Enable Text Console Support in Ubuntu

There are three ways to access the command line interface in Ubuntu, as on any Linux and UNIX distribution. One is launching the terminal emulator program within the graphical user interface. The other two are about accessing the console directly, independent of the graphical user interface and the windowing system powering it (typically X server), and that's what we're concerned with here.

The quickest way to get to the console in Ubuntu is to just press Ctrl-Alt-F1. You will immediately be thrown out of the GUI and into the clean Linux console where you can log in and use the command line. Multiple console terminals are available this way if you press Ctrl-Alt-F2, Ctrl-Alt-F3, and so on.

However, what you might want is to get into the text console when you boot into Ubuntu instead of booting directly into the graphics mode. For that you'll need to make some configuration changes to your GRUB bootloader. The configuration file you will need to modify is /etc/default/grub, and it is a good idea to make a backup of it first in case you ever want to come back to the original configuration:

sudo cp /etc/default/grub /etc/default/grub.backup

With that out of the way you can start modifying the configuration file by opening it, with superuser privileges, in a text editor such as nano:

sudo nano /etc/default/grub

Enter your password and the file will open. Then look for this line: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash". Using nano you can search for this line by pressing the Ctrl-W shortcut and typing that line in. You just need to comment it out by putting a hash character in front of it so it looks like this:

# GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

As you might guess this disables booting with the splash screen, and the "quiet" mode, meaning it wouldn't hide the console output during boot.

Next enable the text mode finding GRUB_CMDLINE_LINUX and adding the "text" option to it. The line will then look like this:

GRUB_CMDLINE_LINUX="text"

This will ensure that you see the text output, but still doesn't enable the console login. For that find the #GRUB_TERMINAL line, which is likely commented out, uncomment it by removing the # character, and add the "console" option to it so it reads like this:

GRUB_TERMINAL=console

Finally save the file, which in nano you can do by pressing Ctrl-X and then enter, and make sure to update GRUB with the new configuration using the update-grub command:

sudo update-grub

Now you can reboot and Ubuntu should boot in the text mode, and allow you to log in to the console and run the desired commands.

Changing Passphrase to your SSH Private Key

If you need to change or add a passphrase to your existing SSH private key just use ssh-keygen, the same tool which creates the key in the first place. Just add the -p option to specify you want to change an existing private key's passphrase instead of creating a new private key. So running this command will be changing the passphrase of the current user's private key, stored in ~/.ssh/:

ssh-keygen -p

If you have your key elsewhere and want to specify the file where it is then use the -f option followed by the path to the key file, and then the -p option:

ssh-keygen -f id_rsa -p

Just replace id_rsa with the path to your key file if you're not in the same directory as the file.

If you have an existing passphrase ssh-keygen will first ask you to enter that before allowing you to set the new passphrase, and if you haven't had a passphrase before then it will just allow you to set one.

Using md5deep for Comparing Directories in Unix

You can compare the contents of two directories by their md5 hashes, which could be useful when you want to make sure that a sync operation went smoothly, for instance. By inspecting the hashes of all the files in the directory and confirming they're identical you can rest assured all data was copied successfully and fully.

You can use md5sum to get the md5 sums of all the files in a directory, but comparing like this could be pretty daunting:

md5sum dir/*

This outputs a list of all files with their md5 sums.

A better way is using md5deep instead. If you don't have it you can most likely install it using your package manager very easily (sudo apt-get install md5deep on Ubuntu).

Then if you run the following you'll get a list of md5 sums of all files in the directory as well as the files of sub-directories:

md5deep -r dir/

The real solution is in the ability of md5deep to compare its own outputs. First you get the md5 sums in a file:

md5deep -r -s /dir1> dir1sums

And then have md5deep read that file and compare the second directory to it:

md5deep -r -X dir1sums /dir2

If there is no output that means the directories are identical. Otherwise it will display the hashes of files that are different. Thus the comparison has been accomplished.

How to Confirm which Ports are Open on Your Linux System

If you wish to see which ports are open on your Linux system, perhaps to check your configuration, you can use the nmap tool. It's a powerful tool, but we'll focus on just this simple task.

If you don't have nmap, first install it. For example, on Ubuntu just run sudo apt-get install nmap. On Fedora it should be sudo yum install nmap. On Arch it should be sudo pacman -Sy nmap.

Once you've got nmap just run this simple command. Note that we're running it with superuser privileges (sudo), which is necessary.

nmap localhost

Your output may look something like this:

Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-26 23:56 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0089s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 994 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
53/tcp   open  domain
80/tcp   open  http
443/tcp  open  https
3306/tcp open  mysql

So it shows you the open port numbers and the service that is using each. The above is pretty standard stuff. If you don't see what you expected you should check your configuration.

If you'd like to do more with nmap you can explore the nmap built in documentation by running man nmap, which contains a breadth of information.

