Secure shell or SSH is a protocol called network connectivity which replaces telnet, rcp, and rsh. SSH is a remote login that allows us to login to a host in a local network. By logging into other hosts, then we can act like as a user on the computer.
SSH is not a terminal or console to run the basic commands such as operating systems, csh (C-Shell), bash (Bourne Again Shell), ksh (Korn Shell), etc. SSH products First built is by Tatu Ylönen . Because the product and the protocol name are alike we got to differentiate them.
Protocol is Marked with a dash : SSH-1, SSH-2
Products are usually a mixture of lower and uppercase: OpenSSH, Tectia, PuTTY, etc.
The program uses lowercase: ssh, scp, putty, etc.
1 Key Generator
In order for two computers can interact via the SSH protocol, one computer should act as a client and the other acting as a server. The server must open port 22 so that the client can contact him. The server must create rsa1 key for SSH-1 protocol and rsa and dsa keys for SSH-2 protocol.
To make these keys make the following short script with the names generated:
ssh-keygen-f /etc/ssh/ssh_host_key-N-t rsa1 xxxxx
ssh-keygen-f /etc/ssh/ssh_host_rsa_key xxxxx-N-t rsa
ssh-keygen-f /etc/ssh/ssh_host_dsa_key xxxxx-N-t dsa
/usr/sbin/sshd
Then run the script:
# Chmod + x generate
# ./Generate
2 Key Transaction
When we make a key for each identification, the system will create a public key with a name similar to the name identifying the key but the added .pub extension. In this example I use Slackware as a server and Backtrack as a client.
ssh-keygen will create the file /etc/ssh/ssh_host_rsa_key as an authentication key with a passphrase xxxxx. Passphrase used to encrypt the privacy of this file using 3DES. /etc/ssh/ssh_host_rsa_key is not be readable by users other than the owner. ssh will read the file /etc/ssh/ssh_host_rsa_key during the login process. But the file /etc/ssh/ssh_host_rsa_key.pub does not need to be kept confidential.
when client "Backtrack" contacting server "slackkernel" with ssh through port 22, the client will retrieve the contents of the file /etc/ssh/ssh_host_rsa_key.pub on the server (192.168.1.3/24)
and put it in local ~/.ssh/known_hosts (192.168.1.1/24)
Server can copy the contents of the local file /etc/ssh/ssh_host_rsa_key.pub to ~/.ssh/authorized_keys on the client with
# Ssh-copy-id-i /etc/ssh/ssh_host_rsa_key 192.168.1.1
Slackware server can also read the contents of the file /etc/ssh/ssh_host_rsa_key.pub on client host with ssh-keyscan
3 Remote Login
Congratulations you have been able to enter (login) to the remote host. You will deserve of privileges of the user account you use. If the user account you are logged Enmei then you only have rights such as user Enmei:
# ssh enmei@192.168.1.3
But if the login is root then there is no limit of what you will do:
# ssh root@192.168.1.3
Keep in mind that the program is only a remote ssh login so resources (resource) of hardware that you use local host hardware NOT the hardware remote host
4 Remote Copy
Through this we also SSH protocol to copy a file or folder from the local host to remote host or from a remote host to local host. but we can't still copy between two remote hosts.
To copy the file /etc/resolv.conf from the remote host (192.168.1.3) to the directory /root just type:
# scp 192.168.1.3:/etc/resolv.conf /root
Vice versa we can send the /etc/resolv.conf from the local host to the directory /tmp on the remote host with:
# scp /etc/resolv.conf 192.168.1.3:/tmp
with this utility we can also copy an entire folder, suppose you copy a folder /pentest from local host (192.168.1.1) to /tmp on a remote host (192.168.1.3)
# scp -r /pentest 192.168.1.3:/tmp
5 Secure File Transfer Protocol
In addition to the scp we can also perform file transfers with sftp (secure file transfer protocol). sftp interface is like ftp interface but actually using ssh encryption and authentication. Syntax similar to ftp:
# sftp 192.168.1.3
In sftp prompt we can send the file /etc/resolv.conf local host to /tmp on the remote host with the put command
sftp advantage is the flexibility compared to ordinary ssh command. We can access the local host by giving a prefix! (Exclamation mark) the beginning of the command. ie we want to know the active directory on the local host then we type! because pwd pwd pwd is NOT going to show the active directory on the remote machine
So even though we were logged into a remote host we still can do anything on the local machine by simply adding "!" at the beginning of the command without having to logout first.
6 Secure Network File System
Like the NFS that can make a mount point folder in your local host for the remote host. Suppose we create a mount point /slack for a folder / on the remote host 192.168.1.3. Regarding the permissions that we get depends on the user account that we use (in this case root).
