rohan-ZoXCoH7tja0-unsplash

How to Mount SMB Shares on Ubuntu

SMB is a client-server, document-sharing protocol that stands for Server Message Block which became invented through IBM in 1984 for the motive of permitting computer systems to get right of entry to documents for analyzing or writing on a far flung host the usage of the LAN (Local location community). The SMB protocol that makes to be had the documents or directories which can be accessed at the far flung host are known as shares. This way that we will mount a shared document or listing to our device the usage of the nearby location community. SMB became formerly called CIFS and is the antique model or dialect of SMB which stands for Common Internet File System which became created through Microsoft and is a specific implementation of the Server Message Block protocol. In this text, we can offer you with every and each little step on the way to mount SMB stocks on Ubuntu the usage of the Samba document server. Samba makes use of the SMB protocol and has the equal characteristic as SMB i-e permitting document sharing on Local location networks with different structures. But earlier than going ahead let me spotlight a factor that this article assumes which you have already shared a listing on a far flung device and you’ll get right of entry to that directory in this article.

Step1: Updating and upgrading apt-cache repository

The first step is to update our apt applications through the usage of the update command in our Ubuntu 20.04 terminal:

sudo apt update

All our applications are updated but if our applications aren’t updated then we need to run the subsequent command to upgrade:

$ sudo apt upgrade

Step2: Cifs-utils Package installation

$ sudo apt install cifs-utils

Step3: Creating Directory

$ sudo mkdir /media/share

Step4: Creating Credentials document

This step entails developing the credentials document in our domestic listing and with the use of .(dot) which is wanted for safety motives with the intention to make our document hidden. For this motive execute the underneath command a good way to open the document withinside the nano editor:

$ sudo nano /root/.examplecredentials

You can replace the name of the document with anything you need the document call to be:

Now that the document is opened kind the subsequent strains withinside the document a good way to be our samba username and password:

username=example_username
password=example_password

Next, we can make the /root/.examplecredentials document readable best and best for the foundation account for this reason will put restrict on all non-root money owed through executing the subsequent command in our Ubuntu 20.04 terminal:

$ sudo chmod 400 /root/.examplecredentials

Step5: Mount samba share

In this step we will execute the command which will mount the remote samba shared directory on our Ubuntu system:

$ sudo mount -t cifs -o rw,vers=3.0,credentials=/root/.examplecredentials
//192.168.18.112/sharedDir /media/share

Replace the IP Address in the above command where you have already shared a directory or folder on the remote system and if that is Ubuntu system then you can find the IP address with ip a command:

ip a

The IP address of the remote Ubuntu system from where sharedDir was shared is “192.168.18.112” which was provided in the above mount command.

Step6: Automount on system reboot

The manually mounted file system in the above step will not be mounted once our Ubuntu/system reboots, hence to solve this problem first we will open the /etc/fstab file in nano editor and then add some configuration to that file. To open the /etc/fstab file in the nano editor execute the following command:

sudo nano /etc/fstab

The above command will open /etc/fstab file and you will see something like shown below on your system screen:

Now add the following line in the file that was opened with the nano editor:

//192.168.18.112/share /media/share cifs vers=3.0,credentials=/.examplecredentials

Remember that you need to update the IP Address together along with your IP Address and then press CTRL+S to save the above document after which press CTRL+X to close the document.

Conclusion

SMB is a document-sharing protocol created for the motive of permitting computer systems to get right of entry to far flung structures documents over a LAN community and CIFS is a specific dialect of SMB having nearly the equal functionality. In this text, we confirmed you the way to mount SMB proportion on Ubuntu 20.04 the usage of the samba document server; but, the instructions used have been accepted and may be implemented on any Linux distribution.

Tags:

samba linux, linuxserver samba, samba unix, smbclient example, smbclient linux, ubuntu smb client, ubuntu 20.04 samba client
sigmund-AxAPuIRWHGk-unsplash

Top 5 tools to Remote Access in Linux

In this tutorial, I will display you tools that permit you to get right of entry to faraway Desktop on machines strolling CentOS/RHEL. All those apps work in client-server mode. So you want to run a server-aspect app for your faraway machine and after that, you may be capin a position to connect to it from everywhere in the world. Of course on this reference manual, I will inform you a way to configure this securely, so most effective you could get right of entry to your server. Before we begin, you’ll want SSH access on your server and permissions to put in the software. You will want to login as the root user or user with the sudo privileges. All instructions will work on each CentOS server 5/6/7/8. Before we start, you want to put in desktop surroundings on your server.

1) VNC

x11vnc – simplest of these three methods to get remote access. VNC stands for Virtual Network Computing) is a very useful network graphics protocol.

You need to enable EPEL (Extra Packages for Enterprise Linux) repository. Run

# yum -y install epel-release

Now we can install x11vnc. This command will install server and solve all dependencies:

# yum -y install x11vnc

Then we will protect server with password:

# x11vnc -storepasswd

Enter VNC password:

Verify password:

Write password to /root/.vnc/passwd? [y]/n y

Password written to: /root/.vnc/passwd

!Do not use simple passwords!

