You should first create CA keys on the certificate authority ca server as root: ssh-keygen -f ca_server Check with ls to see if files are created in the current working directory. Following files will be present. ca_server ca_server.pub Sign the host key of the ca server itself. ssh-keygen -s ca_server -I host_auth_server -h -n ca_server.seimaxim.com …

Read more

Bash is by default installed on most Linux distributions like AlmaLinux, CentOS, Kali, and Ubuntu. The following cheat sheet outlines some important features of bash scripting. Bash Script Header #!/usr/bin/env bashecho “Hello World” Variables #!/usr/bin/env bashMSG=”Hello World”echo “$MSG Albert” # Hello World Albertecho ‘$MSG Albert # $MSG Albert Strings MSG=”hello world” Replace echo ${MSG/w/W} # …

Read more

This guide deals with how to set up sftp so that users are restricted to their home directory, while other users on the server are not affected. To allow chroot only for specific users, use the Match keyword in /etc/ssh/sshd_config file. Comment the original Subsystem entry in sshd_config file as follows: #Subsystem sftp /usr/libexec/openssh/sftp-server Add …

Read more

First, update Kali Linux based server as follows: sudo apt updatesudo apt -y full-upgrade Reboot server as follows: reboot Find out which video card is installed in the Kali Linux server and verify using the nouveau open-source driver. lspci | grep -i vga You will get the following output: 00:02.0 VGA compatible controller: NVIDIA Corporation …

Read more

Some of the common tools like cp/rsync do not support copying of inode attributes, so it is not possible to copy these attributes across or even on the same filesystems. These are inode flags (attributes) and not the regular attributes. Some Linux filesystems support inode flags, attributes that modify the semantics of files and directories. …

Read more

Getting the following ssh debug output: debug2: mac_setup: found hmac-sha1debug1: kex: server->client aes128-ctr hmac-sha1 nonedebug2: mac_setup: found hmac-sha1debug1: kex: client->server aes128-ctr hmac-sha1 noneno hostkey alg On CentOS 6, you generate ECDSA hostkeys with correct permissions: ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C '' -N ''chmod 600 /etc/ssh/ssh_host_ecdsa_keychmod 640 /etc/ssh/ssh_host_ecdsa_key.pubrestorecon /etc/ssh/ssh_host_ecdsa_key.pub To allow ssh clients to accept …

Read more

The new configuration file for NFS server setup in AlmaLinux 8 is /etc/nfs.conf. /etc/sysconfig/nfs is deprecated and replaced by /etc/nfs.conf. # cat /etc/nfs.conf## This is a general configuration for the# NFS daemons and tools#[general]# pipefs-directory=/var/lib/nfs/rpc_pipefs#[exportfs]# debug=0#[gssd]# use-memcache=0# use-machine-creds=1use-gss-proxy = yes# avoid-dns=1# limit-to-legacy-enctypes=0# context-timeout=0# rpc-timeout=5# keytab-file=/etc/krb5.keytab# cred-cache-directory=# preferred-realm=#[lockd]# port=0# udp-port=0#[mountd]# debug=0# manage_gids=n# descriptors=0# port=0# threads=1# reverse-lookup=n# …

Read more

Method 1: Create pub/private keys on Windows Clients and copy the public key to Linux Server On a Windows machine, open Putty Key Generator. Click Generate to create public and private keys (set passphrase if preferred). Copy the content of the public key, and paste it to the ~/.ssh/authorized_keys file on AlmaLinux/CentOS ssh server. Confirm …

Read more

When different Java versions are installed on a Linux server, use the alternatives tool to set the default Java version as follows: alternatives --config java There are 2 program that provides 'java'. Selection Command ----------------------------------------------- *+ 1 java-1.9.0-openjdk.x86_64 (/usr/lib/jvm/java-1.9.0-openjdk-1.9.0.292.b10-1.el8_4.x86_64/jre/bin/java) 2 java-12-openjdk.x86_64 (/usr/lib/jvm/java-12-openjdk-11.0.11.0.9-2.el8_4.x86_64/bin/java) Enter to keep the current selection[+], or type selection number: 2 Type 1 …

Read more

repo creation via ISO DVD image that can be used by local server only Mount the AlmaLinux DVD ISO file to /mnt/iso as the yum destination. mkdir -p /mnt/iso mount -o loop AlmaLinux-dvd.iso /mnt/iso If you are using cdrom/dvdrom, insert cd/dvd and mount it to /mnt/iso as the yum destination. mkdir -p /mnt/iso mount -o …

Read more

If you SSH to other hosts in VM running under VMware workstation, you may get the following error: packet_write_wait: Connection to x.x.x.x port 22: Broken pipe To resolve this issue use bridged networking instead of NAT in VMware workstation. If you still want to keep NAT networking, add the following to your ~/.ssh/config file: Host …

Read more

You need to copy instance specific configuration file located at /usr/share/doc/httpd/instance.conf to /etc/httpd/conf/newinstance.conf cp /usr/share/doc/httpd/instance.conf /etc/httpd/conf/newinstance.conf Use the Listen option to change the port to run simultaneously with other httpd.service as below: Listen 81 This configuration will be the default when running httpd@newinstance.service systemctl start httpd@newinstance.service Some changes expected from the default are: The default …

Read more

To resolve this issue, replace DPMS with HardDPMS in the “OutputClass” section of Xorg configuration file [/etc/X11/xorg.conf.d/] as shown below: option "DPMS" "false" Change above to: Option "HardDPMS" "flase" If no DPMS options are set in [/etc/X11/xorg.conf.d/] file than append this option as follows: Section "OutputClass"Identifier "nvidia"MatchDriver "nvidia-drm"Driver "nvidia"Option "AllowEmptyInitialConfiguration"Option "PrimaryGPU" "yes"Option "SLI" "Auto"Option "BaseMosaic" …

Read more

GPU devices show the wrong SELinux context after the server restarts and cannot be used without restoring the context with restorecon. ls -Z /dev/nvi*crw-rw-rw-. root root system_u:object_r:xserver_misc_device_t:s0 /dev/nvidia0crw-rw-rw-. root root system_u:object_r:xserver_misc_device_t:s0 /dev/nvidia1crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia2crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia3crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia4crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia5crw-rw-rw-. root root system_u:object_r:device_t:s0 /dev/nvidia6crw-rw-rw-. root root system_u:object_r:device_t:s0 …

Read more