Search Results for: cat

Multiple OpenVPN Clients Sharing the Same Certificate

Traditionally I've been configuring OpenVPN in a scenario where each client would have a unique certificate. This requires a bit more time initially but is well worth it in terms of security.

Sometimes this is not needed though, so you can probably get away with multiple clients sharing the same certificate. This way you build a client key once and then propagate it across all the clients that you plan on connecting to your VPN server.

While setting this up just now, I noticed a curious thing: by default all clients with the same cert would end up having the same internal IP address. This behaviour is unlikely to be what you wanted though.

So in order to allow multiple OpenVPN clients share the same client certificate but enjoy a unique internal IP address (so that clients could connect to each other, for instance), add the following line to your OpenVPN server:

duplicate-cn

That's it! Restart your openvpn service and enjoy.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

mtime – file modification timestamp in Unix

mtime is one of the three timestamps in Unix that are maintained for each file in most of the filesystems.

Purpose of mtime

The real purpose of the mtime timestamp is to track the last time of changing the contents of a file. Various commands will allow you to access this information later. For example, ls command allows showing list of files along with their last modification times (it's also possible to get ls to confirm the last access time (atime timestamp)for any file).

mtime example

Here's how you can see mtime in real life. Let's create a file named example.txt and get a full ls listing on it:

greys@ubuntu:~$ date
Fri Sep 28 10:25:40 IST 2012
greys@ubuntu:~$ > example.txt
greys@ubuntu:~$ ls -l example.txt
-rw-r--r-- 1 greys greys 0 2012-09-28 10:25 example.txt

As you can see, the last modification of the "example.txt" file is 10:25am.

Now let's wait a minute:

greys@ubuntu:~$ sleep 60

…confirm the file's mtime is still the same:

greys@ubuntu:~$ ls -l example.txt
-rw-r--r-- 1 greys greys 0 2012-09-28 10:25 example.txt

… and now make the change by adding a line "change" to our file:

greys@ubuntu:~$ echo "change" >> example.txt

And if we check the file's mtime timestamp, it will be updated – in my case 10:27am:

greys@ubuntu:~$ ls -l example.txt
-rw-r--r-- 1 greys greys 7 2012-09-28 10:27 example.txt

More info on mtime

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

cat – concatenate files and print to the standard output

cat is a simple yet very useful Unix command. It takes a name of one or more text files, and then shows their contents to the standard output as one stream of data.

cat command example

greys@ubuntu:~$ cat /etc/kernel-img.conf
do_symlinks = yes
relative_links = yes
do_bootloader = no
do_bootfloppy = no
do_initrd = yes
link_in_boot = no
postinst_hook = /sbin/update-grub
postrm_hook   = /sbin/update-grub

for two files, it looks like this:

greys@ubuntu:~$ cat /etc/issue
Ubuntu 7.04 \n \l
\
greys@ubuntu:~$ cat /etc/issue /etc/kernel-img.conf
Ubuntu 7.04 \n \l
\
do_symlinks = yes
relative_links = yes
do_bootloader = no
do_bootfloppy = no
do_initrd = yes
link_in_boot = no
postinst_hook = /sbin/update-grub
postrm_hook   = /sbin/update-grub

[Read more…]

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

locate – quickly find files in Linux

Today I'd like to show you one more option you have when searching for files in Linux. If you have a locate tool installed, you'll be able to find any file almost instantly.

How does locate command work?

locate uses a pretty simple principle – instead of going through your filesystem directory tree every time you need a certain file found, it consults a database which stores locations of most files in your system. The locate database (locatedb) is updated nightly with a separate command. The update occurs during night hours when peak usage of your system is very unlikely, but this means that using such a database through the day will provide instant results.

[Read more…]

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How To Find a Location of a Directory in Unix

Very quick tip for you today, I just see that many of visitors of this block are curious how they can find a directory in Unix – and so here's a command to help you do just that.

Finding directories in Unix

There's nothing better than to employ the find command. As you might remember, among many things, this wonderful tool allows you to search files by their type. Since nearly everything in Unix is a file, this means you can find directories.

[Read more…]

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

tee: Replicate Standard Output

Now and then I come across a situation when I need to run a script or a Unix command and would like to not only see the output of it on the screen, but also save this output to some log file. Redirecting the standard output using standard Unix stream redirection isn't always useful because your output will either be shown to you, or sent to the file – but not both at the same time

tee command

That's where the tee command becomes really useful. You pipe your output to this command, and let it take care of the rest.

[Read more…]

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How to get started with tmux

Quite simply, tmux allows you to run multiple terminal command lines at the same time side by side much like putting multiple windows next to each other so you see both simultaneously. It stands for "terminal multiplexer", a fancy term for something so logical. Here are the basics to get you started with tmux quickly.

First of all, just run tmux. You will very likely have it in your system no matter which Linux or UNIX distribution you're using. Otherwise you can get it from the tmux website.

tmux

And you're in. Not much has changed, but you should see the green bar at the bottom, which is the tmux status bar showing you which window you're in, date and time, and the hostname of your system. The goodness is in the keyboard commands that you can now use to split the current window into multiple panes, or to create new windows with their own panes. You can then switch between panes and windows with ease.