We are now ready to start server:

# x11vnc --reopen --forever -rfbauth ~/.vncpasswd &

You can check if servers started:

# netstat -an | grep 5900

tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN

tcp6 0 0 :::5900 :::* LISTEN

If it is ok, simply try to connect to it using vncviewer.

# yum -y install vnc
# vncviewer YOUR_SERVER_IP

That’s all! Now you have access to your desktop. After reboot just ssh again and do it again.

x11vnc --reopen --forever -rfbauth ~/.vnc/passwd &

2) TigerVNC server

TigerVNC – is a high-performance, platform-neutral implementation of VNC

# yum install -y tigervnc-server

Let’s copy example config and edit it:

# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
# vi /etc/systemd/system/vncserver@:1.service

Example of config:

[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
Requires=systemd-logind.service

[Service]
Type=oneshot
RemainAfterExit=yes

# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/sbin/runuser -l USERNAME -c "/usr/bin/vncserver %i"
ExecStop=/usr/sbin/runuser USERNAME -c '/usr/bin/vncserver -kill %i'

[Install]
WantedBy=multi-user.target

NOTE: You must change the USERNAME in the above config if you’ll use the same VNC setup. This is the configuration we used for this tutorial.

Now we must run vncpasswd command to setup our access password, and/or view-only password (a password that allows the user to only view the remote screen):

# vncpasswd 
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used

Now enable autostart service and restart it:

$ systemctl enable vncserver@:1.service
$ systemctl restart vncserver@:1.service

You can check the vnc service status by typing:

$ systemctl status vncserver@:1.service

If everything went ok, you should have similar terminal output to this:

$ systemctl status vncserver@:1.service
● vncserver@:1.service - Remote desktop service (VNC)
   Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
   Active: active (exited) since Wed 2020-09-30 22:04:47 CEST; 7s ago
  Process: 3766 ExecStart=/usr/sbin/runuser -l slax -c /usr/bin/vncserver %i (code=exited, status=0/SUCCESS)
  Process: 3761 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
 Main PID: 3766 (code=exited, status=0/SUCCESS)

Sep 30 22:04:44 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)...
Sep 30 22:04:47 localhost.localdomain systemd[1]: Started Remote desktop service (VNC).

And finally connect to it:

# vncviewer YOUR_SERVER_IP

3) XRDP

XRDP is an Open Source Remote desktop Protocol server. In order to use XRDP you need to have VNC service already installed. So you should follow the first or second option from this tutorial prior to XRDP installation.

First of all we need to install EPEL repository and xrdp server:

# yum -y install epel-release
# yum -y install xrdp

Now let’s start service:

# systemctl start xrdp.service 

Check if its running, and add it to autostart.

# netstat -an | grep 3389 
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN
# systemctl enable xrdp.service

Thats all. Now you can connect to your server from any Windows machine.

4) Teamviewer

Teamviewer does not exist in standard repos, so we need to install wget and download TeamViewer rpm package

# yum -y install wget
# wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm

Install it using this command:

# yum install teamviewer.x86_64.rpm

And set your password:

# teamviewer passwd YOUR_PASSWORD
ok
# systemctl start teamviewerd.service

Now you only need to get your id to connect:

# teamviewer –info
TeamViewer ID: 9XXXXXXX7

Try to connect to it using this id and password you set before:

5) FreeNX

FreeNX is a Remote Access solution based on enterprise-class open source technologies by NoMachine. If you want exactly this tool to get remote access, you may consider upgrading to cloud version.

First of all we need to add e EPEL + nux-dextop repositories, for Centos 6:

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -Uvh http://li.nux.ro/download/nux/dextop/el6/x86_64/nux-dextop-release-0-2.el6.nux.noarch.rpm

For Centos 7

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm

Install server and agent:

# yum install freenx-server nxagent 

Enable passdb authentication:

# echo 'ENABLE_PASSDB_AUTHENTICATION="1"' >> /etc/nxserver/node.conf

Now we need to create user for remote access and assign password for him:

# /usr/libexec/nx/nxserver --adduser bob 
NX> 100 NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: not detected)
NX> 1000 NXNODE - Version 3.2.0-74-SVN OS (GPL, using backend: not detected)
NX> 716 Public key added to: /home/bob/.ssh/authorized_keys2
NX> 1001 Bye.
NX> 999 Bye

#/usr/libexec/nx/nxserver --passwd bob 
NX> 100 NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: not detected)
New password:
Password changed.
NX> 999 Bye

Now we will install epel-repos and opennx client on your machine:

# yum install opennx

After beginning opennx wizard you’ll be requested approximately the consultation name, server address, and port. Most essential component is to installation your key. You’ll want to replicate the important thing from server’s /etc/nxserver/client.id_dsa.key and paste it into the overall tab of your client session properties. Please share your remarks in this educational and allow us to recognise in case you are privy to some other tools.

Tags:

rdp linux, xrdp ubuntu, linux remote desktop client, remote access in linux, linux rdp client, gnome remote desktop, linux rdp server
bckuprsync-script

Create a Shell Script to Backup Files and Directories Using rsync

This article we deliver shell scripts to backup your documents and directories from you nearby Linux system to a faraway Linux server the use of rsync command. This could be an interactive manner to carry out backup, in which you want to offer faraway backup server hostname/ip deal with and folder location. We maintain a separate report in which you want to offer documents and directories that want backup. We have brought scripts in which first script ask password after every report have been copied (when you have enabled ssh authentication keys , then password might be now no longer be asked) and in 2d script password might be precipitated most effective once. We are going to backup bckup.txt, dataconfig.txt, docs and oracledb.