How to Patch Bash Against Shellshock

Since you're reading this you're probably already aware of what Shellshock is; a number of vulnerabilities found in the widely used Bash shell system in the summer of 2014. The quickest and easiest way to patch against these vulnerabilities and ensure the safety of your system is to update your Bash to the latest version. Here are the update commands for the popular Linux distributions.

Fedora

yum update bash -y

Ubuntu

apt-get update; apt-get install --only-upgrade bash

Arch

pacman -Syu

That should have you covered. However, if for any reason you wish to apply the available patches yourself you can do so by running the following commands. We'll explain what each does.

First enter your home directory, create (mkdir) the "bash" directory in it, and enter it.

cd ~/ && mkdir bash && cd bash

Download the bash source package from the official server.

wget https://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz

Then download the relevant patches. This command should automatically get the ones you need.

while [ true ]; do i=`expr $i + 1`; wget -N https://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$(printf '%03g' $i); if [ $? -ne 0 ]; then break; fi; done

Extract the bash package and enter its directory.

tar zxvf bash-4.3.tar.gz && cd bash-4.3

Apply all of the patches that have been previously downloaded with this:

for p in `ls ../bash43-[0-9][0-9][0-9]`; do patch -p0 < $p; done

And then recompile the newly patched bash and install.

./configure && make && make install

If you want to just compile it, but not install to your system, simply remove the && make install part from the command.

Or you could simply run this one line that downloads the above as a script and does it all for you automatically:

curl https://shellshocker.net/fixbash | sh

The script is provided by Shellshocker.net, which has detailed information about the vulnerabilities, testing, updating and patching.

If you're on a Mac just download and install the patches provided by Apple. It should be pretty straightforward. Here they are for Mavericks, Mountain Lion, and Lion.

And that's all there is to it.

How to Check If Your System is Vulnerable to Shellshock

Shellshock refers to a set of vulnerabilities discovered in late summer 2014 that affects Bash (Bourne again shell), a command line shell program used on all Linux systems and almost all UNIX systems, including Mac OSX. If Bash on your system is still vulnerable it could allow an attacker to take control of parts of your systems and run potentially harmful programs by manipulating the environment variables using this Bash vulnerability.

Fortunately, it is fairly easy to check whether your system is vulnerable, and just as easy to fix it. Just run this one command to test your system:

curl https://shellshocker.net/shellshock_test.sh | bash

This is provided by Shellshocker.net, which allows you to easily check your system for the shellshock vulnerability and provides detailed information about it, and how to fix it. The command simply downloads and runs their shellshock_test.sh bash script that probes your installation for all known vulnerabilities and tells you if you're vulnerable and to which. They list the commands that this script will run on the site, and you can also inspect the script's code by opening it in a text editor.

If you are vulnerable it just means you need to upgrade Bash on your system to the latest patched version, or apply provided patches. On most Linux distributions just a simple security update should do the trick or you could opt to update only Bash specifically. Here are example update commands for popular distributions:

Fedora

yum update bash -y

Ubuntu

apt-get update; apt-get install --only-upgrade bash

Arch

pacman -Syu

More detailed information including how to build from source if you want to take that route are available at Shellshocker.net.

If you are on Mac OSX you just need to install a patch Apple made available for Mavericks, Mountain Lion, and Lion depending on which of these OSX versions you are on. Installing an update should be as straightforward as launching and running it.

This vulnerability shows just how plausible it is for a massive number of systems to become vulnerable due to a bug in a single ubiquitous piece of software, but more importantly, it underscores the importance of keeping your systems up to date at all times.

How to Change tmux Meta Key to a Better One

The tmux tool, or the terminal multiplexer, is great for allowing you to run multiple terminals side by side. What's even better is that you can somewhat customize its behavior using the tmux.conf file. The meta key is the prefix you press before you issue a command that controls tmux so you can, for instance, split the terminal in two. By default it is set to CTRL-B, and this is how you can change that.

First create the tmux.conf file in your home directory

nano ~/.tmux.conf

This will open the nano text editor where you can enter the contents of the file. To change the prefix to CTRL-Y, for example, you would enter this:

### command prefix
unbind C-b
set-option -g prefix C-y

Then save the file by pressing CTRL-X and hitting enter to confirm.

As you can see the unbind C-b option tells tmux to rescind the default keyboard shortcut, and the set-option -g prefix C-y tells it to set a new one as the prefix, which is CTRL-Y. So if you have a different shortcut in mind just replace C-y with something else, like C-Space for CTRL-Space, which might actually be a great option. If you want to bind the windows key you could try Super_L.

If you're not sure which key codes represent which keys on your keyboard you might want to run xev and then press the desired keys to get their codes. The caveat is that for xev to work you'll need to have X installed and running, which will be the case on any desktop Linux system.

How to Rename a Disk Partition in OSX

There are multiple ways to rename a disk partition in OSX, and both should work well depending on your situation.

