Archive for the ‘Linux & Unix’ Category

How to Copy Files with SCP between Linux Servers

Saturday, July 19, 2014 posted by Till

1.1 SCP Command Line-An Overview

 

The SCP command line is commonly used to copy files over SSH, and between popular Operating systems like Linux, Mac and Windows in a secure fashion. SCP is used to copy files to/from a remote server. It also allows you to copy files from one remote server to another remote server, without passing traffic through your PC.

 

1.2 Configuring the System of the Virtual Machine

 

At the outset, for sending files to the virtual machines, you would require a specific set of configuration, as explained below:

1. Open VirtualBox

2. Please select the virtual machine where your target system is running.

3. Open Settings > Network

4. Please select the correct Adapter tab (it will be the first one in case you have not made any changes so far)

5. You must select Bridged Adapterfrom the Attached to dropdown menu.

6. Now, you can run your virtual machine.

 

1.3 Initiating File Copy between Linux Servers Using SCP

 

Once begun, you must open a terminal and key in the following:

sudo apt-get install openssh-server
ifconfig

The ifconfig will throw up a few blocks, like the one titled eth0.

 ctest@ctest-System-Product-Name ~ $ ifconfig
eth0		Link encap:Ethernet  HWaddr f4:6d:04:94:8f:17
inet addr:192.168.0.11  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::f66d:4ff:fe94:8f17/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:234392 errors:0 dropped:0 overruns:0 frame:0
          TX packets:128835 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:332109021 (332.1 MB)  TX bytes:11758082 (11.7 MB)
          Interrupt:43 Base address:0x6000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:39 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2424 (2.4 KB)  TX bytes:2424 (2.4 KB)

ctest@ctest-System-Product-Name ~ $

The IP address exhibited on inet adress: is the one your machine would have in your internal network, and it will be the one you are going to access the machine under. Here, you must revisit the sender system now that you are aware of the IP of the receiver. If you possess the files to be sent, in addition to the directory for storing these on your virtual machine ready, you may simply go ahead and send the file by using the following command:

scp [path of file to send] root@[receiver's IP]:[target directory]

In the above command, you must replace the items in brackets [] with actual values.

For instance, if you wish to send a file titled MyVideo.mp4 housed in the /home/ctest/Videosdirectory to the /home/cooldude/Videos directory of the system that has an internal IP of 191.167.1.61, you must use the following command line:

scp /home/ctest/Videos/MyVideo.mp4 root@191.167.1.61:/home/cooldude/Videos

 

1.4 Fixing Errors

 

Post entering the basic SCP command, you may encounter the following message:

 

ctest@ctest-System-Product-Name ~ $ scp /home/ctest/Videos/MyVideo.mp4 root@191.167.1.61:/home/cooldude/Videos
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@  WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
4e:c0:50:9a:cf:b6:bc:45:ed:9b:54:97:d8:11:21:a8.
Please contact your system administrator.
Add correct host key in /home/ctest/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ctest/.ssh/known_hosts:4
  remove with: ssh-keygen -f "/home/ctest/.ssh/known_hosts" -R 191.167.1.61
ECDSA host key for 191.167.1.61has changed and you have requested strict checking.
Host key verification failed.
lost connection
ctest@ctest-System-Product-Name ~ $

More often than not, this is caused when the system with the given IP is no longer the same as it was when you last connected to the same IP. For instance, if you happened to host a new virtual machine that subsequently took the same IP as the old one.
To fix this one, you must follow the commands given in the message to remove the offending key (as shown below):

ssh-keygen -f "/home/ctest/.ssh/known_hosts" -R 191.167.1.61

You must ensure that you replace the path and the IP with the ones matching your specific inputs. You may also remove the key manually by opening the known_host file with the help of a texteditor, and removing the key (obviously as root).

 

1.5 Completing the Process

 

If, however, you do not come across any such issue, or you have managed to tackle the same, you would be asked if you really wish to proceed. You must key in yesand hit Enter to confirm the same.

Next, you’ll be asked for the root password of the receiver, which you must key in and before hitting Enter once again.

Now, the copied file must be accessible on the intended directory of the receiver, although you must not have any permissions to write/execute the same. If, however, you are seeking full permissions, please use the following command:

sudo chmod 777 /home/cooldude/Videos/MyVideo.mp4

Here, you must remember to change the path value to the one corresponding to your file, and you are good to go!

Solution for: system-config-firewall: command not found

Wednesday, February 5, 2014 posted by admin

When you get the error message "system-config-firewall: command not found" on your CentOS Server while trying to configure the firewall on the shell, then the text interface version of the firewall configuration utility is missing. Install it with this command:

yum install system-config-firewall-tui

If your mail server stops working (neither incoming nor outgoing email works) and you find the following error message in the mail.log file:

fatal: open database /var/lib/postfix/smtpd_scache.db: File exists

then the smtpd_scache.db might got corrupted. Postfix will recreate this file, if it does not exist. So it can be removed to solve the issue:

/etc/init.d/postfix stop
rm -f /var/lib/postfix/smtpd_scache.db
/etc/init.d/postfix start

Thanks to Alexander Fox for sending me this FAQ.

Dovecot is watching the whole server filesystem for modifications and removed or added sub filesystems. If you get errors similar to this one on your server:

Aug 30 09:10:23 server1 dovecot: master: Warning: /var/www/clients/client1/web1/log is no longer mounted. If this is intentional, remove it with doveadm mount

 (the directory path may vary), then you can fix it by excluding the path from being watched by dovecot. In my case, dovecot shall not watch my website directories as they do not contain any mailboxes

Run the following command on the shell as root user:

doveadm mount add '/var/www/*' ignore

To exclude all files and folders in /var/www from deovecot monitoring.