[root@Fedora21 tmp]# ls -l
total 12
-rw-r–r–. 1 root root 0 May 15 10:43 bckrsync.sh
-rw-r–r–. 1 root root 0 May 15 10:44 bckup.txt
-rw-r–r–. 1 root root 0 May 15 10:46 dataconfig.txt
drwxr-xr-x. 2 root root 4096 May 15 10:45 docs
drwxr-xr-x. 2 root root 4096 May 15 10:44 oracledb

This file contains backup files / dir details

[root@Fedora21 tmp]# cat /tmp/bckup.txt
/tmp/oracledb
/tmp/dataconfig.txt
/tmp/docs
[root@Fedora21 tmp]#

Script 1 :

#!/bin/bash

#We will save path to backup file in variable
backupf='/tmp/bckup.txt'

#Next line just prints message
echo "Shell Script Backup Your Files / Directories Using rsync"

#next line check if entered value is not null, and if null it will reask user to enter Destination Server
while [ x$desthost = "x" ]; do

#next line prints what userd should enter, and stores entered value to variable with name desthost
read -p "Destination backup Server : " desthost

#next line finishes while loop
done

#next line check if entered value is not null, and if null it will reask user to enter Destination Path
while [ x$destpath = "x" ]; do

#next line prints what userd should enter, and stores entered value to variable with name destpath
read -p "Destination Folder : " destpath

#next line finishes while loop
done

#Next line will start reading backup file line by line
for line in `cat $backupf`

#and on each line will execute next
do

#print message that file/dir will be copied
echo "Copying $line ... "
#copy via rsync file/dir to destination

rsync -ar "$line" "$desthost":"$destpath"

#this line just print done
echo "DONE"

#end of reading backup file
done

Running the script with output

[root@Fedora21 tmp]# ./bckrsync.sh
Shell Script Backup Your Files / Directories Using rsync
Destination backup Server : 104.*.*.41
Destination Folder : /tmp
Copying /tmp/oracledb ...
The authenticity of host '104.*.*.41 (104.*.*.41)' can't be established.
ECDSA key fingerprint is 96:11:61:17:7f:fa:......
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '104.*.*.41' (ECDSA) to the list of known hosts.
root@104.*.*.41's password:
DONE
Copying /tmp/dataconfig.txt ...
root@104.*.*.41's password:
DONE
Copying /tmp/docs ...
root@104.*.*.41's password:
DONE
[root@Fedora21 tmp]#

Script 2 :

#!/bin/bash

#We will save path to backup file in variable
backupf='/tmp/bckup.txt'

#Next line just prints message
echo "Shell Script Backup Your Files / Directories Using rsync"

#next line check if entered value is not null, and if null it will reask user to enter Destination Server
while [ x$desthost = "x" ]; do

#next line prints what userd should enter, and stores entered value to variable with name desthost
read -p "Destination backup Server : " desthost

#next line finishes while loop
done

#next line check if entered value is not null, and if null it will reask user to enter Destination Path
while [ x$destpath = "x" ]; do

#next line prints what userd should enter, and stores entered value to variable with name destpath
read -p "Destination Folder : " destpath

#next line finishes while loop
done

#next line check if entered value is not null, and if null it will reask user to enter password
while [ x$password = "x" ]; do
#next line prints what userd should enter, and stores entered value to variable with name password. #To hide password we are using -s key
read -sp "Password : " password
#next line finishes while loop
done

#Next line will start reading backup file line by line
for line in `cat $backupf`

#and on each line will execute next
do

#print message that file/dir will be copied
echo "Copying $line ... "
#we will use expect tool to enter password inside script
/usr/bin/expect << EOD
#next line set timeout to -1, recommended to use
set timeout -1
#copy via rsync file/dir to destination, using part of expect — spawn command

spawn rsync -ar ${line} ${desthost}:${destpath}
#as result of previous command we expect “password” promtp
expect "*?assword:*"
#next command enters password from script
send "${password}\r"
#next command tells that we expect end of file (everything finished on remote server)
expect eof
#end of expect pard
EOD
#this line just print done
echo "DONE"

#end of reading backup file
done

Screenshot running the second script with output

Tags:

rsync, rsync linux, rsync ssh, rsync over ssh, rsync remote to local, linux rsync examples, bash script, shell script, bash in linux, linux script
gabriel-heinzer-xbEVM6oJ1Fs-unsplash

How to Setup Cron Job on Linux with Examples

Crontab record shops the cron jobs in Linux. Cron jobs (cron) runs periodically at constant time, dates and intervals. Its equal in Windows is scheduled task. All repetitive responsibilities may be scheduled the use of cron. Crontab record is the configuration record which includes records approximately the time and command/scripts to execute. In this educational we examine Linux crontab with examples to time table jobs. Crontab Syntax Each line in crontab record represents a job. It incorporates 5 fields accompanied via way of means of a shell command or script to execute.

