Category: Linux
-
Firefox profile
Here is shortcut i use for my firefox profile
boby@hon-pc-01:~$ cat ~/.local/share/applications/firefox-vpn.desktop [Desktop Entry] Version=1.0 Name=Firefox VPN Comment=Browse the World Wide Web GenericName=Web Browser Keywords=Internet;WWW;Browser;Web;Explorer Exec=firefox -P vpn -private-window --class=Firefox-VPN %u Terminal=false X-MultipleArgs=false Type=Application Icon=go-home Categories=GNOME;GTK;Network;WebBrowser; MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/chrome;video/webm;application/x-xpinstall; StartupNotify=true Actions=new-window;new-private-window; [Desktop Action new-window] Name=Open a New Window Exec=firefox -P vpn -new-window [Desktop Action new-private-window] Name=Open a New Private Window Exec=firefox -P vpn -private-window boby@hon-pc-01:~$
-
Encrypting a file using OpenSSL
To encrypt a file, run
openssl enc -aes-256-cbc -in FILE -out FILE.enc
To decrypt, use
openssl enc -d -aes-256-cbc -in FILE.enc -out FILE
You can use -k option to provide password in commend line itself so it won’t prompt for password.
Here is a script i use to take backup
boby@hon-pc-01:~$ cat ~/bin/backup-my-files #!/bin/bash cd $HOME/work/ rm -f myfiles.tar.gz myfiles.tar.gz.openssl tar --exclude='MY_FILES/.git' -zcvf myfiles.tar.gz MY_FILES openssl enc -aes-256-cbc -in /home/boby/work/myfiles.tar.gz -out myfiles.tar.gz.openssl echo "Backup available in folder $HOME/work" echo "You can decrypt file using" echo "" echo "openssl enc -d -aes-256-cbc -in myfiles.tar.gz.openssl -out myfiles.tar.gz" boby@hon-pc-01:~$
-
Apache SSL
Here is a non-SSL Apache virtual host.
<VirtualHost *:80> ServerName serverok.in ServerAdmin [email protected] DocumentRoot /home/serverok.in/html CustomLog ${APACHE_LOG_DIR}/serverok.in.log combined <Directory "/home/serverok.in/html"> Options All AllowOverride All Require all granted Order allow,deny allow from all </Directory> </VirtualHost>To convert it to SSL VirtualHost, first change the port to 443
Find
<VirtualHost *:80>Replace with
<VirtualHost *:443>Add the above Directory entry
SSLEngine on SSLCertificateFile /etc/ssl/DOMAIN.crt SSLCertificateKeyFile /etc/ssl/DOMAIN.keyThe resulting VirtualHost will look like
<VirtualHost *:443> ServerName serverok.in ServerAdmin [email protected] DocumentRoot /home/serverok.in/html CustomLog ${APACHE_LOG_DIR}/serverok.in.log combined SSLEngine on SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLCertificateFile /etc/ssl/serverok.in.crt SSLCertificateKeyFile /etc/ssl/serverok.in.key <Directory "/home/serverok.in/html"> Options All AllowOverride All Require all granted Order allow,deny allow from all </Directory> </VirtualHost>For added security, you can use the following config
SSLEngine on SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:!TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:!TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:!DSSEnable mod_ssl
If you get the following error
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configurationYou need to enable mod_ssl, to do this, run
On Debian/Apache, run
sudo a2enmod sslRestart Apache
sudo service apache2 restartForce SSL
You can add the following code to Apache virtualhost for the website
Redirect 301 / https://domain.ltd/ -
time
- How to set time on Linux Server
- How to sync NTP time with chrony
- How to sync NTP time with systemd-timesyncd
- ntpdate
- Set server time PST/PDT
- Determine the Default Time Zone on Linux
Timestamp in Bash Script
TIME_STAMP="$(date +%Y%m%d-%H%M%S)"for timestamp like 2020-01-23 15:12:45, use
TIME_STAMP="$(date "+%Y-%m-%d %H:%M:%S")"For file name
date +"%Y-%m-%d-%H-%M-%S"Time stamp in PHP
$now = date("Y-m-d-h:i:s");Taking backup
mysqldump -u root -p'mv9wCAcDE3CnBV' serverok_wp > ~/serverok_wp-`date +"%Y-%m-%d-%H-%M-%S"`.sqlAlaram/stopwatch
Time Tracking
-
ntpdate
ntpdate allows you to update server time with ntp servers.
To install, run
apt install ntpdate
To update server time, run
ntpdate ntp.ubuntu.com
Example
root@ip-172-26-2-47:~# ntpdate ntp.ubuntu.com 3 Mar 20:32:54 ntpdate[17295]: adjust time server 91.189.91.157 offset -0.000047 sec root@ip-172-26-2-47:~#
Auto Update Server time with cronjob
Method 1
echo "ntpdate time-a.nist.gov" > /etc/cron.daily/ntpdate chmod 755 /etc/cron.daily/ntpdate
Method 2
Set following cronjob
30 22 * * * /usr/sbin/ntpdate -b -s 1.pool.ntp.org
-
locale-gen
To generate
locale-gen en_US.UTF-8
If you get error setlocale: LC_ALL: cannot change locale
echo "LC_ALL=en_US.UTF-8" >> /etc/environment echo "LANG=en_US.UTF-8" > /etc/locale.conf echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen locale-gen en_US.UTF-8
bash: locale-gen: command not found
bash: warning: setlocale: LC_ALL: cannot change locale
language -
swap
First create a 2 GB file
dd if=/dev/zero of=/swapfile bs=1M count=4096
For 8 GB, use count=8192. You can also use fallocate command instead of dd.
fallocate -l 8G /swapfile
Make it swap
mkswap /swapfile chmod 0600 /swapfile swapon /swapfile
Add it to /etc/fstab
echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
-
DNS Tools
Reverse DNS/rDNS/PTR Record
How to delete Google Cloud DNS ZoneDNS Tools
- https://dnschecker.org
- https://intodns.com
- https://dnsmap.io
- http://leafdns.com
- https://dnsviz.net
- https://www.dnsperf.com
- dig
- Google Public DNS Query Tool
- DNSSEC Debugger
- Find all sites using a specific nameserver
DNS History
- https://securitytrails.com/ – IP history
- https://completedns.com/dns-history/ – DNS History
DNS Propagation Checker
- https://dnsmap.io – check DNS propogation from differnt countries.
- Whatsmydns.net – check DNS propogation from differnt countries.
- https://dns.google – check DNS propogation from differnt countries.
DNS
- Free DNS Hosting
- Delegate a sub-domain to DNS server
- Find Reverse-DNS/PTR using dig, nslookup, host
- dnsmasq
- Install Cpanel DNS Only Server
- How to find all subdomains of a domain
DNS Resolver
- /etc/resolv.conf
- Ubuntu Configure systemd-resolved
- Public DNS Resolver
- Install Unbound DNS caching server
DNS Errors
-
Radio
allow you to run your own radio station. It allow you to manage you media, playlists. It support IceCast and Shutcast as media servers.