Listing running processes
You can list/view every process by memory and/or CPU on your system,using any of the following commands:
ps -ef
ps -e
ps -eF
ps -ely
List information for particular PIDs:
ps -p 1,2
List paths that the PID has opened:
lsof -p $
DNS cache cleaning
There is a simple command to quickly clean the DNS cache for every OS. On Linux, Make sure you have the nscd tool installed and running in the background as a daemon. In order to clear the DNS cache, simply restart the daemon as follows -- You need root privileges:
/etc/init.d/nscd restart
Live Interrupts Details
To watch the live interrupt changes in your system run:
watch -d 'cat /proc/interrupts'
Access a Windows Share from Bash
Ever wanted to access a Windows share from your terminal? Well, using mount and cifs/samba, this is possible. Make sure you have smbfs/cifs support. We need to make a directory on our hard disk where we can mount the Windows share.
mkdir /mnt/location
we are now ready to mount the filesystem on our newly created directory /mnt/location
To mount using cifs, use the following code:
mount -t cifs //server-ip-or-name/share /mnt/location -o username=user,password=pass,domain=DOMAIN
When we're done working on the share, We should exit the directory or close any programs that are accessing it, and then umount the windows share by using the following commands:
cd /
umount /mnt/location
Data Recovery in Ubuntu
Install ddrescue tools:
sudo apt-get install ddrescue
Connect the failed disk to your system:
Wait for a while...
We can now mount this image on our system and take a look at the files:
mount -t ext3 -o loop disk-image.img /mnt/tmp
How to install vmware/vmware Player on Ubuntu version*
sudo apt-get install build-essential linux-headers-$(uname -r)
sudo chmod +x VMware-Player*.bundle
sudo chmod +x VMware-Workstation-7.0.0-203739_i386-NoTools.bundle
sh VMware-Workstation-7.0.0-203739_i386-NoTools.bundle
Tunnel your SSH connection via intermediate host
$ ssh -t reachable_host ssh unreachable_host
This one-liner creates an ssh connection to unreachable_host via reachable_host. It does it by executing the ssh unreachable_host on reachable_host. The -t forces ssh to allocate a pseudo-tty, which is necessary for working interactively in the second ssh to unreachable_host.
This one-liner can be generalized. You can tunnel through arbitrary number of ssh servers:
$ ssh -t host1 ssh -t host2 ssh -t host3 ssh -t host4 ...
Clear the terminal screen
$ CTRL+l
Hear when the machine comes back online
$ ping -a IP
Ever had a situation when you need to know when the system comes up after a reboot? Up until now you probably launched ping and either followed the timeouts until the system came back, or left it running and occasionally checked its output to see if the host is up. But that is unnecessary, you can make ping -a audible! As soon as the host at IP is back, ping will beep!
Shutdown a Windows machine Remotely
$ net rpc shutdown -I IP_ADDRESS -U username%password
mtr - traceroute and ping combined
$ mtr google.com
MTR, bettern known as "Matt's Traceroute" combines both traceroute and ping command. After each successful hop, it sends a ping request to the found machine, this way it produces output of both traceroute and ping to better understand the quality of link. If it finds out a packet took an alternative route, it displays it, and by default it keeps updating the statistics so you knew what was going on in real time.
Copy your public-key to remote-machine for public-key authentication
$ ssh-copy-id remote-machine
This one-liner copies your public-key, that you generated with ssh-keygen (either SSHv1 file identity.pub or SSHv2 file id_rsa.pub) to the remote-machine and places it in ~/.ssh/authorized_keys file. This ensures that the next time you try to log into that machine, public-key authentication (commonly referred to as "passwordless authentication.") will be used instead of the regular password authentication.
If you wished to do it yourself, you'd have to take the following steps:
your-machine$ scp ~/.ssh/identity.pub remote-machine:
your-machine$ ssh remote-machine
remote-machine$ cat identity.pub >> ~/.ssh/authorized_keys
This one-liner saves a great deal of typing. Actually I just found out that there was a shorter way to do it:
your-machine$ ssh remote-machine 'cat >> .ssh/authorized_keys' < .ssh/identity.pub
Linux: Recovering deleted /etc/shadow password file
Sometimes by accident we may delete /etc/shadow file. If you boot into single user mode, system will ask root password for maintenance, and just imagine you do not have a backup of /etc/shadow file. How do you fix such problem in a production environment where time is critical factor? Below is the explaination how to recover deleted /etc/shadow file in five easy steps. It will take around 10 min. to fix the problem.
Boot server into single user mode
1) Reboot server
2) Next, you will see grub-boot loader screen. Select Recovery mode the version of the kernel that you wish to boot and type e for edit. Select the line that starts with kernel and type e to edit the line.
3) Go to the end of the line and type init=/bin/bash as a separate one word (press the spacebar and then type init=/bin/bash). Press enter key to exit edit mode.
init=/bin/bash
4) Back at the GRUB screen, type b to boot into single user mode. This causes the system to boot the kernel and run /bin/bash instead of its standard init. This will allow us gain root privileges (w/o password) and a root shell.