Syntax:

* (Minute) *(Hour) * (Day of the Month) *(Month of the Year) *(Day of the Week) username <path to command/script to execute
*MinuteThis field value is between 0 – 59
*HourThis field value is between 0 – 23
*Day of the monthThis field value is between 1 – 31
*Month of the yearThis field value is between 1 – 12. First 3 alphabet of month is also accepted like jan, feb, mar
*Day of the weekThis field value is between 0 – 7. Where 0 and 7 is Sunday. 1 is Monday, 2 is Tuesday , like wise

Define multiple values or ranges

To define multiple values and ranges use comma (,) and hyphen (-). The asterisk (*) matches anything. For example, to show multiple values use 1,2,3 or mon,tue,wed and for ranges can use 1-3 or mon-wed.

How to use crotab

crontab command is used to open and edit/add cron jobs. The cron daemon that run on Linux execute scheduled jobs at time define in the crontab ( cron table). The main system-wide crontab file is /etc/crontab.

Cron is by default installed in most Linux Distributions. Each user in the Linux system can manage their own cron jobs. Each user cron is stored under /var/spool/cron/crontabs/. The cron daemon runs both user and system crontab.

Cron daemon has some default $PATH defined, which you can find in /etc/crontab. If its not define either use absolute path or add to the cron $PATH variable.

Cron mail notification by default is sent to owner of the crontab. To change this, edit MAILTO environment variable.

Cron logs are stored in /var/log/syslog on Ubuntu/Debian systems and in /var/log/cron on Redhat/Rocky Linux. You can filter the log file using grep command to verify the cron job ran successfully or not.

1. Edit/add Crontab

To edit (existing jobs) or add new cron use crontab -e command. This will open an editor for the current user.

$ crontab -e

To edit another user crontab file, type:

$ crotab -u username -e

Or simply run crontab -e command by logged in as that user.

2. List Cron Jobs

To list all jobs of the current user, type:

$ crontab -l

To list all cron jobs for a specified user, type:

$ crontab -u -l 

3. Remove cron jobs

To remove all cron jobs of the current user, execute the following command:

# crontab -r

Note: This will remove all the cron jobs without asking for confirmation.

If you want to delete interactively, you need to use the following command:

# crontab -ir

Crontab Jobs Examples

Let’s check some crontab examples for scheduling cron jobs.

1. Run cron jobs every 12 hours

This helps for regular system checks or backups. To schedule a task to run every 12 hours, type:

0 */12 * * * /scripts/test.sh

2. Run cron job every 5 minutes

Sometimes you need to monitor your system every n minutes. Use the following expression to run the task every 5 minutes.

*/5 * * * * /scripts/test.sh

3. Run cron job every day at 2 am

Everyday backup can be scheduled for a specific time. The following expression runs the cron job at 2 am every day.

0 2 * * * /script/test.sh

To schedule a cron job every day at 2 pm, cron use 24 hours clock.

0 14 * * * /script/test.sh

4. Run cron job every day at 12:30 am

30 12 * * * /script/test.sh

5. Run cron job every minute

For example, you have a script that needs to be run every minute, use the following expression.

* * * * * /scripts/test.sh

6. Run cron job at certain minutes

Use the following cron expression to run the script at minutes 2, 15, and 30.

2,15,30 * * * * /scripts/test.sh

7. Run cron job to run every Saturday at 1 AM

This helps you nee to run the backup on Saturday at a specific time. The following expression helps to cron job on every Saturday at 1 AM.

0 1 * * sat /scripts/test.sh

8. Run cron job to run on specific Months

To run cron jobs at 01:00 on the 1st day of the month on January, April, and June.

0 1 1 jan,apr,jun *  /script/test.sh 

9. Run cron job on selected days

To run cron jobs on selected days such as Saturday and Sunday, use:

0 4 * * sat,sun  /script/test.sh

10. Run cron jobs at certain hours of the day

At minute 0 past every hour from 9 through 17

0 9-17 * * * /script/test.sh

11. Run cron job twice on every Saturday and Sunday

Cron jobs allow running tasks on specific hours on specific days

0 2,23 * * sat,sun /scripts/test.sh

12. Run cron job for a range of Monday to Friday

At 02:00 on every day-of-week from Monday through Friday.

0 2 * * mon-fri /scripts/test.sh

13. Run cron job monthly

Instead of using 0 0 1 * *, you can use shortcut using @monthly. It runs at 00:00 on the 1st day of month. Alternatively you can place your script under /etc/cron.monthly/.

@monthly /scripts/test.sh

14. Run cron job weekly

Instead of using 0 0 * * mon, you can use shortcut using @weekly. It runs at 00:00 on Monday. Alternatively you can place your script under /etc/cron.weekly/.

@weekly /scripts/test.sh

15. Run cron job daily

Instead of using 0 0 * * *, you can use shortcut using @daily. It runs at 00:00 every day. Alternatively you can place your script under /etc/cron.daily/.

@daily /scripts/test.sh

16. Run cron job hourly

Instead of using 0 */1 * * *, you can use shortcut using @hourly. It runs at 0 minutes past every hour. Alternatively you can place your script under /etc/cron.hourly/.

@hourly /scripts/test.sh

17. Run cron job on reboot

To run a task at every system reboot use @reboot string. The script will execute after rebooting.

