Generate SSH Keys…

Recently I needed to do password less login for services to be automated. I could make scripts run in cron jobs, which could run in the middle of the night.

Any good operating systems, like a Linux, Mac OSX, freeBSD etc will have ssh built in.

To generate the ssh key file is a simple process. Then you just need to copy the generated file to the destination machine.

Step One:
Generate the SSH keyfile

When you generate the key, it will ask you to type a password for the ssh key. Most people like I do not type a password/paraphrase due to you need to add this later into a script.

I change the encryption bit from the default 2048 to 4096. You can add more encryption but remember the more you add, sometimes it takes longer to log in as the host machine needs to process the keyfiles.

Once this is done you need to copy the file to the remote/destination machine.

Step Two
Copy the newly created keygen file to the remote/destination machine.

Once your public ssh key has been copied across, you now can use passwordless logins across your machines. Enjoy…

Convert Iso to VirtualBox Vdi

A issue recently is I have been playing with some new distributions as I have been doing more development using linux as my desktop operation system.

Before I would commit to using a new distribution os my main laptop operating system. I have been trailing them as virtual systems on VirtualBox.

Some of the distributions only come on live iso images, with no installation application. So my solution was to convert the live iso image into a VirtualBox vdi. The process is only one command to convert the iso to a vdi file.

Step One:
Locate the live iso image for conversion to a vdi file..

Once this is complete you want to add this to your VirtualBox machine. When you create your virtual machine, instead of creating your new your new vdi file, load the newly created vdi file.

Enjoy…

Move your Ubuntu system to a new machine.

ubuntu logo

Recently I changed Ubuntu laptops, where a simple dd would not have worked due to the large changes in hardware, like going from non efi to a efi system. So the disk structure had to change. Why doing a disk image was ruled out.

I worked out a way after some google searching that it was best to install a basic installation of Ubuntu 16.10 on the new laptop then, create a list of the packages I had installed upon the old laptop, which I could use to install upon the new laptop.

Once this was done, all you need to do was transfer your data and any configuration files to the new laptop.

Below is a method I used with the commands to replicate the packages from the old system to the new system.

Step One:
On the old machine run this command to make a list of the packages that exist.

You also need to copy from the old machine the /etc/apt directory. This has any repositories etc that are custom added like Mariadb as a example.

Step Two:
Now copy the files across to the new machine. Replace the /etc/apt directory from the old machine.

After you have done this with the pkglist file you can install the packages with the following command.

There is a chance that packages will not be found or it will crash during installation. To get around packages that are not found, you need to edit your pkglist file to continue with package installation. When a package crashes during configuration/installation. You need to kill the dpkg process then type the following command:

This will fix the current installation/configuration issues. You can then restart the command from step two to continue installation of packages.

Step Three:
You can now copy your configuration files and anything else from your old machine to the new machine.

A easier way long as there are not too many files in your machine would be to just archive your home directory and copy the archive file to the new machine and un-archive it in your home directory. This is easiest as there are a lot of hidden files in your home directory.

Now enjoy your new machine.

Auto Start VirtualBox VM’s…

logo-virtualboxI have started using virtualbox more and more for development work, and started getting a bit cheesed off on how to auto start the virtual machines on my server. Server being headless, I thought there would I would create some initialisation scripts under ubuntu get the job done. Then I thought, that someone else has already done this. Why reinvent the wheel, when the wheel has been invented.So a quick google search brought to a webpage that allowed me to start the vm’s when the host server starts up. The link to the original page is here The page is exactly what I needed but it missed a few steps that I have added here to simplify installation.

The issue is if you are not a root user you need to change the “VBOXUSER” in the above script, to the user you want.

If you have not added the user to the vboxusers on the host system the command is

Once this is done you need to add the script to the right /etc/rc*.d directories. This can be done simply with the command.

Once this is done, you should be ready to go unfortunately not. There is still one more process and that is populating the init script config file so it knows what virtual machines you have to start up. The following command I used to startup any unstarted virtual machines so the init script knew about them.

Once this was done you can run the init script if needed to test all your virtual machine startup.

Enjoy…

Install ufw firewall on Ubuntu…

ubuntu logo

I updated my 10.04 LTS servers recently to 12.04 LTS. One of the issues I have is that when I upgraded my iptables script failed. I decided that I would, try and fix my iptables, but iptables changed so much from 10.04 to 12.04. After many days of screwing around, I gave up and looked at alternatives to get my firewall working again. I found ubuntu had a product called Ubuntu Firewall. To get ufw and working, is not a hard task. Howto is shown below.

You need to enable ufw

Now if you want to allow ssh port open, so you can make a remote connection to the server.

To see the the current status and list of what ports are open

If your like me and running the server also as you gateway, you may only want to block the interface to the outside world and open all ports on the internal interface.

This does not do any nat traversal/masquerading. I will blog about this later.

Reset Network Drivers to eth0…

Recently I came across a issue, where a added a dual network card to my ubuntu server and instead of taking over the eth0 and continuing down the line in sequence. Ubuntu decided to just continue the sequence of eth1 and eth2. So it got me wondering why does it not take over the eth0, since the old network card is not there. It seems the culprit is the udev rules and the network cache which remembers the mac address of the previous card and leaves that eth0. So no other ethernet card can be eth0, till you delete the network cache and udev regenerates the device with the new network card. To resolve this issue you just need to delete the fie below and reboot.

# rm -f /etc/udev/rules.d/70-persistent-net.rules

Install Squid in 600 seconds…

Currently I have a few firewall issues and while I am trying to resolve those issues. I decided I still needed to surf the internet. Till I can resolve my firewall issues, my option was to either surf with my mobile 3g unit, do my internet surfing only at work, or none at all. My other option was to install squid, as a bandaid issue.

