Category Archives: Linux

Tech posts mostly related to Linux environments

Ubuntu – reset root password

Posted on by

If you forgot your root password or to login to Ubuntu (for recovery) without the root password, follow these simple steps:

  • While the computer boots, press ‘Esc’ as soon as the Grub loads to go into the menu.
  • Press ‘e’ to edit the boot menu
  • Select the kernel line and again press ‘e’
  • remove the words ‘ro’, ‘quite’ and ‘splash’
  • put these words at the end – ‘rw init=/bin/bash’
  • press enter to accept
  • then press ‘b’ to boot into linux

Now you will get to the root shell in a while. Mount all partitions using ‘mount -a’ command (somtimes some partitions are not mounted). Then use ‘passwd’ command to set a new password. Or, you can perform maintenance task right there.

Hide Apache Server Signature

Posted on by

To hide the detailed information about your Apache web server, OS and plugins, you disable the ServerSignature directive by modifying your Apache configuration file:

On CentOS
vi /etc/httpd/conf/httpd.conf

On Ubuntu
vi /etc/apache2/apache2.conf

Search for ServerSignature and change it to off
ServerSignature Off

Save the config and reload Apache to apply the change:

On CentOS
service httpd reload

On Ubuntu
/etc/init.d/apache2 reload

Make USB drive bootable

Posted on by

Many new systems lack cd/dvd drive. An external cd/dvd drive is not easy to carry around. In such cases, installing Ubuntu linux or VMware ESXi from a bootable USB may be the only choice. Once you have it on USB, its even easier than to carrying cd/dvd media. [toc]

BIOS support for USB boot

Most modern systems can boot off USB drives. The BIOS should properly recognize the USB drive and show it under boot options.

Some older systems can be tricky but they might boot off USB selecting “USB HDD” option.

Converting ISO image into bootable USB

Mount the ISO image and USB.
$ sudo mkdir /media/iso
$ sudo mount -o loop my-image.iso /media/iso

If the image is already on the cdrom, it is good too, just mount the cdrom.

Mount your USB drive. You’ll need a FAT32 partition on the usb. In this case it’s showing up as /dev/sdb1. It might be /dev/sdc1 or different letter in your case.

$ sudo mkdir /media/usb
$ sudo mount /dev/sdb1 /media/usb

Then copy the whole contents of the ISO image into the usb

$ sudo cp -r /media/iso/* /media/usb

Rename file isolinux.cfg to syslinux.cfg

$ mv /media/usb/isolinux.cfg /media/usb/syslinux.cfg

You might need to update the file as per your requirement. For VMWare ESXi 3.5, it worked without any update.

Make the USB bootable

Time to umount the image and usb drive.

$ sudo umount /media/iso
$ sudo umount /media/usb

Now, you’ll need syslinux package. If it’s not in your system, you’ll have to install it

$ sudo apt-get install syslinux
$ sudo syslinux -f /dev/sdb1

Try booting off the USB now. If it gives problem, you might need to fix the MBR

$ lilo -M /dev/sdb

Voila. You now have a bootable USB drive.

Ubuntu NIC mapping

Posted on by

When working with VMs and when playing with network cards, you end up with eth3 or something like that as the name for your only nic. The scripts then break and you need to change /etc/network/interface file to reflect the change.

There’s a way to fix that, though. NIC names – eth0 eth1 and so on – are mapped on ubuntu in the following file:

/etc/udev/rules.d/70-persistent-net.rules

Edit the file to change assignments.

Securing SSH Server

Posted on by

SSH Server is a frequent target of brute-force attack to get into your system. Here is a script to block unwanted connections.

# variables
FW=/sbin/iptables    # iptables command
SSHPORT=22           # port sshd is listening to

# insert the rules
${FW} -N SSH
${FW} -N SSH_ABL
${FW} -A SSH -m recent --name SSH_ABL --update --seconds 3600 -j REJECT
${FW} -A SSH -m recent --name SSH --rcheck --seconds 60 --hitcount 5 -j SSH_ABL
${FW} -A SSH_ABL -m recent --name SSH_ABL --set -j LOG --log-level warn --log-prefix "ABL:  SSH: "
${FW} -A SSH_ABL -j REJECT
${FW} -A SSH -m recent --name SSH --rcheck --seconds 2 -j LOG --log-level warn --log-prefix "RATE: "
${FW} -A SSH -m recent --name SSH --update --seconds 2 -j REJECT
${FW} -A SSH -m recent --name SSH_ABL --remove -j LOG --log-level warn --log-prefix "ABL: -SSH: "
${FW} -A SSH -m recent --name SSH --set -j ACCEPT
${FW} -A INPUT -m state --state NEW -p tcp -m tcp --dport ${SSHPORT} -j SSH

Note: This script is a slight modification of http://www.itwire.com/content/view/13841/53/1/1/