Given sshfs, you do not need anymore trouble in managing the files because you no longer need a complicated tool. You can manage files on remote hosts as if you manage files in your local host.
I think sshfs is the most ideal application to apply. Ideal for a very large function with very little option.
konsultasi debian
Wednesday, May 9, 2012
ssh on linux
Secure shell or SSH is a protocol called network connectivity which replaces telnet, rcp, and rsh. SSH is a remote login that allows us to login to a host in a local network. By logging into other hosts, then we can act like as a user on the computer.
SSH is not a terminal or console to run the basic commands such as operating systems, csh (C-Shell), bash (Bourne Again Shell), ksh (Korn Shell), etc. SSH products First built is by Tatu Ylönen . Because the product and the protocol name are alike we got to differentiate them.
Protocol is Marked with a dash : SSH-1, SSH-2
Products are usually a mixture of lower and uppercase: OpenSSH, Tectia, PuTTY, etc.
The program uses lowercase: ssh, scp, putty, etc.
1 Key Generator
In order for two computers can interact via the SSH protocol, one computer should act as a client and the other acting as a server. The server must open port 22 so that the client can contact him. The server must create rsa1 key for SSH-1 protocol and rsa and dsa keys for SSH-2 protocol.
To make these keys make the following short script with the names generated:
ssh-keygen-f /etc/ssh/ssh_host_key-N-t rsa1 xxxxx
ssh-keygen-f /etc/ssh/ssh_host_rsa_key xxxxx-N-t rsa
ssh-keygen-f /etc/ssh/ssh_host_dsa_key xxxxx-N-t dsa
/usr/sbin/sshd
Then run the script:
# Chmod + x generate
# ./Generate
2 Key Transaction
When we make a key for each identification, the system will create a public key with a name similar to the name identifying the key but the added .pub extension. In this example I use Slackware as a server and Backtrack as a client.
ssh-keygen will create the file /etc/ssh/ssh_host_rsa_key as an authentication key with a passphrase xxxxx. Passphrase used to encrypt the privacy of this file using 3DES. /etc/ssh/ssh_host_rsa_key is not be readable by users other than the owner. ssh will read the file /etc/ssh/ssh_host_rsa_key during the login process. But the file /etc/ssh/ssh_host_rsa_key.pub does not need to be kept confidential.
when client "Backtrack" contacting server "slackkernel" with ssh through port 22, the client will retrieve the contents of the file /etc/ssh/ssh_host_rsa_key.pub on the server (192.168.1.3/24)
and put it in local ~/.ssh/known_hosts (192.168.1.1/24)
Server can copy the contents of the local file /etc/ssh/ssh_host_rsa_key.pub to ~/.ssh/authorized_keys on the client with
# Ssh-copy-id-i /etc/ssh/ssh_host_rsa_key 192.168.1.1
Slackware server can also read the contents of the file /etc/ssh/ssh_host_rsa_key.pub on client host with ssh-keyscan
3 Remote Login
Congratulations you have been able to enter (login) to the remote host. You will deserve of privileges of the user account you use. If the user account you are logged Enmei then you only have rights such as user Enmei:
# ssh enmei@192.168.1.3
But if the login is root then there is no limit of what you will do:
# ssh root@192.168.1.3
Keep in mind that the program is only a remote ssh login so resources (resource) of hardware that you use local host hardware NOT the hardware remote host
4 Remote Copy
Through this we also SSH protocol to copy a file or folder from the local host to remote host or from a remote host to local host. but we can't still copy between two remote hosts.
To copy the file /etc/resolv.conf from the remote host (192.168.1.3) to the directory /root just type:
# scp 192.168.1.3:/etc/resolv.conf /root
Vice versa we can send the /etc/resolv.conf from the local host to the directory /tmp on the remote host with:
# scp /etc/resolv.conf 192.168.1.3:/tmp
with this utility we can also copy an entire folder, suppose you copy a folder /pentest from local host (192.168.1.1) to /tmp on a remote host (192.168.1.3)
# scp -r /pentest 192.168.1.3:/tmp
5 Secure File Transfer Protocol
In addition to the scp we can also perform file transfers with sftp (secure file transfer protocol). sftp interface is like ftp interface but actually using ssh encryption and authentication. Syntax similar to ftp:
# sftp 192.168.1.3
In sftp prompt we can send the file /etc/resolv.conf local host to /tmp on the remote host with the put command
sftp advantage is the flexibility compared to ordinary ssh command. We can access the local host by giving a prefix! (Exclamation mark) the beginning of the command. ie we want to know the active directory on the local host then we type! because pwd pwd pwd is NOT going to show the active directory on the remote machine
So even though we were logged into a remote host we still can do anything on the local machine by simply adding "!" at the beginning of the command without having to logout first.
