Bala's Blog

Thursday, September 27, 2018

Command line colours

Hi

Get the bolded lines in .bashrc to turn on appropriate colors.

# should be on the output of commands, not on the prompt

force_color_prompt=yes

if [ -n "$force_color_prompt" ]; then

if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then

# We have color support; assume it's compliant with Ecma-48

# (ISO/IEC-6429). (Lack of such support is extremely rare, and such

# a case would tend to support setf rather than setaf.)

color_prompt=yes

else

color_prompt=

if [ "$color_prompt" = yes ]; then

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u\[\033[01;36m\]@\[\033[01;32m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[01:36m\]\$\[\033[01;33m\] '

trap "tput sgr0" DEBUG

else

PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '

if [ "$color_prompt" = yes ]; then

    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u\[\033[01;96m\]@\[\033[01;32m\]\h\[\033[00m\]:\[\033[01;96m\]\w\[\033[01:96m\]\$\[\033[01;93m\] '

    trap "tput sgr0" DEBUG    

#PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u\[\033[01;96m\]@\[\033[01;32m\]\h\[\033[00m\]:\[\033[01;96m\]\w\[\033[00m\]\[\033[01;95m\]\$\[\033[01;93m\] '
trap "tput sgr0" DEBUG
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi

Tuesday, February 6, 2018

Email Server in Ubuntu 14.04

For this setup I followed the youtube link given below so kudos to that guy. The documentation is a bit poor. However if you listed to that video then this becomes cake walk. I have bolded all the command entered in the terminal.

Email server using ubuntu 14.04
https://www.youtube.com/watch?v=2pMC-6LVLLg

1. Vi /etc/hosts
127.0.1.1 mail.robert.com mail

2. vi /etc/hostname
mail

3. reboot

4. apt-get update -y; apt-get dist-upgrade -y

5. apt-get install postfix -y

Press enter twice, Internet site and

6. sudo dpkg-reconfigure postfix

* Let it be internet site
* Let it just be the main domain e.g. robert.com
* Other destinations to accept email for
mail.rober.com, localhost.robert.com, , localhost, robert.com
* Force sync update press no for that.
* Local network
Add up 10.10.10.0/24
* Put 0 for mailbox size limit.
* Leave + for local address extension character
* ipv4 for internet protocol.

Now we edit postfix

vi /etc/postfix/main.cf

home_mailbox = Maildir/
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = robert.com
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject unknown client hostname
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes

7. Certificates
$ openssl genrsa -des3 -out server.key 4096
enter and verify pass phrase

8.
$ openssl rsa -in server.key -out server.key.insecure
Enter and verify pass phrase

9. mv server.key server.key.secure
mv server.key.insecure server.key

openssl req -new -key server.key -out server.csr
For Common Name alone put robert.com

10.
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private

sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'
sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'

sudo nano /etc/postfix
we can see the key and cert file getting added up.

11. vi /etc/postfix/master.cf
uncomment
submission inet n
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_saslauth_enable=yes
-o smtpd_relay_restictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

under smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes

12. apt-get install dovcot-common -y
* Press Yes for self signed cert
* Host name as mail.robert.com and press okay.

vi /etc/dovecot/conf.d/10-master.conf

uncomment
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}

vi /etc/dovecot/conf.d/10-auth.conf
auth_mechanisms = plain login

sudo service postfix restart
sudo service dovecot restart

Both of these should connect
nc mail.robert.com 25
nc mail.robert.com 586

sudo apt-get install dovecot-imapd dovecot-pop3d -y

vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir

vi /etc/dovecot/conf.d/20-pop3.conf
Uncomment the line
pop3_uidl_format = %08Xu%08Xv

vi /etc/dovecot/conf.d/10-ssl.conf
uncomment the line
ssl = yes

sudo service dovecot restart

nc mail.robert.com 110
nc mail.robert.com 995
nc mail.robert.com 993
nc mail.robert.com 143

Friday, June 9, 2017

Linux - find command

This command will search for all file type with a case insensitive ending of .conf.
find . -type f -iname "*.conf"

This will do the same search however only in the current directory, means it will not recurse through the directory.
find . -maxdepth 1 -type f -iname "*.conf"

This search will search for all file over 50 Kilobytes. If we replace k with M we get megabytes I suppose (Would it kill you to look up the man page yourself ?).
find . -maxdepth 1 -type f -iname "*.conf" -size +50k