 

Incorrent Time on Windows/Linux Dual Boot System

Monday, April 22, 2013 posted by CSch

If you work on a dual boot system you might experience that when you log off from Windows, onto Linux, and to Windows again, the time that is shown in the bottom right corner might be an hour or more off the actual time. This will correct once you refresh it by loading the time from a time server again but will remain an issue for the next logins.
This has not directly to do with daylight savings or an incorrect time zone, but most likely with Linux assuming that the BIOS time is set to UTC while it's set to local time. So it just changes the BIOS clock according to that. Logging in to Windows with the wrong BIOS clock will result in a wrong system time.

This Linux behavior can easily be changed though, so just login to your Linux system and open a command line. First log in as root with your password:

sudo su

Then enter following to open the rcS file (note that I use vi as text editor - you can use any other you like here):

vi /etc/default/rcS

Now look for the line reading UTC = yes and change it to UTC = no. Save the file and try to boot into Windows - if every other time setting is set correct you should get the right time now.

Add More Tabs to Firefox Before Scrolling Occurs

Thursday, March 28, 2013 posted by CSch

The past versions of Firefox brought a feature to it that a great deal of users didn't like because it changed the way tabs are handled in a window. Instead of just showing all tabs at once, Firefox now adds horizontal scrolling to the tab bar in order to prevent the tabs from becoming too small to read its name. That way you can always see what's on your tabs but don't have a complete overview of the whole bar anymore.
In order to help out on that an add-on was created that increases the number of tabs that are visible before the overflow scrolling occurs.
It's called Prevent Tab Overflow and you can find it in the Firefox Add-On database: https://addons.mozilla.org/en-US/firefox/addon/noverflow/

Add it and it will get to work instantly. Have a look at the Add-on preferences (Tools>Add-ons>Extensions>Prevent Tab Overflow>Preferences) to see what you can actually do:

Screenshot at 2013-03-26 10:31:51

While the add-on cannot prevent tab overflow as whole, it can resize the minimum tab width down to 40 pixel (the default in Firefox is 100 pixel). A lot more tabs fit in that way and the scrolling kicks in on a point where it actually makes sense not to shrink the tabs any further.

Install Steam on Ubuntu and Linux Mint

Saturday, March 16, 2013 posted by CSch

With Steam support for Linux, there will most likely be a whole lot more games coming out for Ubuntu and its consorts. While the database of games with Linux support still grows, many titles are already available.
To install Steam on Ubuntu or Linux Mint, open a Terminal and enter the following commands:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B05498B7
sudo sh -c 'echo "deb http://repo.steampowered.com/steam/ precise steam" >>
/etc/apt/sources.list.d/steam.list'

 

sudo apt-get update
sudo apt-get install steam

Afterwards start it with

steam

Screenshot at 2013-03-12 12:16:05

If you get error messages from amavisd similar to the one posted below on a server which is virtualized with OpenVZ:

Mar  5 09:09:02 v100 amavis[17378]: (17378-14) (!!)TROUBLE in process_request: Error writing a SMTP response to the socket: Broken pipe at (eval 100) line 987, <GEN44> line 31.

then the issue can be caused by the NUMTCPSOCK value in the openvz limits. Even if the barrier of this limit was never met in /proc/user_beancounters, the above error occurs when more then 25% of all TCP sockets were used. The solution is to set the NUMTCPSOCK barrier and limit to a high value in the openvz container configuration file. Here a value that worked for me on a moderately used mailserver:

NUMTCPSOCK="2000:2000"

Finally restart the OpenVZ VM to apply the new limit value.

 

Apache mod_security settings for WordPress and ModX

Monday, January 7, 2013 posted by Till

If you use the apache mod_security module on your apache server, you might encounter wrong 403 errors for several URL's of the cms systems. Here are some exception rules to avoid that:

For WordPress Blogs

<locationmatch "/wp-admin/admin-ajax.php">
SecRuleRemoveById 300013
SecRuleRemoveById 300015
SecRuleRemoveById 300016
SecRuleRemoveById 300017
</locationmatch>

<locationmatch "/wp-admin/page.php">
SecRuleRemoveById 300013
SecRuleRemoveById 300015
SecRuleRemoveById 300016
SecRuleRemoveById 300017
</locationmatch>

<locationmatch "/wp-admin/post.php">
SecRuleRemoveById 300013
SecRuleRemoveById 300015
SecRuleRemoveById 300016
SecRuleRemoveById 300017
</locationmatch>

For the ModX CMS

<LocationMatch "/manager/index.php">
SecRuleRemoveById 300016
</LocationMatch>

<LocationMatch "/connectors/resource/index.php">
SecRuleRemoveById 300013 300014 300015 300016
</LocationMatch>

<LocationMatch "/connectors/element/tv.php">
SecRuleRemoveById 300013 300016
</LocationMatch>

Add these rules inside the vhost file of the website. If you use ISPConfig to manage the server, then add the rules in the apache directives field of the website settings in ispconfig.

Many thanks to PlanetFox for providing the rules.

Install Minecraft on Ubuntu 12.10 and Mint 14

Friday, December 21, 2012 posted by CSch

Minecraft provides you with really good support on Linux. To be able to play, you need to download the .jar file from the official website first (you need that from the Minecraft for Linux / Other section: http://minecraft.net/download.

After you have it, you need to check if the java runtime environment is installed: open Synaptic Package Manager and search for the openjdk-7-jre package - if it isn't installed, install it now.

Head back to the downloaded minecraft.jar file. Right-click it and open the Properties. Go to the Permissions tab and check the Execute checkbox, close the window afterwards.

Now start minecraft by right-clicking the jar file again and selecting Open With >OpenJDK Java 7 Runtime - Enjoy Minecraft!