6 Secure Network File System
Like the NFS that can make a mount point folder in your local host for the remote host. Suppose we create a mount point /slack for a folder / on the remote host 192.168.1.3. Regarding the permissions that we get depends on the user account that we use (in this case root).
Given sshfs, you do not need anymore trouble in managing the files because you no longer need a complicated tool. You can manage files on remote hosts as if you manage files in your local host.
I think sshfs SSH is the most ideal application to apply. Ideal for a very large function with very little option.
SSH is not a terminal or console to run the basic commands such as operating systems, csh (C-Shell), bash (Bourne Again Shell), ksh (Korn Shell), etc. SSH products First built is by Tatu Ylönen . Because the product and the protocol name are alike we got to differentiate them.
Protocol is Marked with a dash : SSH-1, SSH-2
Products are usually a mixture of lower and uppercase: OpenSSH, Tectia, PuTTY, etc.
The program uses lowercase: ssh, scp, putty, etc.
1 Key Generator
In order for two computers can interact via the SSH protocol, one computer should act as a client and the other acting as a server. The server must open port 22 so that the client can contact him. The server must create rsa1 key for SSH-1 protocol and rsa and dsa keys for SSH-2 protocol.
To make these keys make the following short script with the names generated:
ssh-keygen-f /etc/ssh/ssh_host_key-N-t rsa1 xxxxx
ssh-keygen-f /etc/ssh/ssh_host_rsa_key xxxxx-N-t rsa
ssh-keygen-f /etc/ssh/ssh_host_dsa_key xxxxx-N-t dsa
/usr/sbin/sshd
Then run the script:
# Chmod + x generate
# ./Generate
2 Key Transaction
When we make a key for each identification, the system will create a public key with a name similar to the name identifying the key but the added .pub extension. In this example I use Slackware as a server and Backtrack as a client.
ssh-keygen will create the file /etc/ssh/ssh_host_rsa_key as an authentication key with a passphrase xxxxx. Passphrase used to encrypt the privacy of this file using 3DES. /etc/ssh/ssh_host_rsa_key is not be readable by users other than the owner. ssh will read the file /etc/ssh/ssh_host_rsa_key during the login process. But the file /etc/ssh/ssh_host_rsa_key.pub does not need to be kept confidential.
when client "Backtrack" contacting server "slackkernel" with ssh through port 22, the client will retrieve the contents of the file /etc/ssh/ssh_host_rsa_key.pub on the server (192.168.1.3/24)
and put it in local ~/.ssh/known_hosts (192.168.1.1/24)
Server can copy the contents of the local file /etc/ssh/ssh_host_rsa_key.pub to ~/.ssh/authorized_keys on the client with
# Ssh-copy-id-i /etc/ssh/ssh_host_rsa_key 192.168.1.1
Slackware server can also read the contents of the file /etc/ssh/ssh_host_rsa_key.pub on client host with ssh-keyscan
3 Remote Login
Congratulations you have been able to enter (login) to the remote host. You will deserve of privileges of the user account you use. If the user account you are logged Enmei then you only have rights such as user Enmei:
# ssh enmei@192.168.1.3
But if the login is root then there is no limit of what you will do:
# ssh root@192.168.1.3
Keep in mind that the program is only a remote ssh login so resources (resource) of hardware that you use local host hardware NOT the hardware remote host
4 Remote Copy
Through this we also SSH protocol to copy a file or folder from the local host to remote host or from a remote host to local host. but we can't still copy between two remote hosts.
To copy the file /etc/resolv.conf from the remote host (192.168.1.3) to the directory /root just type:
# scp 192.168.1.3:/etc/resolv.conf /root
Vice versa we can send the /etc/resolv.conf from the local host to the directory /tmp on the remote host with:
# scp /etc/resolv.conf 192.168.1.3:/tmp
with this utility we can also copy an entire folder, suppose you copy a folder /pentest from local host (192.168.1.1) to /tmp on a remote host (192.168.1.3)
# scp -r /pentest 192.168.1.3:/tmp
5 Secure File Transfer Protocol
In addition to the scp we can also perform file transfers with sftp (secure file transfer protocol). sftp interface is like ftp interface but actually using ssh encryption and authentication. Syntax similar to ftp:
# sftp 192.168.1.3
In sftp prompt we can send the file /etc/resolv.conf local host to /tmp on the remote host with the put command
sftp advantage is the flexibility compared to ordinary ssh command. We can access the local host by giving a prefix! (Exclamation mark) the beginning of the command. ie we want to know the active directory on the local host then we type! because pwd pwd pwd is NOT going to show the active directory on the remote machine
So even though we were logged into a remote host we still can do anything on the local machine by simply adding "!" at the beginning of the command without having to logout first.