Make sure you can access system partition(s)
1) Mount partitions in read write mode
Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.
# mount -rw -o remount /
Do not forget to (re)mount your rest of all your partitions in read/write (rw) mode such as /usr /var etc (if any)
Rebuild /etc/shadow file from /etc/passwd
1) You need to use pwconv command; it creates /etc/shadow from /etc/passwd and an optionally existing shadow.
# pwconv
2) Use passwd command to change root user password:
# passwd
Note you may need to type same password twice with passwd command. If you have an admin account, then setup password for that account. On most production, servers direct root login is disabled. In our situation, admin was the only account allowed to use su and sudo command.
# passwd admin
3) Now root and admin accounts are ready to go in multi-user mode. Reboot the system in full multiuser mode:
# sync
# reboot
Note:
* Some time /etc/shadow- file can be use to replace /etc/shadow
* If you have a backup of /etc/shadow on tape or cdrom then you can copy back /etc/shadow file
How to Step Block all non-root login
Block all non-root (normal) users until we fix all password related problems. Since rest of account do not have any password, it is necessary to prevent non-root users from logging into the system. You need to create /etc/nologin file, it will allow access only to root. Other users will be shown the contents of this file and their logins will denied (refused)
1) Login as root user (terminal login only)
2) Create /etc/nologin file
cat > /etc/nologin
System is down due to temporary problem. We will restore your access
within 30 minutes time. If you have any questions please contact tech
support at XXX-XXXX or techsupport@mycorp.com
Update all users password in batch mode
1) Create random password for each non-root user using chpasswd utility. It update passwords in batch mode. chpasswd reads a list of user name and password pairs from file and uses this information to update a group of existing users. Each line is of the format:
user_name:password
Remember by default the supplied password must be in clear-text format. This command is intended to be used in a large system environment where many accounts are created at a single time or in emergency like this. First, we need to find out all non-root accounts using awk command:
awk -F: '{ if ( $3 >1000 ) print $1}' /etc/passwd > /root/tmp.pass
Make sure /root/tmp.pass file contains non-root usernames only.
#############################################################################
How to figure out Differences between files and folders
Diff Between folders : diff --brief --recursive
Diff Between Files: diff
## Iptables Internet Access to Private Network ###
On Mgmt Server
iptables -t nat -A POSTROUTING -o bond1 -j MASQUERADE
echo "1"> /proc/sys/net/ipv4/ip_forward
On Compute Node
route add default gw 10.10.20.254
cat /etc/resolv.conf
nameserver 10.10.20.254
You can list/view every process by memory and/or CPU on your system,using any of the following commands:
ps -ef
ps -e
ps -eF
ps -ely
List information for particular PIDs:
ps -p 1,2
List paths that the PID has opened:
lsof -p $
DNS cache cleaning
There is a simple command to quickly clean the DNS cache for every OS. On Linux, Make sure you have the nscd tool installed and running in the background as a daemon. In order to clear the DNS cache, simply restart the daemon as follows -- You need root privileges:
/etc/init.d/nscd restart
Live Interrupts Details
To watch the live interrupt changes in your system run:
watch -d 'cat /proc/interrupts'
Access a Windows Share from Bash
Ever wanted to access a Windows share from your terminal? Well, using mount and cifs/samba, this is possible. Make sure you have smbfs/cifs support. We need to make a directory on our hard disk where we can mount the Windows share.
mkdir /mnt/location
we are now ready to mount the filesystem on our newly created directory /mnt/location
To mount using cifs, use the following code:
mount -t cifs //server-ip-or-name/share /mnt/location -o username=user,password=pass,domain=DOMAIN
When we're done working on the share, We should exit the directory or close any programs that are accessing it, and then umount the windows share by using the following commands:
cd /
umount /mnt/location
Data Recovery in Ubuntu
Install ddrescue tools:
sudo apt-get install ddrescue
Connect the failed disk to your system:
Wait for a while...
We can now mount this image on our system and take a look at the files:
mount -t ext3 -o loop disk-image.img /mnt/tmp
How to install vmware/vmware Player on Ubuntu version*
sudo apt-get install build-essential linux-headers-$(uname -r)
sudo chmod +x VMware-Player*.bundle
sudo chmod +x VMware-Workstation-7.0.0-203739_i386-NoTools.bundle
sh VMware-Workstation-7.0.0-203739_i386-NoTools.bundle
Tunnel your SSH connection via intermediate host
$ ssh -t reachable_host ssh unreachable_host
This one-liner creates an ssh connection to unreachable_host via reachable_host. It does it by executing the ssh unreachable_host on reachable_host. The -t forces ssh to allocate a pseudo-tty, which is necessary for working interactively in the second ssh to unreachable_host.
This one-liner can be generalized. You can tunnel through arbitrary number of ssh servers:
$ ssh -t host1 ssh -t host2 ssh -t host3 ssh -t host4 ...