Use Finder

You can simply use the Finder to change the disk partition name. In Finder click on the name of your computer, which should be at the top of your file tree, find your partition there, and then just right click on it and click Get info. In the dialog that opens you can easily enter a new name.

Use the command line

In OSX you can also use a command line diskutil tool to rename your partition. Open up the Terminal app, and enter the following command, replacing "old" with your old name, and "new" with your new desired name.

/usr/sbin/diskutil rename old new

For example you could do this to change a partition named "Macintosh HD" to My Mac:

/usr/sbin/diskutil rename "Macintosh HD" "My Mac"

As you can see you can use quotes in the name.

Note that depending on your set up, that is if your user home directory is not in the root partition, you may have to update your home directory path in System Preferences.

Most useful options in rsync

The rsync command line tool is an invaluable tool for advanced copying and syncing operations, particularly useful for efficiently making and maintaining backups. It can be used to copy and sync files from any source and to any destination both locally and remotely. It is famous for its ability to copy only the differences in files rather than the whole files when they have been modified, which drastically reduces the required bandwidth.

Rsync commands are written in the following format: rsync -options [source] [destination].

Here is an example:

rsync -avz data/ /media/backups/data

This will copy all the files and folders from the data directory to /media/backups/data, which could be on your external backup device. This example already contains three commonly used and useful options:

-a copies recursively (all directories and subdirectories) while preserving symbolic links, permissions, file ownerships and timestamps. Similar to -r except that -r does not preserve permissions and timestamps-

-v shows verbose output, telling you more of what it's doing.

-z uses compression when transferring, which can speed up the transfer, especially over the network.

There are, of course, other useful options that can be added, such as:

-h displays numbers in a human readable form, easier to understand the amount of data transferred.

–stats shows statistics on file transfers if you want even more insight into the statistics of the transferred data.

-m prunes empty directories

-n so called "dry run", that is, it simulates what it would do with a given command without actually making any changes. Could be very useful if you want to make sure you don't screw up and end up losing your data.

-p preserve permissions, in case you're using the -r option instead of -a or don't use recursive syncing, but want to preserve permissions.

-e allows specifying the remote shell to use when you want to use the remote source or destination.

With the -e option you can, for example, use ssh to transfer data with rsync. It would look something like this:

rsync -avze ssh data user@example.com:/home/backups/

When you run a command like this it will ask you for your remote SSH server password, and then copy over the contents of the data directory to /home/backups/ on the remote system.

As with most standard Linux and UNIX utilities, you can run man rsync to quickly get more information about what other options are available, but this should cover most important uses.

5 things you can do with netstat command

The netstat command, which stands for "network statistics", can show you a lot of information about your network including statistics on connections to and from others on the network, used network interfaces, services, ports, and routing tables.

So what could all this information be used for? Just running netstat alone will give you an overview of your network, which will show a list of addresses connected to your system, over which port they're connected, and what services or programs they're talking to.

Here are five relatively simple examples of what you can actually do with netstat.

1. Show who is connected to your system

One of the most useful things you can do with netstat is show exactly who is connected to your system either through an incoming or outgoing connection (whether it is your system which initiated it or the other system). This will simply list all of them:

netstat -a

Look at the "Foreign Address" column to see where the connection is coming from, and "Local Address" to see what on the local machine is it connected.

The following command will show just the TCP (-t) and UDP (-u) connections:

netstat -tua

If you want to turn off hostnames, or domain names, and display only IP numbers just add the -n option.

netstat -tuan

If you want it to display this continuously to see as connections come and go add the -c option.

netstat -tuanc

Needless to say, perhaps, with IP addresses of everyone connecting revealed you can use other tools like traceroute to determine where exactly is it coming from.

2. Show listening ports

If you'd like to see which services are actually listening for incoming connections, perhaps to ensure you don't have something listening that you don't want to be listening, just use the -l option.

netstat -l

You can also limit this to only a specific type of traffic, like TCP in this example (for UDP just use -u):

netstat -lt

3. Find the port used by a program

We can get a little bit more specific by combining the netstat command with other common UNIX utilities like grep, in this example, where we make it easier to find which port is used by a program. We use grep to conveniently dig this info out of the netstat output:

netstat -ap | grep znc

In this example we get a list of all connections mentioning ZNC with the ports it is using, and addresses it is connected to.

4. Check on the routing table

With netstat you can easily see the kernel IP routing table being used on your system using the -r option:

netstat -r

5. Show all statistics

Being a statistics utility you can of course see a summary of a great number of statistics about your system's networking. Just run the netstat command with the -s option:

netstat -s

This will display a huge list of statistics, but you'll immediately recognize the most interesting ones depending on what you're looking for. For example you can see a total number of packets received, number of active TCP connections, and a number of extended more detailed statistics for each protocol.

Note

These examples are based on netstat in Linux, where it has been succeeded by the ss command from the iproute2 package, but it should apply to most UNIX and UNIX like systems. You can also check the manual page readily available via the man netstat command for more information.