Monthly Archives: August 2013

ROX Desktop

ROX is a fast, user friendly desktop which makes extensive use of drag-and-drop. The interface revolves around the file manager, or filer, following the traditional Unix view that `everything is a file’ rather than trying to hide the file system beneath start menus, wizards, or druids. The aim is to make a system that is well designed and clearly presented. The ROX style favours using several small programs together instead of creating all-in-one mega-applications.

 

Interesting desktop http://rox.sourceforge.net/desktop/screenshots.html

multi-factor authentication OpenSSH

sshd(8): Added support for multiple required authentication in SSH
protocol 2 via an AuthenticationMethods option. This option lists
one or more comma-separated lists of authentication method names.
Successful completion of all the methods in any list is required for
authentication to complete. This allows, for example, requiring a
user having to authenticate via public key or GSSAPI before they
are offered password authentication.

I found interesting article about Google authentication http://www.heitorlessa.com/ssh-two-factor-authentication/

Why multi factor authentication important? For example it is very easy to require  both an ssh public key and a password to login.   If you don’t have the public key, you will never see  the password prompt window.

Selinux and Journald

[root@localhost ~]# systemctl status wpa_supplicant.service
wpa_supplicant.service – WPA Supplicant daemon
Loaded: loaded (/usr/lib/systemd/system/wpa_supplicant.service; disabled)
Active: active (running) since Sat 2013-08-10 09:10:57 EEST; 1h 21min ago
Main PID: 669 (wpa_supplicant)
CGroup: name=systemd:/system/wpa_supplicant.service
└─669 /usr/sbin/wpa_supplicant -u -f /var/log/wpa_supplicant.log -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log -P /var/run/…

Aug 10 09:10:57 localhost.localdomain systemd[1]: Starting WPA Supplicant daemon…
Aug 10 09:10:57 localhost.localdomain systemd[1]: Started WPA Supplicant daemon.

[root@localhost ~]# journalctl -r -o verbose -u wpa_supplicant.service
— Logs begin at Tue 2013-07-23 21:17:11 EEST, end at Sat 2013-08-10 10:31:29 EEST. —
Sat 2013-08-10 09:10:57 EEST [s=56a4cd388ac848b58942c2ec5eecaed3;i=180a8;b=f5fdeb90cc8747e394c56fe4d259697e;m=764c43;t=4e391c131b78b;x=2c4e6811b9d9d9a0]
PRIORITY=6
_UID=0
_GID=0
_MACHINE_ID=fbb0c4896a9c0f680475c0a07edd2c5a
SYSLOG_IDENTIFIER=systemd
SYSLOG_FACILITY=3
CODE_FILE=src/core/job.c
CODE_LINE=730
CODE_FUNCTION=job_log_status_message
MESSAGE_ID=39f53479d3a045ac8e11786248231fbf
RESULT=done
_TRANSPORT=journal
_PID=1
_COMM=systemd
_EXE=/usr/lib/systemd/systemd
_SYSTEMD_CGROUP=/system
_HOSTNAME=localhost.localdomain
_CMDLINE=/usr/lib/systemd/systemd –switched-root –system –deserialize 24
_SELINUX_CONTEXT=system_u:system_r:init_t:s0
UNIT=wpa_supplicant.service
MESSAGE=Started WPA Supplicant daemon.
_BOOT_ID=f5fdeb90cc8747e394c56fe4d259697e
_SOURCE_REALTIME_TIMESTAMP=1376115057859348
Sat 2013-08-10 09:10:57 EEST [s=56a4cd388ac848b58942c2ec5eecaed3;i=1809d;b=f5fdeb90cc8747e394c56fe4d259697e;m=7623bd;t=4e391c1318f05;x=bc954907c863e2c1]
PRIORITY=6
_UID=0
_GID=0
_MACHINE_ID=fbb0c4896a9c0f680475c0a07edd2c5a
SYSLOG_IDENTIFIER=systemd
SYSLOG_FACILITY=3
_TRANSPORT=journal
_PID=1
_COMM=systemd
_EXE=/usr/lib/systemd/systemd
_SYSTEMD_CGROUP=/system
CODE_FILE=src/core/unit.c
CODE_LINE=1038
CODE_FUNCTION=unit_status_log_starting_stopping_reloading
MESSAGE_ID=7d4958e842da4a758f6c1cdc7b36dcc5
_HOSTNAME=localhost.localdomain
_CMDLINE=/usr/lib/systemd/systemd –switched-root –system –deserialize 24

After _SELINUX_CONTEXT sometimes you can found useful information (Message) about occurred problems with Selinux label problems.

 

OpenShift cloud

OpenShift Origin

The open source upstream of OpenShift, the next generation application hosting platform developed by Red Hat.

OpenShift Origin includes support for a wide variety of language runtimes and data layers including Java EE6, Ruby, PHP, Python, Perl, MongoDB, MySQL, and PostgreSQL.

I am using FREE plan, and this is my cloud address of Reveal platform:

http://reveal-linux4you.rhcloud.com/

It seems interesting project from Red Hat, but I still don’t know if its very useful. 😀

 

 

pure-ftpd and virtual users on CentOS

You should install pure-ftpd
yum install pure-ftpd
If you are using Fedora also pure-ftpd-selinux

mkdir /webs/web1/public_html
chown web1:web1 /webs/web1/public_html
pure-pw useradd web1_ftp -u web1 -g web1 -d /webs/web1/public_html
pure-pw mkdb
pure-pw list
web1_ftp is your virtual user name

You should remember enable: PureDB /etc/pure-ftpd/pureftpd.pdb in your pure-ftpd main configuration file and disable anonymous access: NoAnonymous yes

ifconfig cheatsheet

purpose net-tools new iproute2 replacement
Address and link configuration ifconfig ip addr
ip link
Routing tables route ip route
Neighbors arp ip neigh
Tunnels iptunnel ip tunnel
Multicast ipmaddr ip maddr
Statistics netstat ss
function iproute2 command
ip address – protocol address management
show ip addresses
ip a
ip address show
ip addr show dev eth0
ip a sh eth0
add/delete ip addresses
ip address add 192.0.2.1/24 dev eth0
ip addr del 192.0.2.2/24 dev eth0
for ip in {2..254}; do ip a a 10.1.100.$ip dev eth0; done
show interface statistics
ip -s link ls eth0
ip link – network device/link configuration
show links/devices
ip link show
ip link sh eth0
set link/device state
ip link set eth0 up
ip link s gre01 down
ip route – routing table management
show routing table
ip route
ip ro show dev gre01
add new route
ip route add 10.2.2.128/27 dev gre01
add default route
ip route add default via 192.168.1.1
change existing default route
ip route chg default via 192.168.1.2
delete default route
ip route del default
ip tunnel – tunnel configuration
add/delete a new tunnels GRE Tunnel:

ip tunnel add gre01 mode gre local 10.1.1.1 remote 20.2.2.1 ttl 255

IPIP Tunnel:

ip tunl a ipip01 mode ipip local 10.1.1.1 remote 20.2.2.1 ttl 255
ip tunnel del gre01
show tunnels
ip tunnel show
show tunnel statistics
ip -s tunl ls gre01
ip neighbour – neighbour/arp tables management
view arp cache table
ip neigh show
add/delete arp entries
ip neighbor add 10.2.2.2 dev eth0
ip neigh del 10.2.2.1 dev eth0
ss – socket statistics
listening sockets
ss -l
listening processes
ss -p