Clear the terminal screen
$ CTRL+l
Hear when the machine comes back online
$ ping -a IP
Ever had a situation when you need to know when the system comes up after a reboot? Up until now you probably launched ping and either followed the timeouts until the system came back, or left it running and occasionally checked its output to see if the host is up. But that is unnecessary, you can make ping -a audible! As soon as the host at IP is back, ping will beep!
Shutdown a Windows machine Remotely
$ net rpc shutdown -I IP_ADDRESS -U username%password
mtr - traceroute and ping combined
$ mtr google.com
MTR, bettern known as "Matt's Traceroute" combines both traceroute and ping command. After each successful hop, it sends a ping request to the found machine, this way it produces output of both traceroute and ping to better understand the quality of link. If it finds out a packet took an alternative route, it displays it, and by default it keeps updating the statistics so you knew what was going on in real time.
Copy your public-key to remote-machine for public-key authentication
$ ssh-copy-id remote-machine
This one-liner copies your public-key, that you generated with ssh-keygen (either SSHv1 file identity.pub or SSHv2 file id_rsa.pub) to the remote-machine and places it in ~/.ssh/authorized_keys file. This ensures that the next time you try to log into that machine, public-key authentication (commonly referred to as "passwordless authentication.") will be used instead of the regular password authentication.
If you wished to do it yourself, you'd have to take the following steps:
your-machine$ scp ~/.ssh/identity.pub remote-machine:
your-machine$ ssh remote-machine
remote-machine$ cat identity.pub >> ~/.ssh/authorized_keys
This one-liner saves a great deal of typing. Actually I just found out that there was a shorter way to do it:
your-machine$ ssh remote-machine 'cat >> .ssh/authorized_keys' < .ssh/identity.pub
Linux: Recovering deleted /etc/shadow password file
Sometimes by accident we may delete /etc/shadow file. If you boot into single user mode, system will ask root password for maintenance, and just imagine you do not have a backup of /etc/shadow file. How do you fix such problem in a production environment where time is critical factor? Below is the explaination how to recover deleted /etc/shadow file in five easy steps. It will take around 10 min. to fix the problem.
Boot server into single user mode
1) Reboot server
2) Next, you will see grub-boot loader screen. Select Recovery mode the version of the kernel that you wish to boot and type e for edit. Select the line that starts with kernel and type e to edit the line.
3) Go to the end of the line and type init=/bin/bash as a separate one word (press the spacebar and then type init=/bin/bash). Press enter key to exit edit mode.
init=/bin/bash
4) Back at the GRUB screen, type b to boot into single user mode. This causes the system to boot the kernel and run /bin/bash instead of its standard init. This will allow us gain root privileges (w/o password) and a root shell.
Make sure you can access system partition(s)
1) Mount partitions in read write mode
Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.
# mount -rw -o remount /
Do not forget to (re)mount your rest of all your partitions in read/write (rw) mode such as /usr /var etc (if any)
Rebuild /etc/shadow file from /etc/passwd
1) You need to use pwconv command; it creates /etc/shadow from /etc/passwd and an optionally existing shadow.
# pwconv
2) Use passwd command to change root user password:
# passwd
Note you may need to type same password twice with passwd command. If you have an admin account, then setup password for that account. On most production, servers direct root login is disabled. In our situation, admin was the only account allowed to use su and sudo command.
# passwd admin
3) Now root and admin accounts are ready to go in multi-user mode. Reboot the system in full multiuser mode:
# sync
# reboot
Note:
* Some time /etc/shadow- file can be use to replace /etc/shadow
* If you have a backup of /etc/shadow on tape or cdrom then you can copy back /etc/shadow file
How to Step Block all non-root login
Block all non-root (normal) users until we fix all password related problems. Since rest of account do not have any password, it is necessary to prevent non-root users from logging into the system. You need to create /etc/nologin file, it will allow access only to root. Other users will be shown the contents of this file and their logins will denied (refused)
1) Login as root user (terminal login only)
2) Create /etc/nologin file
cat > /etc/nologin
System is down due to temporary problem. We will restore your access
within 30 minutes time. If you have any questions please contact tech
support at XXX-XXXX or techsupport@mycorp.com
Update all users password in batch mode
1) Create random password for each non-root user using chpasswd utility. It update passwords in batch mode. chpasswd reads a list of user name and password pairs from file and uses this information to update a group of existing users. Each line is of the format:
user_name:password
Remember by default the supplied password must be in clear-text format. This command is intended to be used in a large system environment where many accounts are created at a single time or in emergency like this. First, we need to find out all non-root accounts using awk command:
awk -F: '{ if ( $3 >1000 ) print $1}' /etc/passwd > /root/tmp.pass
Make sure /root/tmp.pass file contains non-root usernames only.
#############################################################################
How to figure out Differences between files and folders
Diff Between folders : diff --brief --recursive
Diff Between Files: diff
## Iptables Internet Access to Private Network ###
On Mgmt Server
iptables -t nat -A POSTROUTING -o bond1 -j MASQUERADE
echo "1"> /proc/sys/net/ipv4/ip_forward
On Compute Node
route add default gw 10.10.20.254
cat /etc/resolv.conf
nameserver 10.10.20.254
No comments:
Post a Comment