Sunday, 15 November 2015

How to copy files remotely over ssh

SCP stands for secure cp (copy), It allows files to be copied to, from, or between different hosts. It uses ssh for data transfer and securely encrypted.

Syntax:
scp [[user@]host1:]file1 ... [[user@]host2:]file2

Examples:

  • Copy the file "foo.txt" from a remote host to the local host
    • $scp username@remotehost.com:foo.txt  /local/linuxinanutshell
  • Copy the file "foo.txt" from the local host to a remote host
    • $scp foo.txt username@remotehost.com:/remote/linuxinanutshell 
  • Copy multiple files using single command
    • $scp file1.txt file2.txt file3.txt username@remotehost.com:/remote/linuxinanutshell

To Increase Speed of scp command:
If you need more speed and still have security, you can use Blowfish or RC4.
scp -c blowfish username@remotehost.com:foo.txt  /local/linuxinanutshell

Or use RC4 which seems to be the fastest
scp -c arcfour username@remotehost.com:foo.txt  /local/linuxinanutshell .

This last one is not very secure, and it may not be used if security is really an issue for you.

You can also limit the bandwidth used by scp command:
Syntax:
scp -l limit username@server:/path/to/file /path/to/folder

Where limit is specified in Kbit/s. So for example, if you want to limit speed at 100 Kbps
Example:
scp -l100 username@remotehost.com:foo.txt  /local/linuxinanutshell 
Posted by at No comments:

Saturday, 14 November 2015

Set Time, Date Timezone in Linux from Command Line

Correct Date & Time in Operating System is very important and lot of things depends on it such as application compilation, etc. To view Date through command line:
$ date
Sat Nov 14 14:14:18 IST 2015

To set the year:
date -s 'next year'
date -s 'last year'

To set the month:
date -s 'last month'
date -s 'next month'

To set the day:
date -s 'next day'
date -s 'tomorrow'
date -s 'last day'
date -s 'yesterday'
date -s 'friday'

To set all together:
$ date -s '2015-11-15 14:21:30'
Sun Nov 15 14:21:30 IST 2015

To change part of the date, enter the date part that you want to change as a string and remains all others as date formatting variables. Refer below command which sets the 2016 year
$ date -s "$(date +'2016%m%d %H:%M')"
Mon Nov 14 14:25:00 IST 2016

The date formats are:

  • %Y - Year
  • %m - Month
  • %d - Day
  • %H - Hour
  • %M - Minute

Hardware time

Now the system time is set, but you may want to sync it with the hardware clock:

Use --show to print the hardware time:
hwclock --show

You can set the hardware clock to the current system time:
hwclock --systohc

Or the system time to the hardware clock:
hwclock --hctosys

To set the timezone

To set the timezone of your system clock do the following:
cp /usr/share/zoneinfo/Asia/Kolkata  /etc/localtime

Automatically adjust your system clock

To have your system to automatically adjust time we need to install ntp. Get it from your repository. Once installed you can configure it by editing configuration file /etc/ntpd.conf

Make sure to start the daemon, and to make it start automatically when the system boots.
/etc/init.d/ntpd start

To update from the command line against a time server:
ntpdate 10.22.10.4
Posted by at No comments:

Sunday, 1 November 2015

What is SELinux

SELinux
       SELinux (Security Enhanced Linux) is a Mandatory Access Control system built on Linux's LSM (Linux Security Modules) interface. In practice, the kernel queries SELinux before each system call to know whether the process is authorized to do the given operation.
       SELinux uses a set of rules — collectively known as a policy — to authorize or forbid operations. Those rules are difficult to create. Fortunately, two standard policies (targeted and strict) are provided to avoid the bulk of the configuration work.


Policies
       Policy - A set of declarations and rules, telling the SELinux core in the kernel what is permitted and how to behave in different situations

  • Targeted policy - A policy based upon the paradigm, that only a few selected applications should be restricted by SELinux. All other activity relies on good old UNIX security
  • Strict policy - A policy which attempts to control all activity with SELinux


Do I have SELinux?
       If you have a /selinux directory with something in it, SELinux is loaded in the kernel. Also try the sestatus command:
$ sestatus | grep -i mode
Current mode:                   enforcing
Mode from config file:          enforcing
Note: SELinux is enabled and in enforcing mode.


What SELinux is actually doing?
       SELinux is loaded in the kernel and performs three ongoing tasks, based upon the rules loaded from user space (i.e. the Policy):

  • Grant or deny access permission to processes requesting to perform action on objects
  • Grant or deny permission for context changes of objects and processes.
  • Decide what context to give to new objects and processes at their creation.

SELinux permissions are given on top of classic UNIX permissions. An action will take place only if both permissions are granted.

Enabling or Disabling Enforcement
       You can enable and disable SELinux enforcement at runtime or configure it to start in the correct mode at boot time, using the command line or GUI. SELinux can operate in one of three modes:

  • Disabled: meaning not enabled in the kernel.
  • Permissive: meaning SELinux is running and logging but not controlling permissions.
  • Enforcing: meaning SELinux is running and enforcing policy.

Use the setenforce command to change between permissive and enforcing modes at runtime. Use setenforce 0 to enter permissive mode; use setenforce 1 to enter enforcing mode.
$ setenforce 1

SELinux configurations from GUI
       You can configure all of these settings using system-config-selinux. The same configuration files are used, so changes appear bidirectionally. Use the following procedure to change a runtime boolean using the GUI.
Note: Administrator privileges are required to perform this procedure.

  • On the System menu, point to Administration and then click Security Level and Firewall to display the Security Level Configuration dialog box.
  • Click the SELinux tab, and then click Modify SELinux Policy.
  • In the selection list, click the arrow next to the Name Service entry, and select the Disable SELinux protection for named daemon check box.
  • Click OK to apply the change. Note that it may take a short time for the policy to be reloaded.


Posted by at No comments:

Saturday, 11 July 2015

How to sort contents of a file

sort command is used to sort the contents of a file. You can sort the data in text file and display the output on the screen, or redirect it to a file. Based on your requirement, sort provides several command line options for sorting data in a text file.

Syntax:
sort [options] filename

 Examples:

 #1 To sort text file [sort sort_file]

#2 To sort numbers in file, use -n option [sort -n sort_number_file]


#3 To sort months in file, use -M option [sort -M sort_month_file]

Refer below tables for more sort command options:
-b  Ignores leading spaces in each line 
 -d  Uses dictionary sort order. Conisders only spaces and alphanumeric characters in sorting 
 -f  Uses case insensitive sorting. 
 -M  Sorts based on months.  Either mention complete month name or only first 3 letters. Eg: JAN, FEB 
 -n  Uses numeric sorting 
 -R  Sorts the input file randomly. 
 -r  Reverse order sorting 
 -k  Sorts file based on the data in the specified field positions. 
 -u  Suppresses duplicate lines 
 -t  input field separator 





Posted by at No comments:

Wednesday, 1 July 2015

How to use sed command in Linux

sed, short for "stream editor", allows you to filter and transform text. A stream editor is used to perform basic text transformations on an input stream (a file, or input from a pipeline). While in some ways similar to an editor which permits scripted edits (such as ed), sed works by making only one pass over the input(s), and is consequently more efficient. But it is sed's ability to filter text in a pipeline which particularly distinguishes it from other types of editors.

 How sed Works
sed maintains two data buffers: the active pattern space, and the auxiliary hold space. Both are initially empty.

sed operates by performing the following cycle on each line of input: first, sed reads one line from the input stream, removes any trailing newline, and places it in the pattern space. Then commands are executed; each command can have an address associated to it: addresses are a kind of condition code, and a command is only executed if the condition is verified before the command is to be executed.

When the end of the script is reached, unless the -n option is in use, the contents of pattern space are printed out to the output stream, adding back the trailing newline if it was removed. Then the next cycle starts for the next input line.

Syntax:
sed Options... [Script] [InputFile...]

Option
Detail
-n, --quiet, --silent Suppress automatic printing of pattern space.
-e script, --expression=script Add the script script to the commands to be executed.
-f script-file, --file=script-file Add the contents of script-file to the commands to be executed.
--follow-symlinks Follow symlinks when processing in place.
-i[SUFFIX], --in-place[=SUFFIX] Edit files in place (this makes a backup with file extension SUFFIX, ifSUFFIX is supplied).
-l N, --line-length=N Specify the desired line-wrap length, N, for the "l" command.
--POSIX Disable all GNU extensions.
-r, --regexp-extended Use extended regular expressions in the script.
-s, --separate Consider files as separate rather than as a single continuous long stream.
-u, --unbuffered Load minimal amounts of data from the input files and flush the outputbuffers more often.

Example:
#Replacing word in a file and save the output in same file.
       sed -i 's/blogger/blog/g' test_sed.txt

Posted by at No comments:
Subscribe to: Posts (Atom)