6 Secure Network File System
Like the NFS that can make a mount point folder in your local host for the remote host. Suppose we create a mount point /slack for a folder / on the remote host 192.168.1.3. Regarding the permissions that we get depends on the user account that we use (in this case root).
Given sshfs, you do not need anymore trouble in managing the files because you no longer need a complicated tool. You can manage files on remote hosts as if you manage files in your local host.
I think sshfs SSH is the most ideal application to apply. Ideal for a very large function with very little option.
vi
Various kinds Editor There are many text editors that can be used in the UNIX world. Here is an example of the many text editors. nano is a popular text editor provided by many Linux distributions and is also typically available when installing UNIX. gedit is graphical text editor in GNOME desktop. Screen-oriented editor Jed is made for programmers. With the color code designates Jed allows you to write so you can read it easier and faster to find syntax errors. Use the alt key to select the menu for manipulating text. kate editor that looks sweet that comes in packages of KDE. It has many features such as highlighting for various programming languages and arrangement of words. kedit text editor packaged in KDE GUI. with mcedit you can save, copy, move and delete text. Like Jed and joe, mcedit is also oriented screen. nedit would be perfect editor for programmers. You need to install additional packages to get this editor.
Introduction to vi When you use ssh in the network, you can use any text editor. GUI editor that is able to appear on the screen. But if the GUI is not available then you are obliged to use shell-based text editor such as vi, Jed or joe. Why do we learn vi text editor rather than the other. Vi is a text editor that is quite difficult to learn. There are no instructions, menus or icons. But once you know that you no longer need a mouse or function keys, you can edit and move quickly and efficiently only with the keyboard.
Move between modes Often somebody pressed "Esc" key to get out of vi but he can't (It's not me). pressing "Esc" switches to command mode. Oh yes in vi, there are two modes of command and insert. vi always starts in command mode so if you open a file such as passwd (vi /etc/passwd) and then want to change something you must first enter insert mode by pressing i or a or "insert"
Navigating in vi For navigation (in command mode) we can use the j button to go down one line k move up one line, l to slide to right and h to slide to left
h left j down k ride l right
press the number 5 then j (5j) then you will go down five lines, as well as other commands that can be combined with numbers that make your job effectively (you do not need to press keys until line 1000 j. 1000j enough with you will go down 1000 line). You can also go directly to a thousand with the command line: 1000 then press "Enter" or 1000G (uppercase G). But this command is different from 1000j (if you press 1000j you will be brought into line in 1001 because of your initial position on line 1, while the command: 1000 and 1000G will take you to the 1000 lines no matter where your starting position. Command :1000 and 1000G have resemblance which means :1 is identical to 1G not G because G will lead you to the last line of a file (believe it or not). There is another trick to navigation in addition to hjkl vi, press w to move forward and b the right one to go back one word. Press also $ (dollar sign) to the end of the line, A advances to the end of the line and go into insert mode, and press the "Esc" then 0 (zero) to return to the starting of the line.
Changing Character
Changing a file is done in insert mode. as described earlier i key to enter insert mode and "Esc" to the command mode. R button will help you replace one character under the cursor right (remember only one), press five random characters so that one is not replaceable only five-limanya. Continuing to replace many characters r will make you tired, thanks to god, you can replace many characters with the R key (uppercase).
x key deletes character right at the cursor (like delete) and X (uppercasel X) to delete characters before cursor (like backspace). dw will help you delete the character at the cursor to the end of words. Removing characters up to the beginning of words can be done with d$. I would like to remove up to the beginning of the word but do not want to delete the character at the cursor, there is the recipe? Yes it is d0. And deleting one line is dd. Opening a file could be done by typing the command followed by the full file name with pathnya example vi /etc/passwd. Adding +5 to command (vi /etc/passwd +5) will take you directly to the fifth line. We had opened /etc/passwd. Now willing to open anither session without closing the current session? The answer is: e /etc/shadow. vi successfully open the /etc/shadow. now the first session become invisible. it will be vesible again after closing the current sessio. if we want to see both session split /etc/shadow would be a good solution.
Important Buttons
In vi there are many important buttons that you can use in command mode. This button allows you to switch between modes, navigation, delete, copy, browse and manage files.
OPERATING FUNCTION BUTTON Interactive mode
Esc key enters command mode. i enters insert mode at cursor i. A enters the insert mode at the end of the line.
