Ans:PATH=/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
export PATH
2)How to do SSH without password?
Ans: # cd ~
#cd .ssh
#ssh-keygen -t rsa
<keep everything as blank>
two files will be created under .ssh
id_rsa id_rsa.pub
#cp id_rsa.pub authorized_keys
#[root@linux .ssh]# ssh ble
Last login: Wed Sep 29 11:40:36 2010 from ble
[root@linux ~]#
To SSH without paasword from remote client copy the id_rsa.pub to the server's .ssh directory
In the client..enter the below command
$ scp ~/.ssh/id_rsa.pub user@server:.ssh/myid_rsa.pub
Login to the server
$chmod 700 ~/.ssh
$cat .ssh/myid_rsa.pub >> ~./ssh/authorized_keys
$rm myid_rsa.pub
$chmod 600 ~./ssh/authorized_keys
{{{{{OR}}}}
#cd .ssh
#ssh-keygen -t rsa
#cat id_rsa.pub | ssh user@remotemachine "cat - >> .ssh/authorized_keys"
#ssh root@remotemachine
3)How can I limit who can use SSH based on a list of users?
Ans:
One advantage of Pluggable Authentication Module (PAM) is it can be used to limit the number of network users who have access to a certain service based on a list.
For example, you can limit SSH connections via PAM.
In /etc/pam.d/sshd, add the following line:
auth required /lib/security/pam_listfile.so onerr=fail item=user sense=allow file=/etc/sshd_users
This will allow a user to login via sshd if they are listed in the /etc/sshd_users file.
The options specified have the following meanings:
onerr=fail—If an error occurs (file specified is not found or an improperly formatted entry is found in the file), fail this test. This will deny the user access via sshd.
The other possible option for onerr is succeed.
item=user—This states that we are testing or verifying the user's login name.
sense=allow—This means that if the user is found in the file specified, this test succeeds. This will allow the user access if all other PAM tests succeed as well.
The other possible option for sense is deny.
file=/etc/sshd_users—This specifies the file that will contain the list of users (one per line) that are allowed to access sshd.
With that, the /etc/pam.d/sshd will look like:
#%PAM-1.0
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
auth required pam_listfile.so onerr=fail item=user
sense=allow file=/etc/sshd_users
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_limits.so
session optional pam_console.so
Afterwards, put the valid SSH users in the /etc/sshd_users file. Each username should be on a new line.
4)what is the differene between du and df
Ans) du means the space used by files and folders. df is space used by entire filesystem,journaling,inodes.
Sometimes programs write to the files that are deleted.you dont see them with du command by still they take space
type the command #lsof | grep '(deleted)' . Restarting those programs will free up some space
5)How to remove the host key of a remote server?
Ans) got to root directory
#cd /root
cd to .ssh directory
#cd .ssh
opent he know_hosts file and remove the entry for the remote server's ip address
#vi kown_hosts
Then try to ssh to the remote server. This will create a new host key for that remote server
6)what to do if NFS serivce is not runnning?
Ans) check whether the portmap serivce is running
#lsof | grep portmap
#ps -ef | grep portmap
If portmap is running then check rpcinfo
#rpcinfo -p localhost
check /etc/hosts.allow and /etc/hosts.deny
If TCP_wrappers are confiured then
Check for TCP_Wrappers like this:
rpm -q tcp_wrappers
and check for nfs-utils version like this:
rpm -q nfs-utils
Finally, double check TCP Wrapper support like this:
strings /usr/sbin/rpc.mountd | grep hosts
and look for something like this :
/etc/hosts.allow
/etc/hosts.deny
If you get that, then wrappers are being used so you have to configure them right. If they are not configured right, they will cause the connection refused error you are getting.
7)netstat monitoring
netstat --tcp --udp --listening --program
nmap -T Aggressive -A -v 127.0.0.1 -p 1-65000
lsof +M -i4
fuser -v 9000/tcp
service --status-all | grep running
snoop -o /tmp/cap solaris BLE
snoop -i /tmp/cap -t r| more
snoop -i /tmp/cap -p 1,4
snoop -i /tmp/cap -V -p1
snoop -i /tmp/cap -V/v -p2 --- to check detailed information about packet
iptables -A FORWARD -s 0/0 -i eth0 -d 10.121.113.92 -p TCP --sport 1024:65535 --dport9000 -j ACCEPT
8)Attach a new disk to the Linux machine(VMware) while it is running?