@reboot /scripts/test.sh

18. Run cron job every 30 seconds

Cron only allows to run for a minimum of 60 seconds. There is no straightforward method to schedule a job to run every 30 seconds.

But we can use a work around by increasing the delay by 30 seconds.

 * * * * /scripts/run.sh
 * * * *  sleep 30; /scripts/run.sh 

19. Run a cron job and redirect the output

This will run the php script every 3 minutes and redirect the output to a file.

*/3 * * * * /usr/bin/php /script/run.php >> /var/log/run.log

20. Run cron job to execute multiple commands

To run cron to execute multiple commands, use the operator && between the commands.

0 */12 * * Sun command1 && command2

Backup cron jobs

To backup cron, use the following command

# crontab -l > /backup/cron/root-bckup

To backup cron of a specific user, type:

# crontab -u userName -l > /backup/cron/user-bckup.txt

To restore cron from the backup file, simple use:

# crontab /backup/cron/root-backup.txt

Conclusion

In this tutorial we learned about crontab in Linux and examples to schedule cron jobs.

If you have any feedback and suggestion please comment below.

Tags:

cronjob, cron job schedule, cron every 5 minutes, crontab in linux, cron job syntax, crontab example, cron every minute, cron run every hour
stephen-phillips-hostreviews-co-uk-2kH-6T6x_0I-unsplash

How to setup a Free SSL in Apache Ubuntu 20.04

Enabling stable conversation to your Apache net server is one of the first matters which you ought to do even as placing it up. This does now no longer ought to value a fortune. As a count of fact, you could truely acquire SSL/TLS certificate from Let’s Encrypt and also you do now no longer ought to pay anything. Let’s Encrypt is a nonprofit initiative (courtesy: Internet Security Research Group) that pursuits to offer loose virtual certificate to allow HTTPS for web sites. In this tutorial, we are able to display you a way to allow HTTPS for Apache2 hosted web sites jogging on Ubuntu 20.04.

Prerequisites

  • Apache2 hosted internet site running on Ubuntu 20.04
  • A user account with sudo capabilities

Install Certbot Snap

Put simply, snaps are self-contained apps that could run on more than one Linux distributions. The Certbot snap is a tool that automates the venture of acquiring loose SSL/TLS certificate from Let’s Encrypt. You handiest want to run the Certbot device as soon as and you’ll revel in loose SSL/TLS certificate forever. Snap comes pre-mounted on Ubuntu 20.04. Firstly, run the instructions beneath to replace snapd that’s a historical past system that manages snaps.

$ sudo snap install core
$ sudo snap refresh core

If applicable, run the subsequent command to dispose of any current certbot apps which can also additionally were formerly hooked up the use of the apt or apt-get utility. This is to keep away from conflicts.

$ sudo apt remove certbot

After that, the Certbot snap may be without difficulty hooked up with the command below.

$ sudo snap install --classic certbot

To make sure that the certbot command works properly, create a symbolic hyperlink as follows.

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

Install Certificates from Let’s Encrypt

And right here comes the high-quality part. When you run the simple command below, you may get a certificates from Let’s Encrypt. In addition, Certbot will mechanically replace your Apache configuration to permit HTTPS on your websites.

$ sudo certbot --apache

Once executed, you’ll be requested to offer primary statistics together with your e mail cope with in which certificates renewal notices have to be despatched to. Most importantly, certbot will ask you to select the domains for that you would really like to permit HTTPS.

After the Certbot device runs successfully, a message can be displayed indicating that HTTPS become enabled on your detailed domains.


Run the following command and you may see that certbot routinely created SSL configuration documents accordingly.

$ sudo ls /etc/apache2/sites-available

To take a look at the SSL configuration, go to your website in a web browser. If you notice a lock icon, the whole thing is in order.

Also Read: How to find when a Linux file is created (Super Geeky Stuff)

How to create your own Minecraft Server

How to setup PhpPgAdmin in CentOS

How to Renew Let’s Encrypt Certificates

Your certificate could be saved in /etc/letsencrypt/live/yourdomain.com. Certbot will robotically renew your certificate earlier than they expire. Nevertheless, you could run the subsequent command to check the automated renewal process.

$ sudo certbot renew --dry-run

Conclusion

In this guide, we confirmed the way to stable Apache with unfastened SSL/TLS certificate from Let’s Encrypt on Ubuntu 20.04. By the use of certbot, you could rest confident that HTTPS will continually be enabled to your web sites as you do now no longer even must fear approximately guide renewals.

Tags:

free ssl certificate, free ssl, free ssl cert, let’s encrypt ssl, lets encrypt ssl, free ssl certificate generator, free ssl certificate for website, free certificate authority, free certificate https,free ssl certificate 1 year, generate free certificate
sai-kiran-anagani-Tjbk79TARiE-unsplash

How to Check Open Ports in Linux

During the troubleshooting of offerings strolling on a Linux system, checking open ports is one of the obligations any consumer or administrator have to bear in mind performing. If a carrier is predicted to be strolling however for a few motive it is not, then maximum probably the port related to that carrier is closed and have to be opened. In this tutorial, we are able to exhibit how to test open ports in a Linux from the command line.

