "Error: no such option $OPT"
usage
exit 1
;;
*)
echo -e "Error: invalid option $OPT"
usage
exit 1
esac
shift
done
if [ "$compress" ] && [ "$decompress" ]; then
echo -e "\n-c and -x can't be used simultaneously\n" && usage && exit 1
elif [ "$extract" ] && [ "$compress" ]; then
echo -e "\n-C can only use with -x option\n" && usage && exit 1
fi
}
main_function "$@"
if [ "$compress" ]; then
for FILES in ${DATA_FILES_ALL}; do
[ -e "${FILES}" ] && DATA_FILES="${DATA_FILES} ${FILES}"
done
if [ ! "${DATA_FILES}" ]; then
echo -e "No file(s) found to compress" && exit 2
fi
echo "==> compressing"
en_comp &>/dev/null && echo "success" || echo "failure"
elif [ "$decompress" ]; then
[ ! -e "${COMP_FILE}" ] && echo -e "No file to decrypt" && exit 2
echo "==> decompressing"
de_comp &>/dev/null && echo "success" || echo "failure"
fi
If you found any bug in the script, please write your comment. I like to improve this, so suggestions are most welcome.
2010 in review
The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:
The Blog-Health-o-Meter™ reads Fresher than ever.
Crunchy numbers
A Boeing 747-400 passenger jet can hold 416 passengers. This blog was viewed about 11,000 times in 2010. That’s about 26 full 747s.
In 2010, there were 8 new posts, growing the total archive of this blog to 17 posts. There were 9 pictures uploaded, taking up a total of 436kb. That’s about a picture per month.
The busiest day of the year was March 1st with 110 views. The most popular post that day was L2TP VPN using xl2tpd.
Where did they come from?
The top referring sites in 2010 were ifreestores.com, goodsearch.com, secureyourlinux.blogspot.com, en.wordpress.com, and google.com.
Some visitors came searching, mostly for xl2tpd howto, centos xl2tpd, xl2tpd centos, xl2tpd, and dropbear sftp.
Attractions in 2010
These are the posts and pages that got the most views in 2010.
L2TP VPN using xl2tpd July 2009
4 comments
L2TP VPN using rp-l2tpd July 2009
13 comments
L2TP VPN using xl2tpd July 2009
1 Like on WordPress.com,
SFTP (Secure File Transfer Protocol) With Dropbear September 2009
6 comments
Remote packet capture using WireShark & tcpdump May 2010
1 Like on WordPress.com,
How to start shell script writing
This is actually, I want to share, how I learned the shell scripting. It may be helpful for beginners. I am writing it step by step so that it will easy to understand:
STEP 1: Do your task manually & prepare the steps.
If you know the basic Linux commands, it will help you to write a shell script. I am not writing the basic Linux commands here, you can see check here http://www.comptechdoc.org/os/linux/usersguide/linux_ugbasics.html
Yum A Package Management Tool
yum is a package management tool, used to install, uninstall or update the Linux (CentOS, RHEL, Fedora etc.) packages. You can use yum with root privilege only.
To install a package:
yum install packagename
To update a package, if already install or to install a package:
yum update packagename
To reinstall a installed package:
yum reinstall packagename
To remove a installed package:
yum remove packagename
To see the list of package groups:
yum grouplist
To install all the packages of a group:
yum groupinstall packagegroupname
To update all the packages of a group:
yum groupupdate packagegroupname
To remove all the packages of a group:
yum groupremove packagegroupname
If you want to exclude some packages from group to install or update or remove, use “–exclude” option:
yum groupinstall packagegroupname –exclude=excludepackagename
To clean the cache of packages database:
yum clean all
Now some little tricky commands.
To disable all the repository & enable the given repositories only & then again same yum commands:
yum –disablerepo=\* –enablerepo=myreponame1,myreponame2 install packagename
You can get the reponame from the repo files inside the /etc/yum.repo.d directory. For example, the CentOS.repo file’s content is showing the reponame inside the square brackets “[ ]” as base & update. To select all the repo,”\*” is used.
[base]
name=CentOS-$releasever – Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5#released updates
[updates]
name=CentOS-$releasever – Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
“yum clean all” command does not clean the cache of disabled repositories, clean the cache by enabling all the repositories, remove all the cache:
yum –enablerepo=\* clean all
you can also remove the directory /var/cache/yum/* to clean all the cache of repositories.
There are so many other commands & combination in yum. If you like to share, please write as a comment.
If you like this post, don’t forget to share it with others…………..
Remote packet capture using WireShark & tcpdump
1. First step is to create a special FIFO file using mkfifo command, where you want to see the packet capture using WireShark. This file will use to read & write simultaneously using WireShark & tcpdump.
mkfifo /tmp/packet_capture
2. Second give the following ssh command on your terminal, to start the tcpdump on remote PC.
ssh hostname_or_ip_of_remote_pc "tcpdump -s 0 -U -n -w - -i eth0 not port 22" \ > /tmp/packet_capture
3. Third & last step, give the following command to start the WireShark on your PC, which will read packets from the special FIFO file ‘/tmp/packet_capture’ at runtime.
wireshark -k -i /tmp/packet_capture
After giving the above command all the packets of remote pc’s eth0 will be visible on WireShark.
Umount a busy partition
Check & close the applications which are using any mounted partition or folder
If you are using a separate partition for your applications, you need to mount that partition to a folder. Then only you can store & run the application. But if you want to umount that partition again, first you need to close all the applications which are using that mounted partition or folder.
To check all the application running from that partition or folder, just issue a simple command:
fuser -mv
or
fuser -mv
For example:
fuser -mv /dev/sda1
or
fuser -mv /usr/local/bin
The above commands can show the output as follows:
USER PID ACCESS COMMAND
/dev/sda1: root 2467 .rce. mingetty
root 2476 .rce. mingetty
root 2502 .rc.. kauditd
root 2506 .rce. sshd
root 2509 .rce. bash
You can also use the following command:
fuser -mv /dev/sda1 > /tmp/sda1.pids
It will store the PIDs of all application running from ‘/dev/sda1′ partition.
Now you can simply issue the ‘kill’ command to close all the applications forcefully.
kill -9 `cat /tmp/sda1.pids`
It will free the partition /dev/sda1 to umount.
WARNING!!!
Don’t use this method on active partitions, it can cause the OS failure. But after reboot it may be recovered.
PAM with Radius Authentication
PAM Radius Module allows any PAM-capable machine to become a RADIUS client for authentication and accounting requests. The actual authentication will be performed by a RADIUS server. The freeradius can be used for radius server.
Download the PAM Radius Module
To download the PAM Radius module, click here.
Installing & configuring PAM Radius Module
To install PAM radius module, give the following commands:
[root@rahul-pc]# tar -xvf pam_radius-1.3.17.tar.gz
[root@rahul-pc]# cd pam_radius-1.3.17
[root@rahul-pc]# make
Join me on facebook
Save Trees Save Planet
- Our Beautiful Planet, Save It Rahul Panwar
- Hello world! Save our EarthEarth is dying, because of our rudeness and cruelty on plants. We are cutting trees and increasing pollution at high rate, according to NASA report In next 10 months, earth gets hotter by 4 degrees from now. Himalayan glaciers are melting … Continue reading →Rahul Panwar
Blogroll
http://gogreenindia.in/This blog is created by
Rahul PanwarFlickr Photos
|