# ls /sys/class/scsi_host
displays the host names
host0 host1 host2
#echo "- - -" > /sys/class/scsi_host/host0/scan
#fdisk -l
shows the new disk
#tail -f /var/log/messages
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Write Protect is off
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Cache data unavailable
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Assuming drive cache: write through
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: Attached scsi generic sg2 type 0
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Cache data unavailable
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Assuming drive cache: write through
Dec 21 22:39:35 localhost kernel: sdb: unknown partition table
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Cache data unavailable
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Assuming drive cache: write through
Dec 21 22:39:35 localhost kernel: sd 0:0:1:0: [sdb] Attached SCSI disk
9)How Do I Delete a Single Device Called /dev/sdc in VMware Linux machine?
In addition to re-scanning the entire bus, a specific device can be added or existing device deleted using the following command:
# echo 1 > /sys/block/devName/device/delete
# echo 1 > /sys/block/sdc/device/delete
10)How Do I Add a Single Device Called /dev/sdc in Vmware Linux machine?
To add a single device explicitly, use the following syntax:
# echo "scsi add-single-device <H> <B> <T> <L>" > /proc/scsi/scsi
Where,
<H> : Host
<B> : Bus (Channel)
<T> : Target (Id)
<L> : LUN numbers
For e.g. add /dev/sdc with host # 0, bus # 0, target # 2, and LUN # 0, enter:
# echo "scsi add-single-device 0 0 2 0">/proc/scsi/scsi
# fdisk -l
# cat /proc/scsi/scsi
Sample Outputs:
Attached devices:<br />Host: scsi0 Channel: 00 Id: 00 Lun: 00<br /> Vendor: VMware, Model: VMware Virtual S Rev: 1.0<br /> Type: Direct-Access ANSI SCSI revision: 02<br />Host: scsi0 Channel: 00 Id: 01 Lun: 00<br /> Vendor: VMware, Model: VMware Virtual S Rev: 1.0<br /> Type: Direct-Access ANSI SCSI revision: 02<br />Host: scsi0 Channel: 00 Id: 02 Lun: 00<br /> Vendor: VMware, Model: VMware Virtual S Rev: 1.0<br /> Type: Direct-Access ANSI SCSI revision: 02
11)HOw do you find the last reboot time
#who -b
12)Memory test on linux
First find out memory site using free command.
$ free
Output:
total used free shared buffers cached
Mem: 768304 555616 212688 0 22012 270996
-/+ buffers/cache: 262608 505696
Swap: 979956 0 979956
In above example my server has 768304K memory. Now use dd command as follows:
$ dd if=/dev/urandom bs=768304 of=/tmp/memtest count=1050
$ md5sum /tmp/memtest; md5sum /tmp/memtest; md5sum /tmp/memtest
If the checksums do not match, you have faulty memory guaranteed. Read dd command man page to understand all options. dd will create /tmp/memtest file. It will cache data in memory by filling up all memory during read operation. Using md5sum command you are reading same data from memory (as it was cached).
13)What to do if DISPLAY is not working for the users
ssh jason@remote-server -X
jason $ echo $DISPLAY
localhost:10.0
jason $ su – oracle
oracle‘s Password:
oracle $ xterm
Xlib: connection to "localhost:10.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
xterm Xt error: Can’t open display: localhost:10.0
On recent OpenSSH Server releases, you can simply enable “ForwardX11Trusted yes” in the /etc/ssh/sshd_config file and restart the OpenSSH server. If you’re not using a recent OpenSSH Server release or if you can’t for security or political reasons, what could you do? Give up? It’s simpler than you think.
