To allow SSH login as user root, edit file
vi /etc/ssh/sshd_config
Find
PermitRootLogin no
Replace with
PermitRootLogin yes
restart sshd.
systemctl restart sshd
Category: Linux
-
Allow SSH root login
-
Adding a group in Linux with addgroup
addgroup linux commanhd allow you to create a group.
addgroup [options] [--gid ID] group
Example
root@ok:~# addgroup sokadmin Adding group `sokadmin' (GID 1004) ... Done. root@ok:~#
Add a system group (normally group id below 500, run
addgroup --system [options] [--gid ID] group
-
PCI COMPLIANCE SSH Diffie-Hellman Modulus
When doing PCI COMPLIANCE scan got error related to SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam).
To fix the error, run
cp /etc/ssh/moduli /etc/ssh/moduli.backup awk '$5 > 2000' /etc/ssh/moduli > /etc/ssh/moduli
Edit file
vi /etc/ssh/sshd_config
Add at end of the file
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
Restart sshd
systemctl restart sshd
-
locate command on Linux
locate command find files on a linux server.
To install locate, run
On CentOS
yum install mlocate
On Debian/Ubuntu
apt install mlocate
locate searches through a static index of files. This is rebuild daily using cronjob. You can manually update it by running
updatedb
-
ack better grep for programmers
ack is a tool like grep optimized for programmers.
ack show the matched files name only
On Debian/Ubuntu, you can install it with apt
apt install ack
To install from source, run
curl https://beyondgrep.com/ack-v3.0.2 > /usr/local/bin/ack && chmod 0755 /usr/local/bin/ack
For installing for just one user, run
curl https://beyondgrep.com/ack-v3.0.2 > ~/bin/ack && chmod 0755 ~/bin/ack
On RHEL/CentOS, you may need to install dependency
yum install perl-version
For the latest version, always check
https://beyondgrep.com/install/
See grep
-
log
Logging Linux Commands for all users
Monitor Apache site traffic with Apachetop
Find IP with Most Access from Apache Log
Apache LogFormat show full domain name
Display real time statistics with Logtop
Cpanel find recently logged in users
How to get list of User-Agent from access logFind the most requested pages
awk '{print $7}' access_log.log | sort | uniq -c | sort -nr awk '{print $7}' access_log.log | sort | uniq -c | sort -nr | head -n 10To view the most used User Agents
cat access_log.log | awk -F\" '{print $6}' | sort | uniq -c | sort -nr | head -n 10 -
Monitor Apache site traffic with Apachetop
apachetop is a command line tool like top, that shows traffic on a web site. It used apache access log to show th stats. This will be useful to monitor a web sites traffic in real time.
cd /usr/local/src wget https://github.com/HostOnNet/apachetop/archive/master.zip unzip master.zip cd apachetop-master ./configure --with-logfile=/var/log/httpd/access_log make make install
If you need to set path to apache log file, configure with
./configure --with-logfile=/path/to/apache/log/file.log
On CentOS
yum install apachetop
On Ubuntu/Debian
apt install apachetop
Running apachetop with custom log file location
apachetop -f /path/to/apache/log/file.log
-
imunify360
Imunify360 is paid version of Imunify. It provides additional protection like Web Application Firewall, Real-time protection, and automated malware cleaning.
- How to install Imunify360 Anti Virus
- How to uninstall Imunify360 on Cpanel Server
- Cheap Imunify360 license
- imunify360 find license details
- Whitelist an IP address in imunify360
- imunify get list of all infected files
Update license
REG_KEY=XXXXX imunify360-agent registerIf you have IP based license, use
imunify360-agent register -
Resize a linux file system with resize2fs
On cloud servers, once you upgrade disk, you will need to resize the filesystem. On Linux ext4 file system, you can do this with command resize2fs.
To resize filesystem on /dev/sdb, run
root@leonestage:~# resize2fs /dev/sdb resize2fs 1.44.1 (24-Mar-2018) Filesystem at /dev/sdb is mounted on /mnt/HC_Volume_2899894; on-line resizing required old_desc_blocks = 2, new_desc_blocks = 3 The filesystem on /dev/sdb is now 10485760 (4k) blocks long. root@leonestage:~#
Here the full disk is used as file system with NO partition. If you have partion, you need to specify partition number like /dev/sdb1
-
Bandwidth Limit on rsync
I wanted to transfer some files between two computers, but don’t want to use all bandwidth available on the network as it will affect other users on the network.
To limit bandwidth, use –bwlimit Option.
rsync -avzP --bwlimit=1500 /mnt/data/learn/css/BootStrap3/ [email protected]:/home/php-tutorial/BootStrap3/
Here –bwlimit=1500 will limit bandwidth usage to 1.5 MB/s.
See rsync
-
Install x11vnc on Ubuntu
To install x11vnc on Debian/Ubuntu, run
apt install -y x11vnc
To start vnc server, run
x11vnc -display :0
By default, there will be no password. To set password, run
x11vnc -storepasswd
To start x11vnc server with password, run
x11vnc -rfbauth ~/.vnc/passwd
-
Upload all files to FTP server using lftp
lftp allow you to upload all files and sub folders using single command. With normal ftp command, you need to use put/mput command many times to do the same.
To download all files from FTP server, use “mirror” command. mirror command also allow you to upload files to remote server by specifying -R (reverse mirror) option.
This is very useful for uploading files from SSH shell account.
For help, use ? in lftp command prompt. To get help for specific command use
help
Exampe
help mirror
To upload all files from local folder to remote server, run
lftp -d -u FTP_USER,FTP_PASSWORD FTP_SERVER_IP set ftp:ssl-allow no mirror -R /var/flashwebhost/vshare2.7/ public_html
Following will upload vshare2.7 folder to FTP root folder.
unzip vshare2.7.zip lftp -d -u FTP_USER FTP_SERVER_IP set ftp:ssl-allow no mirror -R vshare2.7
See lftp