Tuesday, April 25, 2017

GSO, TSO and UFO ethtool for nic

Wonderful article at https://www.coverfire.com/articles/queueing-in-the-linux-network-stack/

Tuesday, March 7, 2017

Shadow file line

balatesting:$6$mgdrjbp6$CuWkPbZHHZpYanP5zJZWwS1awzdh4objOvsfJ.IrIqmYgu1.h5oIu.UvrMysy/NFaZEdS8Zm4jN8Mv/oJor.y.:17232:0:99999:7:::

Saturday, February 25, 2017

Basic Email server in Ubuntu

Here we will see about the installation of a basic SMTP server on Ubuntu

$ sudo apt-get update

# apt-get update –fix-missing

# apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd dovecot-pop3d squirrelmail

Click okay for Internet Site

Let us cd /etc/bind

# vim named.conf.local be very careful about the style of quotes it is a normal double quote msword will put curly quotes which will not get interpreted correctly.

zone “mark.net” {

type master;

file “/etc/bind/db.mark”;

};

zone “0.168.192.in-addr.arpa” {

type master;

file “/etc/bind/db.192”;

};

# cp db.local db.mark

# cp db.127 db.192

# vim db.mark

$TTL 604800

@ IN SOA ns.mark.net. root.mark.net. (

2 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

;

@ IN NS ns.mark.net.

@ IN A 192.168.0.1

ns IN A 192.168.0.1

IN MX 10 mail.mark.net.

www IN CNAME ns

mail IN CNAME ns

# vim db.192

$TTL 604800

@ IN SOA ns.mark.net. root.mark.net. (

1 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

;

@ IN NS ns.mark.net.

1 IN PTR ns.mark.net

Now we will restart bind9

# invoke-rc.d bind9 restart

Now when we do nslookup mail.mark.net we should get the IP of our mail server.

When we do a dig mail.mark.net we should get answers from mark.db file of bind9 conf.

Now let us work on the configuration of apache2 configuration file.

# cd /etc/apache2/sites-available/

# ls -l

# cp default mail.conf

# vim mail.conf

Now under VirutalHost directive under ServerAdmin let add the first line and update DocumentRoot

ServerAdmin webmaster@localhost

ServerName mail.mark.net

DocumentRoot /usr/share/squirrelmail

# Change the next Directory line as shown below.

Next we should try to enable that site with # a2ensite mail

Then try to reload apache2 service.

service apache2 reload

Now let us try to reconfigure postfix

# dpkg-reconfigure postfix

Select Localonly and press Okay

Then for System mail name: “mail.mark.net” and press OK.

Then for Root and postmaster don’t give anything and press OK.

Then for other destination to accept mail for change the line to

mail.mark.net, mark-virtual-machine, localhost.localdomain, , localhost, mark.net

Then for “Force synchronous updates on mail queue” press No

Then in Local networks append 192.168.0.0/24 network

Then leave the mailox size limit at 0 bytes.

Then leave the * for Local address extension character and press Ok.

Then for Internet Protocols to use press all and press OK.

Now let us edit the squirrelmail’s apache configuration file.

# vim /etc/squirrelmail/apache.conf

Go down and uncomment

DocumentRoot /usr/share/squirrelmail

Edit the next line to this

ServerName mail.mark.net

vim.tiny /etc/squirrelmail/config.php

$imapServerAddress = '192.168.56.102';

$smtpServerAddress = '192.168.56.102';

Now let us start editing the Dovecot configuration file.

# vim /etc/dovecot/dovecot.conf

Go to the very bottom of the file and start typing

protocols = imap pop3

#disable_plaintext_auth = no

mail_location = mbox:~/mail:INBOX=/var/mail/%u

#mail_location = maildir: ~/Maildir

Change this line alone in /etc/postfix/main.cf

inet_interfaces = 192.168.56.102,127.0.0.1

Now that all configuration is over let us restart all the processes.

# killall named

# killall apache2

# killall dovecot

# invoke-rc.d bind9 restart

# invoke-rc.d apache2 restart

# invoke-rc.d postfix restart

# invoke-rc.d dovecot restart

Now let us create a couple of users to try logging in as them for email transaction.

# adduser bala1

# adduser bala2

Then the important piece of information is to head to http://mail.mark.net/src/login.php

Monday, January 23, 2017

Shredding a disk securely

shred -vfz -n 10 /dev/sda5

-v: show progress

-f: change permissions to allow writing if necessary

-z: add a final overwrite with zeros to hide shredding

-n: overwrite N times instead of the default (3)