You need to temporarily transfer the authorization to the other account. First, get the key from your account:
jason $ xauth list
aspc2o1/unix:10 MIT-MAGIC-COOKIE-1 bc334c66cfec3c5c3d5b0efc4ee9d3ad
Next, sudo/su to the other account and add the authorization key.
jason $ su – oracle
oracle $ xauth add aspc2o1/unix:10 MIT-MAGIC-COOKIE-1 bc334c66cfec3c5c3d5b0efc4ee9d3ad
Now, you should be able to start any X Windows application, assuming that your DISPLAY variable is set to go through the ssh tunnel:
oracle $ xterm
14)How to tar file or directory
Ans) tar -cvf test.tar testfile
tar -cvf test.tar testdir/
15)After you install the RHEL5 if you cannot see the mouse pointer (but the mouse rolls over the icons and works fine)
Ans) Edit the /etc/X11/xorg.conf and check whether you have the entry for your mouse. It probably looks like this
Section "InputDevice"
Identifier "Mouse"
Driver "mouse"
Option "device" "/dev/mouse"
Option "Protocol" "Auto"
EndSection
And also add the line Option "HWCursor" "Off" to the Device section
Section "Device"
Identifier "Videocard0"
Driver "nv"
Option "HWCursor" "Off" #New option
EndSection
16)How to check whether the Linux is 64bit or 32bit
Ans)Method 1:
$ uname -a
x86_64,ia64 indicates 64 bit OS ; rest all [i386/i486/i586/i686] are indicate 32 bit
Method 2:
$ file /usr/bin/initdb
ELF 32-bit LSB executable : means 32 bit
ELF 64-bit LSB executable : means 64 bit
To FIND processor is 32 or 64 bit
====================================
$ grep flags /proc/cpuinfo
If there is "lm" flag, then the processor is 64-bit, else 32
17) How to check the md5sum and sha1sum?
Ans) just type #md5sum <filename>
#sha1sum <filename>
18) Was able to switch to the user subbarai from root but switching back to root, got incorrect password error
Ans) [root@otm bin]# su - subbarai
[subbarai@otm ~]$ su - root
Password:
su: incorrect password
changed the persmissions on /bin/su from 0755 to 47555 then everything worked fine
[root@otm ~]# su - subbarai
[subbarai@otm ~]$ su - oracle
Password:
-bash-3.2$ su - otm
Password:
[otm@otm ~]$
19)How to start a service using script at the server startup?
Ans)Add the script to /etc/rc.d/rc.local file
20)How to use tcpdump ?
Ans) #tcpdump -i <ethernet interface> tcp destination port <port number> and src host <ip address>
ex; #tcpdump -i eth1 tcp dst port 80 and src host 192.168.0.10
20)How to list the files in a directory recursively?
Ans) ls -lahR <directory>
22) How to recursively change the permissions of the directory ( not the files) ?
Ans) find . -type d -exec chmod 755 {} +
23)How to find files without worl readable permission
Ans) find . -type f ! -perm -004
24) How do you modify the content in all the files ?
$find /web/test/about/environment -name *.shtml -type f -exec sed -i 's/www\.test\.com/wwwexample\.comp\.pge\.com/g' {} +
25)How to take a backup of a linux file with date appeneded?
$cp file file_$(date '+%m%d%Y%H%M%S')
Ans) just type #md5sum <filename>
#sha1sum <filename>
18) Was able to switch to the user subbarai from root but switching back to root, got incorrect password error
Ans) [root@otm bin]# su - subbarai
[subbarai@otm ~]$ su - root
Password:
su: incorrect password
changed the persmissions on /bin/su from 0755 to 47555 then everything worked fine
[root@otm ~]# su - subbarai
[subbarai@otm ~]$ su - oracle
Password:
-bash-3.2$ su - otm
Password:
[otm@otm ~]$
19)How to start a service using script at the server startup?
Ans)Add the script to /etc/rc.d/rc.local file
20)How to use tcpdump ?
Ans) #tcpdump -i <ethernet interface> tcp destination port <port number> and src host <ip address>
ex; #tcpdump -i eth1 tcp dst port 80 and src host 192.168.0.10
20)How to list the files in a directory recursively?
Ans) ls -lahR <directory>
22) How to recursively change the permissions of the directory ( not the files) ?
Ans) find . -type d -exec chmod 755 {} +
23)How to find files without worl readable permission
Ans) find . -type f ! -perm -004
24) How do you modify the content in all the files ?
$find /web/test/about/environment -name *.shtml -type f -exec sed -i 's/www\.test\.com/wwwexample\.comp\.pge\.com/g' {} +
25)How to take a backup of a linux file with date appeneded?
$cp file file_$(date '+%m%d%Y%H%M%S')