Check open ports with the use of ss command

The Linux ss command offers you designated insights on open ports and listening sockets. It attracts facts from the Linux kernel and is greater favored to the netstat command which has been deprecated.

$ ss -tl

Sample output

l – Shows listening sockets

t – Stands for TCP port

To display listening  UDP connections, issue the command

$ ss -lu

Sample output

u – Stands for UDP port

or

To display both tcp and udp, process name

$ ss -lntup

p – List process name that opened sockets

To print out all socket connections, simply use the ss command in its default format

$ ss

Sample output

Check open ports using netstat command

The netstat command is a effective command device this is used for checking open TCP and UDP ports along different attributes. To take a look at open ports, difficulty the command:

$ netstat -pnltu


Let’s take a better have a take a observe the command options:

p – Displays the Procees ID related to a provider or Program name

n – Displays the numerical variety of the port walking e.g 3306 for mysqld, and 22 for sshd.

l – Shows listening sockets

t – Displays TCP connections

u – Displays UDP connections

Check open ports the usage of the lsof command

The lsof command is a community command toolthat also can be used to test open ports in a Linux system. To show open ports, difficulty the command

$ lsof -i

Sample output

If you wish to display open sockets, use the lsof command and pipe the output to grep as shown:

$ lsof -n -P | grep LISTEN

Sample output

To view all TCP connections execute :

$ lsof -i tcp

Sample output

To display all UDP  connections run the command:

$ lsof -i udp

Sample output

Conclusion

Those are the linux instructions and equipment used for port scanning to test open ports in a Linux system. As always, your comments is most welcome. If you’ve got got different thoughts on how to test open ports, do get in contact with us.

Also Read : How to install Lynis Security Auditing tool in Ubuntu

How to setup Docker-Compose in Ubuntu 20.04

How to find when a Linux file is created (Super Geeky Stuff)

Tags:

open port linux, check open ports linux, ubuntu open port, linux list open ports, netstat, ss command, ss command linux, lsof command, lsof command linux, check if port is open linux, ubuntu check open ports, linux open port command, list ports in use linux
mika-baumeister-J5yoGZLdpSI-unsplash

How to install Lynis Security Auditing tool in Ubuntu

Lynis is an open-supply and depended on safety auditing tool designed for Linux, macOS, and UNIX derivatives which include FreeBSD and OpenBSD. It is used for some of functions which includes safety auditing, vulnerability detection, and compliance testing. The goal of leveraging an auditing device which include Lynis is to probe and clear up any underlying safety vulnerabilities, and configuration mistakes which include susceptible consumer account passwords or irrelevant document permissions that could compromise the gadget in face of an attack. In this tutorial, you’ll discover ways to set up Lynis on Ubuntu 20.04. There are some of methods of putting in Lynis. You can set up from Ubuntu repositories the usage of the APT bundle supervisor or from the legit network repository.

Install the Lynis on Ubuntu

Granted, you may install Lynis from Ubuntu repositories. However, this may now no longer continually get you the cutting-edge model. For example, on the time of scripting this guide, the cutting-edge model of Lynis is Lynis version 3.0.6. The model hosted at the Ubuntu repository is older because the command under confirms this.

$ apt-cache policy lynis

From the output, we will see that the present day model hosted at the Ubuntu repository is Lynis 2.6.2-1. If you desire to put in the present day model of Lynis, the quality method is to put in it from the Offical Lynis Community repository. To attain this, first, update your system

$ sudo apt update

Next, download the signing key from the central keyserver:

$ wget -O - https://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add -

Next, enable the Lynis community repository as follows:

$ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list

With that done, refresh the system once more so that the system can be made aware of the newly added repository.

$ sudo apt update

Now proceed to the next step in order to install Lynis.

Finally, to install Lynis, use the following APT command:

$ sudo apt install Lynis

Once the installation is complete, verify the version of Lynis installed.

$ lynis show version

You can verify if there is an available update as follows:

$ lynis update info

If you’ve got got freshly mounted Lynis from its reliable repository, make sure that this can continually be updated as illustrated withinside the output.

Some of the Lynis Commands

Lynis is already installed. Let’s spare a few second and notice how you could use the device to carry out a few safety auditing. To show the instructions that you could run the usage of Lynis, execute:

$ lynis show commands

Lynis additionally ships with a few audit profiles. A profile is synonymous with a configuration record that determines or spells out how a protection audit need to be carried out. The profiles are commonly determined in the /etc/lynis directory. To listing the audit profiles, run the command:

$ lynis show profiles 

In addition, you can display Lynis settings as follows.

 $ lynis show settings 

Let’s Perform a Basic Audit

To perform a basic security audit of your system, run the command:

$ sudo lynis audit system

When this command is executed, Lynis probes the device and software program configuration for any capacity weaknesses or loopholes. Lynis then logs the audit statistics in the /var/log/lynis.log document and shops the audit file in the /var/log/lynis-file.dat document. Key regions that Lynis plays device tests on include:

Key regions that Lynis plays device tests on include:

Boot loader documents

Software applications

Configuration documents

Directories related to logging and auditing

During the device audit, you’re probable to encounter unique auditing effects with key phrases consisting of Found, OK, Not Found, Suggestion, Warning, and so on.

Special interest must take delivery of to the machine tests that yield a “Warning” alert. Action must be taken to remedy the difficulty defined as this may probably undermine the safety of your machine. From our audit check, Lynis flagged an difficulty to do with domestic listing permissions.

At the stop of the scan, you may be furnished with a precis of the audit that consists of warnings and pointers that you may take to harden the safety of your machine. Accompanying every thought is a URL that gives extra data approximately the thought that goals at enhancing or hardening your machine security.

Conclusion

As you’ve got got seen, it`s pretty smooth to put in Lynis and run audit reports. This gives much-wanted visibility to your gadget and gives you key recommendations to your you may enhance your server’s security. And it’s it! We desire which you observed this manual insightful.

Tags:

lynis, lynis linux, lynis github, lynis ubuntu, lynis malware scanner, linux lynis, lynis scan, linux audit tool, lynis audit, cisofy lynis, linux security audit tool, lynis vulnerability scanner, lynis audit system remote
mohammad-rahmani-1VW6HLOQE5A-unsplash

How to setup Docker-Compose in Ubuntu 20.04

Docker Compose is an open-supply field device for running a multi-field Docker utility. Docker Compose makes use of a YAML syntax structure, this is normally used for configuration documents and to outline and run fieldprimarily based totally applications. Compose additionally guide to outline and configure utility‘s offerings in YAML format. The principal benefit of Docker Compose is that you could outline a multi-field utility in one single file, in an effort to spin up the utility with only a single command which does want to be finished to get it jogging. With Compose you could control the entire lifecycle of utility: Managing offerings with start, stop, or rebuild View the popularity of running services Output the log of running services Run a one-off command on a service In this tutorial, we discover ways to set up Docker-compose on Ubuntu 20.04, and a way to run the sample-container app.

Install Docker Compose on Ubuntu

For successful installation of Docker Compose, need to have Docker installed on Ubuntu 20.04.

Read Now: How to setup Docker in Ubuntu 20.04

After installing Docker, you can verify that docker is installed and version with following command:

$ docker version

Output:

Client: Docker Engine - Community
  Version:           20.10.6
  API version:       1.41
  Go version:        go1.13.15
  Git commit:        370c289
  Built:             Fri Apr  9 22:47:17 2021
  OS/Arch:           linux/amd64
  Context:           default
  Experimental:      true
 Server: Docker Engine - Community
  Engine:
   Version:          20.10.6
   API version:      1.41 (minimum version 1.12)
   Go version:       go1.13.15
   Git commit:       8728dd2
   Built:            Fri Apr  9 22:45:28 2021
   OS/Arch:          linux/amd64
   Experimental:     false
  containerd:
   Version:          1.4.4
   GitCommit:        05f951a3781f4f2c1911b05e61c160e9c30eaa8e
  runc:
   Version:          1.0.0-rc93
   GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
  docker-init:
   Version:          0.19.0
   GitCommit:        de40ad0

Since we now have a Docker, we are ready to install Docker compose.

To install docker compose from the Official Ubuntu repository, run:

$ sudo apt install docker-compose
This option will not guarantee that you downloading the latest docker-compose version.

Instead of downloading Docker Compose from the Ubuntu repository, we are suggesting downloading the binary package using an URL with the curl command:

$ sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

This command saves the file in: /usr/local/bin directory, under the name docker-compose.

Output:

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
100       633   100      633    0     0     5456      0 --:--:-- --:--:-- --:--:--   5456
100  12.1M   100  12.1M    0     0  40.0M      0 --:--:-- --:--:-- --:--:-- 40.0M

Next, we need to change the file permission, making the downloaded file executable with the following command:

$ sudo chmod +x /usr/local/bin/docker-compose

Verify installation, and check Docker Compose version:

$ docker–compose –version

Output:

docker-compose version 1.29.2, build 5becea4c

Test Docker Compose with Sample Container

Create new directory for your sample container example:

$ mkdir docker-compose-test

Change directory that you just created:

$ cd docker-compose-test

From there, create a YAML configuration file:

$ sudo nano docker-compose.yaml

And copy the following configuration into docker-compose.yaml file that you just opened:

version: '2' 
services:
     hello_world:
          image: ubuntu
          command: [/bin/echo, 'Hello world']

Save this, and run:

$ docker-compose up 

You need to see steps for:

  • pulling hello_world(ubuntu)
  • Downloaded picture for ubuntu:latest
  • Creating docker-compose-test_hello_world_1
  • Attaching to docker-compose-test_hello_world_1
  • Docker-compose the use of folder call because the venture call to prefix boxes and networks.


This created the box from the ubuntu picture, and run instructions that have been particular at the docker-compose.yaml.

Conclusion

In this tutorial, we discovered the way to deployation Docker-compose on Ubuntu 20.04, and the way to run the sample-box app. Docker-compose permits you to run more than one docker boxes on only a unmarried host, in case you want to run more than one boxes on more than one nodes, please check with answers which include Kubernetes or Swarm.

