Monday, 30 September 2013

SSH Without Password ON RedHat 6/CentOS 6

SSH without password is easy:

Step 1

First log in on A pc and generate a pair of authentication keys. Do not enter a passphrase:

ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
...


Step 2

Copy authen file to remote host (host B)

ssh-copy-id -i .ssh/id_dsa.pub {hostB_ip/hostB_name}
 

Step 3

From nowyou can log into B as b from A as a without password:

a@A:~> ssh b@{hostB_ip/hostB_name}



Note :
Must Disable Security-Enhanced Linux


If still errors

Change the permissions of .ssh to 700
Change the permissions of .ssh/authorized_keys to 600
Posted by at No comments:
Labels: , , ,

Disable Security-Enhanced Linux

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides the mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls (MAC).

In Fedora/Centos, SELinux is not useful and  make some softwares, services can't run. So we need disable it.

There are two way:

Temporary
setenforce 0

Forever
Edit vi /etc/selinux/config and reboot:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
# SELINUXTYPE=targeted












Posted by



at





No comments:
  


















Labels:
,
,

















          

        

          

        

Saturday, 28 September 2013


          

        










Fix error can't connect internet when cloning Centos in Virtualbox




















When working, I need some test with two Centos virtual machine/pc (6.4 minimal). 



So I installed one virtual machine and clone to another.



And to make two virtual machine can connect one Lan network (or one wifi network) with bridged adapter mode in Network settings, I need check to "Reinitialize the MAC address of all network cards) like behind image.











And when I started new virtual machine, I can't connect to internet.



Solution

 Need go to superuser with su command line








    

  1. Remove the
     kernel’s networking interface rules file to reset
    
# rm -f /etc/udev/rules.d/70-persistent-net.rules
    

    2. 



    

  1. Restart the VM
    2. 




 


  

# reboot


 




    

  1. UPDATE your
     interface configuration file

    # vi /etc/sysconfig/network-scripts/devices/ifcfg-eth0
    2. 



    

  1. Remove the
     MACADDR entry and the UUID
     entry
    2. 

  2. Save and exit
     the file (:wq)
    3. 

  3. Restart the
     networking service
    4. 




 


  

# service network restart


 



 
















Posted by



at





No comments:
  


















Labels:
,
,
,
,
,

















          

        

          

        

Thursday, 26 September 2013


          

        









Opsview, a good monitor system base on Nagios










After studying Nagios a period of time, I met Opsview and really like it and want to share it for every body by post an article to this blog.



What is Opsview?

Opsview like Nagios with useful plugins with a nice web interface and easy to config and install.

Nagios is a powerful monitor system but Nagios Core (free) has a basic web interface, almost to read only, to config hosts or options, we need write to files an reload service, database base on text format. Nagios core can't do any think if it stand alone, we must install plugin for check, graph (pnp4nagios, nagiosgraph...) for show status display graphs ... And really hard for install, studying and training newbies.

Opsview Core free.



What can Opview do ?

Opsview is built with the following technologies:


    

  • Nagios Core: Provides the core set of monitoring and alerting capabilities in Opsview. Sometimes referred to as Opsview's monitoring engine. Many plugin in Nagios is compatible with Opsview
    • 

  • Nice web interface: comfortable, easy to use, easy to remember, easy to learn and traning
    • 

  • MySQL: A relational database used for configuration, runtime and data warehouse databases
    • 

  • RRDtool: Provides lightweight graphing
    • 

  • More extend agent
    • 

  •  ...
    • 


Homepage: http://opsview.com/











Posted by



at





No comments:
  


















Labels:
,
,
,
,
,
,
,
,
,

















          

        

          

        

Saturday, 21 September 2013


          

        










Snapshot function in Virtualbox (backup many status of os)










Virtualbox is a free, opensource virtual pc software. Beside Virtualbox, we can use many other free softwares like qemu, vmware player ... but i think virtualbox is the best because it is nice, power, can connect with gns3 to simulate network systems (qemu can still connect but not power like virtualbox).

In the simplest way, we use Virtual pc software with an iso image file of an operating system to install and run the operating system (OS) in a window to test or run certain tools that the operating system on pc / laptop does not currently do. But virtual pc softwares have many more powerful functions than it and Snapshot is one.

With a real pc/laptop, I use softwares like norton ghost, true image ... to backup OS. I must restart PC with a boot pc and configure to backup to an image file. I need about near half of hour for each time.

With virtualbox, before, I can backup file vdi by compress this to a archive file. I really happy with each time, I only need back in less than ten minutes.

But, with snapshot, I can do them with < one minutes, can backup in running, save memory, and can struct in a tree to manager snapshots.













To use it, we need click snapshot button (blue arrow)

Create snapshot (red arrow), we can do it when virtual pc is running.

And can clone this state to other virtual pc with button in black arror.

Choose status you want to restore, and click restore button near create button. 



Very easy,  very powerful. When i try softwares, special in linux (hard to install softwares), this function help me very good.









Posted by



at





No comments:
  


















Labels:
,
,
,
,

















          

        

          

        

Friday, 13 September 2013


          

        









Scapy, a power network tool for Python










When working, I must meet some project with create pakage, pppoe, ping, catch, filter, authentication ... And I was introduced to learn to use scapy.

Scapy is a power opensource library/app for python.





Homepage: http://www.secdev.org/projects/scapy/








First project I met is pppoe with pap/chap authentication to connect to some bras, server and Scapy support it with automata (advanced function of scapy).







You can see here to know pppoe:








And this is a code








Chap authen












and we can use scapy with other protocols. At the present, I am not sure about Scapy, so you can go to http://networkingbodges.blogspot.com or homepage of scapy to get more information.












Posted by



at





No comments:
  


















Labels:
,
,
,
,
,
,

















        

      









Subscribe to:
Posts (Atom)