Thursday, June 19, 2008

Allowing user to run root privileged commands

To allow normal user to run root privileged commands, you have to use sudo. Sudo allows a user to run commands as superuser or another user. To set your user to be able to use sudo to act as superuser, a number of steps have to be done.

  1. Login as superuser(root)
  2. Edit sudoers file using visudo
    • # visudo
    • Uncomment the below line and save. visudo use vi as text editor, so to save just press 'Esc' and then ':wq'
      • %wheel ALL=(ALL) ALL
  3. Add your user to the group wheel(You can use any name for the group as long as you add it to the sudoers file). As example, we will use 'foo' as our username
    • # usermod -G wheel foo
  4. To make all the superuser's environment variable available to the user, edit /home/foo/.bash_profile
    • # vi /home/foo/.bash_profile
    • Add the following lines, append if the line already exist.
      • PATH=$PATH:/sbin:/usr/sbin
      • export PATH
    • Save the file
    • To activate the changes, run
      • # . .bash_profile
  5. Now, you can use superuser environment variables, but without tab completion feature. To enable tab completion feature, edit /home/foo/.bashrc
    • # vi /home/foo/.bashrc
    • Add the following line
      • complete -cf sudo
    • Save the file
    • To activate the changes, run
      • # . .bashrc
  6. Logout and login back. Now you can use sudo to execute root privileged commands, you inherited the root environment variables and you can use tab completion while using sudo

Wednesday, June 18, 2008

Using sftp to transfer file through network

There are a lot of ways on how to transfer files through network in linux and open source. One of the solution is to use sftp a.k.a. secure file transfer protocol. The reason this sftp is different from the original ftp is, sftp will do all its operation over encrypted ssh transport. This make sure that your file is safely transferred through network. To use sftp, you can just run command
$ sftp user@servername
For example,
$ sftp foo@server.name or
$ sftp foo@192.168.0.1

To use sftp efficiently, a few important commands one need to know, as listed below:

  1. To get help on commands available.
    • sftp> help
    • sftp> ?
  2. The commands are generally divided into 2 groups: the commands that can be used to manipulate localhost and the commands that can be used to manipulate remote host. The commands that start with 'l' are specially for locahost only. Example, to list all directory listing on localhost:
    • sftp> lls
  3. To list directories on remote host, use:
    • sftp> ls
  4. The most important command, how to upload file to the remotehost
    • sftp> put /local/path /remote/path
  5. To download file from remotehost
    • sftp> get /remote/path /local/path
To get more information, use the first step to generate help page where list of commands and how to use it are shown.

Wednesday, June 4, 2008

Displaying message of the day (motd)

When you have logged to your machine through ssh, this is what you will always see after each successful access:

Last login: Tue Jun 3 13:17:35 2008 from 10.20.20.171
[user@server ~]$

You can have additional message displayed like this, by using message of teh day (motd):

Last login: Wed Jun 4 14:59:13 2008 from 10.20.20.241
This is a my server!!!!!!
[user@server ~]$

Here are the steps to do it:

  1. Open /etc/motd using your favorite text editor. I will use vi
    • vi /etc/motd
  2. Append your message to the file and save
    • This is a my server!!!!!!
  3. Then, when this will be displayed when you access your machine again
    • Last login: Wed Jun 4 14:59:13 2008 from 10.20.20.241
      This is a my server!!!!!!
      [user@server ~]$
Have fun....:)

Tuesday, June 3, 2008

Shell scripting built-in variables

When doing scripting in shell, like bash, there are a few built-in variables that we can use to optimize our script. Below are a few useful ones:

  • $$ = The PID number of the process executing the shell.
  • $? = Exit status variable.
  • $0 = The name of the command you used to call a program.
  • $1 = The first argument on the command line.
  • $2 = The second argument on the command line.
  • $n = The nth argument on the command line. n = 0-9
  • $* = All the arguments on the command line.
  • $# = The number of command line arguments.
Hope this can help

Creating banner for ssh server

A banner for ssh server is a few phrase that will come out the time you want to access a server through ssh. By default, this feature is turned off. To turned it on:

  1. Login as 'root'
  2. Create your banner file first. In this example, i will create banner file named /home/banner
    • # vi /home/banner
    • Insert your banner message to the file. I will insert 'Welcome to my pc'
  3. After you have finish with the banner file, open /etc/sshd_config
    • # vi /etc/sshd_config
    • Uncomment or add the following line
      • Banner /home/banner
  4. Restart ssh server
    • # /etc/init.d/sshd restart
  5. When you login, this will be displayed
    • # ssh pingu@10.20.20.171
      Welcome to my pc
      pingu@10.20.20.171's password: