You should first create CA keys on the certificate authority ca server as root: ssh-keygen -f ca_server Check with ls to see if files are created in the current working directory. Following files will be present. ca_server ca_server.pub Sign the host key of the ca server itself. ssh-keygen -s ca_server -I host_auth_server -h -n ca_server.seimaxim.com …
Month: August 2021
Bash Shell Scripting Cheat Sheet for AlmaLinux, CentOS, and Ubuntu
Bash is by default installed on most Linux distributions like AlmaLinux, CentOS, Kali, and Ubuntu. The following cheat sheet outlines some important features of bash scripting. Bash Script Header #!/usr/bin/env bashecho “Hello World” Variables #!/usr/bin/env bashMSG=”Hello World”echo “$MSG Albert” # Hello World Albertecho ‘$MSG Albert # $MSG Albert Strings MSG=”hello world” Replace echo ${MSG/w/W} # …
How to set up sftp so that user cannot get out of their home directory
This guide deals with how to set up sftp so that users are restricted to their home directory, while other users on the server are not affected. To allow chroot only for specific users, use the Match keyword in /etc/ssh/sshd_config file. Comment the original Subsystem entry in sshd_config file as follows: #Subsystem sftp /usr/libexec/openssh/sftp-server Add …
How to install Nvidia drivers on Kali linux
First, update Kali Linux based server as follows: sudo apt updatesudo apt -y full-upgrade Reboot server as follows: reboot Find out which video card is installed in the Kali Linux server and verify using the nouveau open-source driver. lspci | grep -i vga You will get the following output: 00:02.0 VGA compatible controller: NVIDIA Corporation …
Inode attributes set with lsattr are not copied to other filesystems in Linux
Some of the common tools like cp/rsync do not support copying of inode attributes, so it is not possible to copy these attributes across or even on the same filesystems. These are inode flags (attributes) and not the regular attributes. Some Linux filesystems support inode flags, attributes that modify the semantics of files and directories. …
SSH connection fails with messages “no hostkey alg”
Getting the following ssh debug output: debug2: mac_setup: found hmac-sha1debug1: kex: server->client aes128-ctr hmac-sha1 nonedebug2: mac_setup: found hmac-sha1debug1: kex: client->server aes128-ctr hmac-sha1 noneno hostkey alg On CentOS 6, you generate ECDSA hostkeys with correct permissions: ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C '' -N ''chmod 600 /etc/ssh/ssh_host_ecdsa_keychmod 640 /etc/ssh/ssh_host_ecdsa_key.pubrestorecon /etc/ssh/ssh_host_ecdsa_key.pub To allow ssh clients to accept …
Linux Cheat Sheet – AlmaLinux 8, CentOS 8, CentOS 7, CentOS 6, CentOS 5
Basic System Commands Server Basic Info Boot & Kernel Software Installation Server Services User operations Volumes, File systems, Storage Networking & routing Security management Process management
NFS server configuration file in AlmaLinux 8, CentOS 8
The new configuration file for NFS server setup in AlmaLinux 8 is /etc/nfs.conf. /etc/sysconfig/nfs is deprecated and replaced by /etc/nfs.conf. # cat /etc/nfs.conf## This is a general configuration for the# NFS daemons and tools#[general]# pipefs-directory=/var/lib/nfs/rpc_pipefs#[exportfs]# debug=0#[gssd]# use-memcache=0# use-machine-creds=1use-gss-proxy = yes# avoid-dns=1# limit-to-legacy-enctypes=0# context-timeout=0# rpc-timeout=5# keytab-file=/etc/krb5.keytab# cred-cache-directory=# preferred-realm=#[lockd]# port=0# udp-port=0#[mountd]# debug=0# manage_gids=n# descriptors=0# port=0# threads=1# reverse-lookup=n# …
How to setup password-less SSH between Windows Clients and CentOS, AlmaLinux servers
Method 1: Create pub/private keys on Windows Clients and copy the public key to Linux Server On a Windows machine, open Putty Key Generator. Click Generate to create public and private keys (set passphrase if preferred). Copy the content of the public key, and paste it to the ~/.ssh/authorized_keys file on AlmaLinux/CentOS ssh server. Confirm …
How to set default Java version with alternatives tool in AlmaLinux
When different Java versions are installed on a Linux server, use the alternatives tool to set the default Java version as follows: alternatives --config java There are 2 program that provides 'java'. Selection Command ----------------------------------------------- *+ 1 java-1.9.0-openjdk.x86_64 (/usr/lib/jvm/java-1.9.0-openjdk-1.9.0.292.b10-1.el8_4.x86_64/jre/bin/java) 2 java-12-openjdk.x86_64 (/usr/lib/jvm/java-12-openjdk-11.0.11.0.9-2.el8_4.x86_64/bin/java) Enter to keep the current selection[+], or type selection number: 2 Type 1 …
How to create local repository distributed through apache on AlmaLinux 8 using DVD ISO
repo creation via ISO DVD image that can be used by local server only Mount the AlmaLinux DVD ISO file to /mnt/iso as the yum destination. mkdir -p /mnt/iso mount -o loop AlmaLinux-dvd.iso /mnt/iso If you are using cdrom/dvdrom, insert cd/dvd and mount it to /mnt/iso as the yum destination. mkdir -p /mnt/iso mount -o …
Unable to connect via SSH to other hosts in VMware running AlmaLinux 8 VM
If you SSH to other hosts in VM running under VMware workstation, you may get the following error: packet_write_wait: Connection to x.x.x.x port 22: Broken pipe To resolve this issue use bridged networking instead of NAT in VMware workstation. If you still want to keep NAT networking, add the following to your ~/.ssh/config file: Host …
How to configure multiple instances of Apache HTTPD on the same server in AlmaLinux?
You need to copy instance specific configuration file located at /usr/share/doc/httpd/instance.conf to /etc/httpd/conf/newinstance.conf cp /usr/share/doc/httpd/instance.conf /etc/httpd/conf/newinstance.conf Use the Listen option to change the port to run simultaneously with other httpd.service as below: Listen 81 This configuration will be the default when running httpd@newinstance.service systemctl start httpd@newinstance.service Some changes expected from the default are: The default …
Drop in GPU usage for GPU intensive application
To resolve this issue, replace DPMS with HardDPMS in the “OutputClass” section of Xorg configuration file [/etc/X11/xorg.conf.d/] as shown below: option "DPMS" "false" Change above to: Option "HardDPMS" "flase" If no DPMS options are set in [/etc/X11/xorg.conf.d/] file than append this option as follows: Section "OutputClass"Identifier "nvidia"MatchDriver "nvidia-drm"Driver "nvidia"Option "AllowEmptyInitialConfiguration"Option "PrimaryGPU" "yes"Option "SLI" "Auto"Option "BaseMosaic" …
GPU devices have wrong SELinux context after reboot server in CentOS and AlmaLinux
GPU devices show the wrong SELinux context after the server restarts and cannot be used without restoring the context with restorecon. ls -Z /dev/nvi*crw-rw-rw-. root root system_u:object_r:xserver_misc_device_t:s0 /dev/nvidia0crw-rw-rw-. root root system_u:object_r:xserver_misc_device_t:s0 /dev/nvidia1crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia2crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia3crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia4crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia5crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia6crw-rw-rw-. root root system_u:object_r:device_t:s0 …