To allow SSH login as user root, edit file
vi /etc/ssh/sshd_config
Find
PermitRootLogin no
Replace with
PermitRootLogin yes
restart sshd.
systemctl restart sshd
Tag: linux
-
Allow SSH root login
-
Adding a group in Linux with addgroup
addgroup linux commanhd allow you to create a group.
addgroup [options] [--gid ID] group
Example
root@ok:~# addgroup sokadmin Adding group `sokadmin' (GID 1004) ... Done. root@ok:~#
Add a system group (normally group id below 500, run
addgroup --system [options] [--gid ID] group
-
PCI COMPLIANCE SSH Diffie-Hellman Modulus
When doing PCI COMPLIANCE scan got error related to SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam).
To fix the error, run
cp /etc/ssh/moduli /etc/ssh/moduli.backup awk '$5 > 2000' /etc/ssh/moduli > /etc/ssh/moduli
Edit file
vi /etc/ssh/sshd_config
Add at end of the file
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
Restart sshd
systemctl restart sshd
-
locate command on Linux
locate command find files on a linux server.
To install locate, run
On CentOS
yum install mlocate
On Debian/Ubuntu
apt install mlocate
locate searches through a static index of files. This is rebuild daily using cronjob. You can manually update it by running
updatedb
-
ack better grep for programmers
ack is a tool like grep optimized for programmers.
ack show the matched files name only
On Debian/Ubuntu, you can install it with apt
apt install ack
To install from source, run
curl https://beyondgrep.com/ack-v3.0.2 > /usr/local/bin/ack && chmod 0755 /usr/local/bin/ack
For installing for just one user, run
curl https://beyondgrep.com/ack-v3.0.2 > ~/bin/ack && chmod 0755 ~/bin/ack
On RHEL/CentOS, you may need to install dependency
yum install perl-version
For the latest version, always check
https://beyondgrep.com/install/
See grep
-
log
Logging Linux Commands for all users
Monitor Apache site traffic with Apachetop
Find IP with Most Access from Apache Log
Apache LogFormat show full domain name
Display real time statistics with Logtop
Cpanel find recently logged in users
How to get list of User-Agent from access logFind the most requested pages
awk '{print $7}' access_log.log | sort | uniq -c | sort -nr awk '{print $7}' access_log.log | sort | uniq -c | sort -nr | head -n 10To view the most used User Agents
cat access_log.log | awk -F\" '{print $6}' | sort | uniq -c | sort -nr | head -n 10 -
Monitor Apache site traffic with Apachetop
apachetop is a command line tool like top, that shows traffic on a web site. It used apache access log to show th stats. This will be useful to monitor a web sites traffic in real time.
cd /usr/local/src wget https://github.com/HostOnNet/apachetop/archive/master.zip unzip master.zip cd apachetop-master ./configure --with-logfile=/var/log/httpd/access_log make make install
If you need to set path to apache log file, configure with
./configure --with-logfile=/path/to/apache/log/file.log
On CentOS
yum install apachetop
On Ubuntu/Debian
apt install apachetop
Running apachetop with custom log file location
apachetop -f /path/to/apache/log/file.log
-
Resize a linux file system with resize2fs
On cloud servers, once you upgrade disk, you will need to resize the filesystem. On Linux ext4 file system, you can do this with command resize2fs.
To resize filesystem on /dev/sdb, run
root@leonestage:~# resize2fs /dev/sdb resize2fs 1.44.1 (24-Mar-2018) Filesystem at /dev/sdb is mounted on /mnt/HC_Volume_2899894; on-line resizing required old_desc_blocks = 2, new_desc_blocks = 3 The filesystem on /dev/sdb is now 10485760 (4k) blocks long. root@leonestage:~#
Here the full disk is used as file system with NO partition. If you have partion, you need to specify partition number like /dev/sdb1
-
Plesk move vhosts folder
Plesk use /var/www/vhosts folder to store sites. On some servers this folder will be on smaller partition. Say you have all disk space on partition /home, in such cause, you can use following command to move web site files to /home folder with following command.
plesk bin transvhosts.pl --dest-dir /home/ --correct-scripts
/home/ = you can replace this any any folder you wish. Plesk will move the site files, update the configuration as required.
NOTE: In this example, i used /var/www/vhosts instead of /home/ as the server was using non default folder for vhosts, i am moving all sites back to default location (/var/www/vhosts).
See Plesk
-
Bandwidth Limit on rsync
I wanted to transfer some files between two computers, but don’t want to use all bandwidth available on the network as it will affect other users on the network.
To limit bandwidth, use –bwlimit Option.
rsync -avzP --bwlimit=1500 /mnt/data/learn/css/BootStrap3/ [email protected]:/home/php-tutorial/BootStrap3/
Here –bwlimit=1500 will limit bandwidth usage to 1.5 MB/s.
See rsync
-
Redirect a site to HTTPS using PHP
This PHP script will redirect website visitors to HTTPS (SSL) URL. You can add this in your index.php of the website
if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ) { header("HTTP/1.1 301 Moved Permanently"); $newUrl = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; Header("Location: $newUrl"); exit; }To redirect visitors to a new URL using PHP, use the following PHP code
$newUrl = "https://NEW-URL-HERE" . $_SERVER['REQUEST_URI']; header("HTTP/1.1 301 Moved Permanently"); Header("Location: $newUrl"); exit;You can also use Apache mod_rewrite .htacess to do the redirection.
-
Install x11vnc on Ubuntu
To install x11vnc on Debian/Ubuntu, run
apt install -y x11vnc
To start vnc server, run
x11vnc -display :0
By default, there will be no password. To set password, run
x11vnc -storepasswd
To start x11vnc server with password, run
x11vnc -rfbauth ~/.vnc/passwd