The way keyboard commands work is by first pressing a shortcut CTRL-B, and then entering a character corresponding to a command. For example, to split the current window or pane into two vertical panes press CTRL-B %. Just press CTRL-B together, then enter the % normally, and it will split.

Here are a few of the basic commands that will have you up and going with tmux with ease:

  • CTRL-B % – split into two vertical panes (as mentioned)
  • CTRL-B " – split into two horizontal panes
  • CTRL-B z – make the current pane full screen (press again to exit full screen)
  • CTRL-B arrow-key – switch between panes with arrow keys. For example
  • CTRL-B up-arrow – will switch to the pane above the currently active one.
  • CTRL-B c – create a new window. You will notice it indicated in the green status bar under a number.
  • CTRL-B number – switch to a window. To switch to a window 0, for example, press CTRL-B 0.

With these shortcuts you can create as many panes and windows as you need, and switch between them.

One more thing though. These sets of windows and panes are known as tmux sessions, and you can actually have multiple of them, and they are saved on the system so that they can be attached to different terminals you can in from.

You can detach from the current session with CTRL-B d, and you'll end up back on the normal bare command line. Then you can run this to list all of the sessions with its numbers:

tmux -l

You'll see something like:

0: 2 windows (created Tue Sep 2 18:30:02 2014) [237×55]
1: 1 windows (created Tue Sep 2 19:04:03 2014) [237×55]

Then you can attach to session 0, for example, with this command:

tmux attach -t 0

And if you no longer want a particular session you can kill it:

tmux kill-session -t 0

You can see the full breakdown of sessions, their windows, and their panes by issuing this command:

tmux info

Other useful commands with more information:

tmux list-keys
tmux list-commands
man tmux

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How to change filesystem label with tune2fs

Some properties of ext2, ext3, and ext4 file systems on Linux and UNIX can be tuned on the fly using the tune2fs command. This includes the file system's label.

First of all let's list the existing values of a given file system using the -l option:

tune2fs -l /dev/sda1

You can also use dumpe2fs /dev/sda1 to list a lot more of the information about the file system, but the above command will neatly list all of the tunable values including the "Filesystem volume name", which is the file system label.

To change the label use the -L or –volume-label option followed by the new desired label. Keep in mind ext2 file system labels can be only 16 characters long, and will otherwise be truncated.

tune2fs -L /dev/sda1 MyFilesystem

Of course, replace "MyFilesystem" with your own desired label and /dev/sda1 with your own device. After you set the label you can specify this file system by its label when using programs like fsck and mount or in the /etc/fstab configuration file by using LABEL=MyFilesystem.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Keep iptables rules after reboot

The iptables command on Linux allows setting the rules for the Linux built-in firewall to follow when filtering packets flowing through the system. The iptables command applies to IPv4 packets and the ip6tables applies to IPv6 packets. When you make modifications to your set up you can save them using the iptables-save command for IPv4 rules and ip6tables-save for IPv6 rules:

In Debian or Ubuntu systems you would therefore do this for IPv4:

iptables-save > /etc/iptables/rules.v4

And this for IPv6:

ip6tables-save > /etc/iptables/rules.v6

And the same for RedHat Enterprise Linux or CentOS:

iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables

Then you would use the iptables-restore command to restore the saved rules:

iptables-restore < /etc/iptables/rules.v4

Manually restoring your own rules every time you boot the system may be a chore. Luckily there is an easy way to do this automatically. On Debian or Ubuntu just use the iptables-persistent package:

apt-get install iptables-persistent

If you saved your rules in /etc/iptables/rules.v4 as specified above they will load automatically on every boot.

For RHEL or CentOS systems you can simply enable the iptables service:

chkconfig iptables on

And make sure your rules are saved:

service iptables save

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How to use dpkg to compare two Linux servers

While we mainly install, remove, update and otherwise manage software on Debian and Ubuntu based systems using apt-get, the lower level packaging system that apt-get actually relies on is dpkg.

You can use dpkg to list all of the installed packages on the current system. Do this by passing the –get-selections option. The following is the command that would get all of the packages, sort them, and list them into an installed-packages file.

dpkg --get-selections|sort > installed-packages

Now you can do the same on your second Debian or Ubuntu server except you might want to name your file something like installed-packages2.

With those two files ready you can now compare them. Copy over the first file to the second system (or vice versa) and run the diff command to see the differences.

diff -u installed-packages installed-packages2 > compare-servers

This would compare the two lists and throw the results into compare-servers text file. Name it whatever you like. The -u option makes the results a little more readable, but you can alternatively use the -y option which will format the results in two columns, first representing the first file, and second representing the second file.

Studying the differences between package lists can help you figure out what the differences are between two server setups in terms of installed software, what does one have that the other doesn't. If you want to replicate installed packages of one system to another, or in other words, install all of the packages which are installed on the first system to the second system, you can do that with dpkg and apt-get.

First run the following to get dpkg to select packages to install, marking them for installation:

dpkg --set-selections < installed-packages 

And then run this apt-get command to get those packages installed:

apt-get dselect-upgrade

This also allows you to quickly and easily restore a given system after a fresh install, if you've saved the list of installed packages from a previous system before you deleted it. It is also possible to compare and restore system settings from the /etc directory, but that is beyond the scope of this post.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS