it is possible to change time and date of a remote server/servers by scheduling a job on them remotely:
at \\10.0.84.17 15:15 net time \\10.0.53.30 /set /y
this will set the time of 10.0.84.17 at 15:15 of its local time to data/time of 10.0.53.30 machine.
first authentication should be down between the two.
we can use this to happen before setting time:
at \\10.0.84.17 15:10 net use \\10.0.53.30 /user:administrator password
setting data/time of remote server
August 2, 2010DHCP Server config file
May 3, 2010For configuring dhcp server on linux machine just install dhcpd rpm and use the following text to configure /etc/dhcpd.conf and start dhcp service :
# /etc/dhcpd.conf
# This is a very basic subnet declaration.
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10 10.0.0.20;
option routers 10.0.0.1;
option domain-name-servers 10.0.0.5;
option domain -name “dhcp.lab”;
default-lease-time 120;
max-lease-time 120;
ddns-update-style none;
}
after applying this configuration type “chkconfig dhcpd on” to start it automatically when server boots.
Adding SCSI disk to Linux Guest in VMWARE
May 1, 2010I have done it on both Redhta Enterprise linux and centos on different versions and it works fine for me.
Just add your scsi disk to your vmware guest machine from graphical user interface of vmware.
It is not a difficult or complicated process.
After that launch your command line and type “fdisk -l” to see your current attached disks.
Then type “echo – - – > /sys/class/scsi_host/host#/scan”
“#” is your host number which may be 0 , 1, 2, …or 14.
Again type “fdisk -l” to see the changes.
you can open another terminal and run “tail -f /var/log/messages” to see configuration changes logged there.
How to set static IP address on Red Hat
February 27, 2010This is a quick blog on how to change the IP allocation on your Red Hat machine from Dynamic to Static.
Go to the /etc/sysconfig/network-scripts and open the ifcfg-eth0 file for editing change
BOOTPROTO=DYNAMIC
to
BOOTPROTO=STATIC
add a new line
IPADDR=(type ip address here)
Save and Close ifcfg-eth0.
To flush IP address use the following command
/etc/init.d/network stop
then
/etc/init.d/network start
To check that the IP address has taken type
/sbin/ifconfig.
Add Extra Hard Disk To Redhat Linux
February 26, 2010This guide is above how to add extra IDE or SCSI hard disk to a live Redhat Linux server. Although, it serves to give some ideas that applied for other Linux variants as well.
Redhat naming convention for IDE hard disk are
1. /dev/hda – denote primary-master IDE hard disk
2. /dev/hdb – denote primary-slave IDE hard disk
3. /dev/hdc – denote secondary-master IDE hard disk
4. /dev/hdd – denote secondary-slave IDE hard disk
Redhat naming convention for SCSI hard disk is somewhat similar. For example,
* /dev/sda – denote SCSI hard disk of SCSI ID 1
* /dev/sda1 – denote first partition of SCSI hard disk of SCSI ID 1
* /dev/sdb3 – denote third partition of SCSI hard disk of SCSI ID 3
* /dev/sdd4 – denote forth partition of SCSI hard disk of SCSI ID 4
Adding extra IDE or SCSI hard disk to a live Redhat Linux server is a fairly simple work. It looks lengthy as follow, but the works is not.
1. Shutdown the Redhat Linux system by typing init 0
2. Unplug the power source to ensure server board totally power off.
3. Plug in the extra hard disk physically to the IDE or SCSI port.
4. Bring up the system to single user mode, i.e init 1 or runlevel 1
* Using GRUB as boot loader
1. Select the Redhat Linux kernel version to load using the up/down arrow key.
2. Type e to enter GRUB editor mode
3. Select the line that starts with kernel and type e to edit the line.
4. Go to the end of the line, press space bar to create a space, and type single
5. Press ENTER key to exit edit mode.
6. Type b to boot into single user mode.
* Using LILO as boot loader
1. If using the graphical LILO, press CTRL+X to exit the graphical LILO screen and go to the boot: prompt.
2. At the boot: prompt, type linux single to enter single user mode.
5. Create Partition (Assuming the extra hard disk to add is a primary-slave IDE hard disk)
1. Type fdisk /dev/hdb to begin
2. Press m to get a list of command associated with fdisk program.
3. Press n follow by e to create primary partition.
4. Press 1 for partition number prompt to indicate it is the first partition of the hard disk
5. Press ENTER twice to used the default values given by fdisk, to indicate it is the first and last partition of the hard disk, that utilize whole hard disk space.
6. Press p to print the partition table information that is just created. Confirm the information and work done are correct as of this stage.
7. Press w to save the work done after confirmation.
6. Performing scan disk to check for possible hard disk bad sectors before creating a Linux ext3 file system on partition created earlier, by typing
mkfs -t ext3 -c /dev/hdb1
7. After creating the file system, perhaps it is a good chance to tune the file system before mounting it. Refer to tune2fs command for some interesting tuning parameters available for the file system.
8. Mount the ext3 file system created
1. Create a directory to serve as mount point, type mkdir /NewIDE
2. Append the following line into /etc/fstab, which is used to auto mount file systems on each reboot
/dev/hdb1 /NewIDE ext3 defaults 1 2
The digit 1 in the line indicates that the mounted file system will be backed up upon dump execution.
The digit 2 in the line indicates the order that fsck should check during its execution. Type man fstab for details related to fstab configuration file.
3. Type mount /dev/hdb1 to confirm the /etc/fstab configuration are correct. The mount /dev/hdb1 command will actually refers /etc/fstab to get the complete setting about the going to mount file system. This is equivalent to the complete command of
mount -t ext3 /dev/hdb1 /NewIDE
4. Type df -hTa to verify the new file system mounted successfully.
9. Done.
Configure VNC Server
February 25, 2010Vncserver is just another application available in almost all the available Linux based distros. Configuring vncserver is very easy. But the default desktop view in vncviewer is gray scale desktop with very pathetic GUI. To view normal Gnome or KDE desktop in vncviewer, assigning a custom port for usage, user configuration and to adjust the resolution of the vncviewer window, some files need to be configured properly. Here are the required configuration in any version of Fedora/Fedora Core. But with minor modifications these can be applied to other distros like Ubuntu, SuSE, Gentoo etc.
Step 1: Installing Vncviewer, Vncserver
As root do this:
[root@bordeaux saini]# yum install vnc [Enter]
Step 2: Configuring resolution, port & user
The default location of server configuration file for vncserver is ‘/etc/sysconfig/’. To configure the resolution, user and port open ‘/etc/sysconfig/vncservers’ in you favorite editor and add two lines per user configuration shown ..
VNCSERVERS=”:”
VNCSERVERARGS[]=”-geometry x x”
Example :
VNCSERVERS=”3:saini”
VNCSERVERARGS[3]=”-geometry 1000×700″
ou can choose any display port, but it should not be in use by another X server. Window height and width can be anything (not in fraction of course). But keep in mind that the system on which you are going to view the desktop using vncviewer should have greater resolution than what you specify here, otherwise scrollbars will appear.
Step 3: Configuring Desktop Environment
The user specific configuration files of vncviewer resides in ‘.vnc’ directory in user’s home directory. (e.g. ‘/home/saini/.vnc/’). Open ‘.vnc/xstartup’ in your favorite editor and edit as below
* For Gnome
The ‘xstartup’ file shout look like this :
#!/bin/sh
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
#twm &
startx &
For KDE
The ‘xstartup’ file should look like this:
#!/bin/sh
# Uncomment the following two lines for normal desktop:
#unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
#twm &
startkde &
Step 4: Configuring password
For setting up vncviewer password for user ‘xyz’, login as user ‘xyz’ and issue ‘vncpasswd’ command on a terminal/konsole (or whatever). Enter password twice and you are done with password setting.
Step 5: Starting Vncserver
To start vncserver, login as root and issue ’service vncserver start’ command. If service started successfully, you are ready to use vncviewer on a remote/local machine.
Step 6: Accessing through Vncviewer
* From Linux based machines
[saini@bordeaux saini]# vncviewer IP_Address:displayPort [Enter] #(IP Address is for the machine where you set up vncserver)
source : http://gofedora.com/how-to-configure-vnc-server/
Use Proxy Server To Access Internet
October 21, 2009Q. I’m behind a squid proxy server. How do I access internet via proxy server when I use wget, lynx and other utilities from a shell prompt?
A. Linux / UNIX has environment variable called http_proxy. It allows you to connect text based session / application via the proxy server. All you need is proxy server IP and port values. This variable is almost used by all utilities such as elinks, lynx, wget, curl and others.
Set http_proxy shell variable
Type the following command to set proxy server:
$ export http_proxy=http://server-ip:port/
$ export http_proxy=http://127.0.0.1:3128/
$ export http_proxy=http://proxy-server.mycorp.com:3128/
for password protected proxy:
http_proxy=http://user:passwd@proxy.foo.com:portnumber
How do I setup proxy variable for all users?
To setup the proxy environment variable as a global variable, open /etc/profile file:
# vi /etc/profile
Add the following information:
export http_proxy=http://proxy-server.mycorp.com:3128/
Save and close the file.
How do I use password protected proxy server?
You can simply use wget as follows:
$ wget –proxy-user=USERNAME –proxy-password=PASSWORD http://path.to.domain.com/some.html
Lynx has following syntax:
$ lynx -pauth=USER:PASSWORD http://domain.com/path/html.file
Curl has following syntax:
$ curl –proxy-user user:password http://url.com/
source: http://www.cyberciti.biz/faq/linux-unix-set-proxy-environment-variable/#comments
Disable DNS Lookup in Cisco Routers and Switches
October 17, 2009This article discusses how you can disable DNS lookup on Cisco routers and switches and effect when DNS lookup is enabled.
Problem: In privilege EXEC mode, if you type in something other than a Cisco IOS command, the router assumes that you typed a domain name and it tries to resolve what ever you type.
Although this feature is can be useful in some situations, for most of the time, this is a pain, especially if you do not have DNS server configured. The router becomes irresponsive for about 5-6 seconds trying to resolve the name.
The following is an example.
R4#wrong-command
Translating “wrong-command”…domain server (255.255.255.255)
(255.255.255.255)
Translating “wrong-command”…domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer
address
R4#
Solution:
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#no ip domain-lookup
R4(config)#
R4#wrong-command
Translating “wrong-command”
Translating “wrong-command”
% Unknown command or computer name, or unable to find computer address
R4#
Websphere Admin Console Password
May 18, 2009Some times there might be cases like forgetting WebSphere admin console password where we need to disable WebSphere Application Server security by editing configuration files without logging into the WAS admin console. In order to does this you should edit some configuration files which is described below:
1-Browse to the following directory :
WAS_INSTALL_DIR/profiles//config/cells//
2-Open file named security.xml
3-Seatch for tag like this <security:Security.
4-This would be the first tag in security.xml file. In this tag we can see an attribute called enabled=”true”. Just change this tag from current state to enabled=”false”
before doing this create a backup from file security.xml .
VPN Protocols
May 16, 2009Internet uses the PPP-point-to-point protocol for remote access. VPN technology has incorporated additional functionality into PPP creating different protocols like PPTP-Point-to-point tunneling protocol,L2TP-Layer-2 tunneling protocol and IPSec- IP security protocol. The diversity in VPN protocols is to cater to different requirements. Some protocols cater to remote access VPN connections from mobile users or branch offices that use a local ISP. Other protocols cater to communication between ‘LAN-to-LAN’. PPTP, L2TP and L2F-Layer two forwarding have been developed for dial-up VPN’s where as IPSec caters to ‘LAN-to-LAN’ solutions.
PPTP- Point-to-Point Tunneling Protocol
PPTP is one of VPN’s first protocols built on PPP to provide remote access for VPN solutions. PPTP encapsulates PPP packets using GRE-Generic routing Protocol. This had been modified to give PPTP the flexibility of handling protocols other than IP like IPX-Internet Packet Exchange, and NetBEUI- Network basic input/output system extended user interface. PPTP uses authentication mechanisms within PPP, i.e. PAP-Password Authentication Protocol. Various other authentication and security mechanism have been developed by Microsoft and is utilized in its Operating System software.
L2F- Layer Two Forwarding Protocol
This was designed to tunnel data from corporate sites to their respective users. A protocol primarily implemented in CISCO products, it differs from PPTP in a way that it does not depend on IP. This could work on alternate media like frame relays or ATM-Asynchronous transfer Mode. L2F accepts other authentication mechanisms and allows tunnels to s upport more than one connection. L2F uses PPP for authentication of remote user. The authentication is done twice, one at the ISP and the second at the gateway to the connecting LAN. It is also a Layer-2 protocol and handles IPX and NetBEUI as well.
L2TP – Layer Two Tunneling Protocol
The best features of PPTP and L2F were combined to form L2TP. It exists in the second layer (data link) of the OSI-Open Systems Interconnect model and so its name L2TP. Approved by IETF L2TP transport is defined for packet media, Frame relay, ATM and X.25 (Standard for packet switching networks defining layers 1, 2 and 3 of the OSI model). It has its own tunneling protocol and uses PPP’s PAP and other advanced mechanisms for authentication. Its encryption method is based on that of IPSec.
Internet Protocol Security (IPSec)
IPSec is a complete VPN protocol solution. Existing in the third layer of the OSI model it uses the IKE-Internet Key Exchange to exchange and manage cryptographic keys used in a data encryption session. IPSec uses a number of encryption technologies to provide confidentiality and data integrity. IPSec allows the sender to authenticate/encrypt or authenticate and encrypt each IP packet. For this it uses two modes either of which can be chosen dependent of situations of security and traffic.
• Transport mode for authentication and encryption of the transport segment of an IP packet
• Tunnel mode authenticates and encrypts the whole IP packet.
IPSec’s strong security measures are designed mainly for IP packets and cannot handle multi-protocol non-IP network environments like NetBEUI or IPX.
VPN is a virtual environment and its advantage is that it is not dependent entirely on physical setup for its organizational needs but on its logical setup. This is its boon and its bane as well.
