Solutions Log » sysadmin

Remote Mirroring Using nc and dd

Dan — Mon, 10 Aug 2009 16:58:06 +0000

You can use the dd and nc commands for exact disk mirroring from one server to another. The following commands send data from Server1 to Server2:

1 2	Server2# nc -l 12345 \| dd of=/dev/sdb Server1# dd if=/dev/sda \| nc server2 12345

Make sure that you issue Server2's command first so that it's listening on port 12345 when Server1 starts sending its data.

Unless you're sure that the disk is not being modified, it's better to boot Server1 from a RescueCD or LiveCD to do the copy.

Reference: http://www.linuxjournal.com/content/tech-tip-remote-mirroring-using-nc-and-dd

Add syslog forwarding host to syslog-ng

Dan — Wed, 06 May 2009 20:45:05 +0000

# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.7 2007/08/02 04:52:18 mr_bones_ Exp $
#
# Syslog-ng default configuration file for Gentoo Linux
# contributed by Michael Sterrett

options {
        chain_hostnames(off);
        sync(0);

        # The default action of syslog-ng 1.6.0 is to log a STATS line
        # to the file every 10 minutes.  That's pretty ugly after a while.
        # Change it to every 12 hours so you get a nice daily update of
        # how many messages syslog-ng missed (0).
        stats(43200);
};

source src {
    unix-stream("/dev/log" max-connections(256));
    internal();
    file("/proc/kmsg");
};

destination messages { file("/var/log/messages"); };
destination splunk { tcp("hostname-or-ip" port(9998)); };

# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };
# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };

log { source(src); destination(messages); };
log { source(src); destination(splunk); };
log { source(src); destination(console_all); };

Recursively delete .svn directories

Dan — Fri, 10 Apr 2009 20:17:02 +0000

Abstract

This is a simple example of a unix command, which recursively deletes subversion .svn folders. Subversion is a well-spread open-source revision control application. Every copy of source code received from subversion repository has .svn folders, which store metadata. However, if you want to use or distribute source code for end-user consumption, these folders are not necessary. A simple svn export [repository] is suitable.

Compatible

Linux, FreeBSD, Mac OS X, Cygwin...
Nearly any unix-compatible system with rm and find

We use find command to find all .svn folders beginning from current directory.

$ find . -type d -name .svn

./.svn
./sourceA/.svn
./sourceB/.svn
./sourceB/module/.svn
./sourceC/.svn

It is possible to pass these directories directly to rm command, using grave accent quotes (key to left of '1')

$ rm -rf `find . -type d -name .svn`

So, this will remove every .svn folder beginning from current directory.

Source code: bash script

#!/bin/sh

echo "recursively removing .svn folders from"
pwd
rm -rf `find . -type d -name .svn`

You may save this script to /usr/bin/csvn (or other binary folder included in path) and use later to get 'clean' project source without typing lengthy commands.

For example,

$ svn checkout svn://server.com/svn/project
A    project/index.php
A    project/sourceA/a.php
A    project/sourceA/a1.php
A    project/sourceA/a2.php
A    project/sourceB/b.php
A    project/sourceB/module/lib.php
A    project/sourceC/c.php
Checked out revision 15.

$ cd project
$ csvn

Warning
Always check you current working directory before calling 'csvn'.

Setting up public key authentication over SSH

Dan — Wed, 28 Jan 2009 17:15:47 +0000

Generate key on local machine

1	ssh-keygen -t rsa

It will ask you for a password but you can leave it blank.

Note you could also pick -t dsa if you prefer.
Ensure that the remote server has a .ssh directory

Make sure the server your connecting to has a .ssh directory in your home directory. If it doesn't exist you can run the ssh-keygen command above, and it will create one with the correct permissions.
Copy your local public key to the remote server

If your remote server doesn't have a file called ~/.ssh/authorized_keys2 then we can create it. If that file already exists, you need to append to it instead of overwriting it, which the command below would do:

1	scp ~/.ssh/id_rsa.pub remote.server.com:.ssh/authorized_keys2

Now ssh to the remote server

Now you can ssh to the remote server without entering your password.
Security

If you are unable to login without being prompted for a password it is likely the result of improper permissions being set on .ssh/ and its children. SSH is picky about permissions; to fix the problem, ssh to the remote server and issue the following command:

1	chmod -R 700 .ssh/

Now keep in mind that all someone needs to login to the remote server, is the file on your local machine ~/.ssh/id_rsa, so make sure it is secure.

Reference: http://www.petefreitag.com/item/532.a

Remove SSL key file pass-phrase

Dan — Sun, 11 Jan 2009 18:55:31 +0000

Sometimes you may want to remove the pass-phrase from your SSL key file. A specific use case is with a webserver (Apache, Cherokee, etc) where you do not want to be prompted to enter the pass-phrase each time the server starts. Requirements like these can get in the way of automated system procedures.

Removing the password is simple:

1	root# openssl rsa -in www.yourdomain.com.key -out www.yourdomain.com.key

Reference: http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html