Tags:

docker compose, docker compose up, installing docker compose, docker compose command, docker compose file, dockercompose yml, docker compose example, docker compose env file, docker compose environment, docker compose env, docker compose ubuntu, docker compose network_mode
kevin-horvat-Pyjp2zmxuLk-unsplash

How to find when a Linux file is created (Super Geeky Stuff)

In Linux systems, the whole lot is dealt with like a document and essential metadata approximately a document consisting of the advent and modification date are saved in inodes. In this tutorial, we can display you the way to locate document creation time with the usage of debugfs command.

Find file creation time

To get the advent time, you first want to locate the inode quantity of the goal document by using the stat command. The stat command is a command-line tool used to print distinct statistics about a document‘s metadata such as:

  • File size
  • Inode quantity
  • UID & GID of the document
  • I/O Block Access,
  • change and extrade times

You can use the stat command in its primary shape to test the inode quantity of the document the use of the syntax:

$ stat filename

For example:

$ stat file1.txt

The command offers us the inode variety of the file ‘file1.txt’ as 1078474. To bypass all of the different records and simply show the inode variety alone, use the syntax:

$ stat -c %i file_name

For example:

$ stat -c %i file1.txt

Once you’ve got got the inode number, you may continue to effortlessly get the document introduction time the use of the debugfs command the use of the syntax shown:

$  sudo debugfs -R 'stat <inode number>' DEVICE

The DEVICE represents the block tool wherein your document is living for example /dev/sda1, /dev/sda2 etc. To take a look at the block tool run the command:

$ lsblk

Using the inode variety we were given earlier on, the command will consequently be:

$  sudo debugfs -R 'stat <1078474>' /dev/sda

The advent time is prefixed through the directive crtime: as proven withinside the output above. We can see that the record became created at the 13th Fri December 2019 at 01:39:18 hrs. Alternatively, rather than specifying the inode number, you may pass the overall direction to the record as shown:

$  sudo debugfs -R 'stat /home/winnie/file1.txt' /dev/sda1

The above command will yield the equal effects as while you are the usage of the inode number.

Conclusion

And this wraps up this tutorial, hoping Linux might have a simple command to discover record advent time. Here we’ve got used debugfs command to test the advent time of a record.

Tags:

debugfs, debugfs linux, mount debugfs, linux find file, date time, linux time, ubuntu, debian, security
rubaitul-azad-HSACbYjZsqQ-unsplash

How to setup Docker in Ubuntu 20.04

Docker is a maximum famous, open-supply platform for builders and machine directors to build, run, and percentage packages with packing containers. Containerization (using packing containers to install packages) is turning into famous due to the fact containers are flexible, lightweight, portable, loosely coupled, scalable, and extra secure. This article is a superb place to begin for novices to discover ways to set up and use Docker on a Ubuntu 20.04 Linux machine with a few fundamental commands. For this guide, we can set up Docker Community Edition (CE).

Installing Docker on Ubuntu 20.04

To use the brand new version of Docker, we are able to set up it from the reputable Docker repository. So, begin with the aid of using including the GPG key for the reputable Docker repository in your system, after that upload the repository configuration to the APT supply with the subsequent commands.

$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"

Now replace the APT bundle cache to consist of the brand new Docker programs to the device the use of the subsequent command

$ sudo apt update

Next, deploy the Docker bundle.

$ sudo apt install docker-ce

During the Docker bundle set up process, the bundle installer triggers the systemd (device and carrier manager) to mechanically begin and permit the docker carrier. Using the subsequent instructions to verify that the docker carrier is active and is enabled to automatically begin at device startup. Also, take a look at its status:

$ sudo systemctl is-active docker
$ sudo systemctl is-enabled docker
$ sudo systemctl status docker

To take a look at the model of Docker CE established to your system, run the subsequent command:

$ docker version

You can view available docker utilization instructions by running the docker command with none alternatives or arguments:

$ docker

Setup Docker as a Non-Root User

By default, the Docker daemon binds to a UNIX socket (as opposed to a TCP port) that is owned via way of means of the consumer root. Therefore the Docker daemon continually runs as the basis consumer and to run the docker command, you need to apply sudo. Besides, throughout the Docker package deal installation, a set referred to as docker is created. When the Docker daemon starts, it creates a UNIX socket reachable via way of means of participants of the docker organization (which presents privileges equal to the basis consumer). To run the docker command without sudo, upload all non-root users who’re alleged to access docker, in the docker organization as follows. In this example, the command provides the presently logged on user ($USER) or username to the docker organization:

$ sudo usermod -aG docker $USER
OR
$ sudo usermod -aG docker username

To spark off the modifications to groups, run the subsequent command:

$ newgrp docker 
$ groups

Next, affirm that you could run docker instructions with out sudo. The following command downloads a take a look at photo and runs it in a container. Once the container is running, it prints an informational message and exits. This is likewise some other manner to cross-test whether or not your set up is running fine.

$ docker run hello-world

That’s all! In this guide, we’veincludeda way toset up and use Docker CE in Ubuntu 20.04 Linux. If you’ve got got any questions, use the the comments to reminds us

Tags:

install docker ubuntu, docker ubuntu, install docker linux, docker ubuntu image, install docker compose ubuntu, install docker ubuntu 20.04, install docker on ubuntu 20.04, docker ubuntu 20.04, install docker in ubuntu, ubuntu docker container, install docker on amazon linux, ubuntu server docker