The steps to get squid working is shown below.

# apt-add install squid3

We need to edit the squid configuration, before we can start the application.

# cd /etc/squid3
# cp squid.conf squid.conf.orig
# vi squid.conf

We now modify the squid configuration file, and modify, add the following into the squid.conf

acl our_networks src 192.168.0.0/24
acl localnet src 127.0.0.1/255.255.255.255
http_access allow our_networks
http_access allow localnet

An optional extra is if you want to modify the cache of squid the line that needs to be modified is

cache_dir ufs /var/spool/squid3 7000 16 256

The only part you may wish to modify is the 7000 which denotes the amount of megabytes. You can increase or decrease the size of your cache, depending on your needs.
Before you start squid you need to create the cache, with the following command.

# squid -z

You now can start squid with the command

# /etc/init.d/squid restart

Install Nagios in 600 seconds…

Recently I installed Nagios from the Ubuntu 10.04 repositories and found that the repository version is a version behind the current behind. I decided to install Nagios from source code directly. It is a simple process, below is how it is installed. Note there are two parts to Nagios, the core application and the plugins.

Nagios Core:

We need to install dependancies before we install nagios.

# apt-add install build-essential php5-gd wget libgd2-xpm libgd2-xpm-dev

We now need to create the nagios user on the system, for the nagios software to run under.

# adduser –system –no-create-home –disabled-login –group nagios

# groupadd nagcmd

# usermod -G nagcmd nagios usermod -a -G nagcmd www-data

Now that we have create the nagios user for the system, we need to download the nagios software.

# cd /usr/src

# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.3.1.tar.gz

# wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz

Now we build the Nagios software

# tar -xzvf /opt/nagios-3.3.1.tar.gz cd /opt/nagios-3.2.3 ./configure –with-command-group=nagcmd

# cd nagios-3.3.1

# ./configure –with-command-group=nagcmd

We now compile the software and install it, upon the system.

# make all

# make install

# make install-init

# make install-config

# make install-commandmode

Configure the Nagios core.

# vi /usr/local/nagios/etc/objects/contacts.cfg

You need to edit the alias and email lines.

# cd /usr/src/nagios-3.3.1

We need to install the web based frontend software.

# make install-webconf

We need to create the login name of the user from the apache frontend. You wil also need to enter a password for the nagiosadmin user.

# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

We need to reload the apache2 configuration.

# /etc/init.d/apache2 reload

Nagios Plugin:
We now need to build the plugins from source. Below are the steps below.

# cd /usr/src

# tar xzf nagios-plugins-1.4.15.tar.gz

# cd nagios-plugins-1.4.15.tar.gz

# ./configure –with-nagios-user=nagios –with-nagios-group=nagios

# make

# make install

Now we get Nagios running. We need to get the permissions corrected so the startup files work.

# chmod +x /etc/init.d/nagios

# /usr/sbin/update-rc.d -f nagios defaults

We need to check that our nagios configuration is good, or Nagios will not start. The configuration check will show us if there are any errors in the configuration file.

# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If no errors are shown, you are able to start Nagios now.

# /etc/init.d/nagios start

You will be able to access Nagios from a web browser. The address will be http://localhost/nagios or http://<ip address of the server>/nagios Remember when you created the Nagios admin user above, you need to remember

Mail Alerts

If you want Nagios to email you on alerts, when things go wrong. You need to install

#apt-get install mailutils sendmail

Select your mail server as a internet site. Note that you can modify the nagios /usr/local/nagios/etc/objects/commands.cfg file or easier process is to link /usr/bin/mail to /bin/mail. You do not need to restart nagios if you just done the soft link of the mail files.

Install Plone under Ubuntu…

I have been looking for a good cms/wiki to document the changes at my work. I tried mediawiki and got fustrated by the weird markup language, to create a textbox. I tried moinmoin and found security was a issue. So now I have decided to try Plone. I thought Plone looks good. But there are no Ubuntu packages and I need to install the software from source.

Before you can install Plone from source you need to install some pre-requisite Ubuntu packages.

# apt-get install build-essential libssl-dev libxml2-dev libbz2-dev libjpeg62-dev libreadline5-dev wv poppler-utils

You need to get the Plone software to your server so you can install.

# cd /usr/src

# wget https://launchpad.net/plone/4.1/4.1.4/+download/Plone-4.1.4-UnifiedInstaller.tgz

# gzip -d Plone-4.1.4-UnifiedInstaller.tgz

# tar -xvf Plone-4.1.4-UnifiedInstaller.tar

# cd Plone-4.1.4-UnifiedInstaller

Now we can install Plone..

#./install.sh standalone

The standalone option for means it will only be installed on the server, and be a self contained cms. Once this is done you need to start Plone.

#cd /usr/local/Plone/zinstance

#./plonectl start

You can now acces the Plone cms from the address from http://localhost:8080 or http://:8080.
Enjoy.

Java for Ubuntu…

Recently I needed to install Oracles java, and not the open source java for android development. Oracle do not allow Conical to distribute java with Ubuntu distributions. So you need to add the Oracle repositories after your Ubuntu installation. below shown is a example of how it done.

You need to add the Oracle repository to your Ubuntu installation.

# apt-add-repository pap:flexiondotorg/java

You now need to update your repository database.

# apt-get update

Now you can add the Oracle Java repositories.

# apt-get install sun-java6-jre sun-java6-jdk sun-java6-plugin

Thats all its done.