Navigation
h slides left, j moves down, k moves up, and l slides right. $ leads to the end of the line. ^0 leads to the beginning of the line. G leadsto the end of the file. :1 or 1G leads to the beginning of the file. :47 or 47G leads to line 47. Ctrl + f scrolls down one page. Ctrl + dPage scrolls down half page. Ctrl + b scrolls up one page. Ctrl + u scrolls up half page.
Deletion
dd removes one line. 5dd removes five lines. r replaces one character. R replaces many characters. x Deletes one character. 10x del Removes ten characters. dw removes one word. 5dw removes five words. yw copies one word. yy copies one line. p pastes the copied or deleted string.
Introduction to vi When you use ssh in the network, you can use any text editor. GUI editor that is able to appear on the screen. But if the GUI is not available then you are obliged to use shell-based text editor such as vi, Jed or joe. Why do we learn vi text editor rather than the other. Vi is a text editor that is quite difficult to learn. There are no instructions, menus or icons. But once you know that you no longer need a mouse or function keys, you can edit and move quickly and efficiently only with the keyboard.
Move between modes Often somebody pressed "Esc" key to get out of vi but he can't (It's not me). pressing "Esc" switches to command mode. Oh yes in vi, there are two modes of command and insert. vi always starts in command mode so if you open a file such as passwd (vi /etc/passwd) and then want to change something you must first enter insert mode by pressing i or a or "insert"
Navigating in vi For navigation (in command mode) we can use the j button to go down one line k move up one line, l to slide to right and h to slide to left
h left j down k ride l right
press the number 5 then j (5j) then you will go down five lines, as well as other commands that can be combined with numbers that make your job effectively (you do not need to press keys until line 1000 j. 1000j enough with you will go down 1000 line). You can also go directly to a thousand with the command line: 1000 then press "Enter" or 1000G (uppercase G). But this command is different from 1000j (if you press 1000j you will be brought into line in 1001 because of your initial position on line 1, while the command: 1000 and 1000G will take you to the 1000 lines no matter where your starting position. Command :1000 and 1000G have resemblance which means :1 is identical to 1G not G because G will lead you to the last line of a file (believe it or not). There is another trick to navigation in addition to hjkl vi, press w to move forward and b the right one to go back one word. Press also $ (dollar sign) to the end of the line, A advances to the end of the line and go into insert mode, and press the "Esc" then 0 (zero) to return to the starting of the line.
Changing Character
Changing a file is done in insert mode. as described earlier i key to enter insert mode and "Esc" to the command mode. R button will help you replace one character under the cursor right (remember only one), press five random characters so that one is not replaceable only five-limanya. Continuing to replace many characters r will make you tired, thanks to god, you can replace many characters with the R key (uppercase).
x key deletes character right at the cursor (like delete) and X (uppercasel X) to delete characters before cursor (like backspace). dw will help you delete the character at the cursor to the end of words. Removing characters up to the beginning of words can be done with d$. I would like to remove up to the beginning of the word but do not want to delete the character at the cursor, there is the recipe? Yes it is d0. And deleting one line is dd. Opening a file could be done by typing the command followed by the full file name with pathnya example vi /etc/passwd. Adding +5 to command (vi /etc/passwd +5) will take you directly to the fifth line. We had opened /etc/passwd. Now willing to open anither session without closing the current session? The answer is: e /etc/shadow. vi successfully open the /etc/shadow. now the first session become invisible. it will be vesible again after closing the current sessio. if we want to see both session split /etc/shadow would be a good solution.
Important Buttons
In vi there are many important buttons that you can use in command mode. This button allows you to switch between modes, navigation, delete, copy, browse and manage files.
OPERATING FUNCTION BUTTON Interactive mode
Esc key enters command mode. i enters insert mode at cursor i. A enters the insert mode at the end of the line.
Navigation
h slides left, j moves down, k moves up, and l slides right. $ leads to the end of the line. ^0 leads to the beginning of the line. G leadsto the end of the file. :1 or 1G leads to the beginning of the file. :47 or 47G leads to line 47. Ctrl + f scrolls down one page. Ctrl + dPage scrolls down half page. Ctrl + b scrolls up one page. Ctrl + u scrolls up half page.
Deletion
dd removes one line. 5dd removes five lines. r replaces one character. R replaces many characters. x Deletes one character. 10x del Removes ten characters. dw removes one word. 5dw removes five words. yw copies one word. yy copies one line. p pastes the copied or deleted string.
fake root
Well guys, you must know that root is supreme master of the unix operating systems like Linux, Hurd, Solaris, HP-UX, BSDs, AIX and there still many of them. root account is lord of the system where any other accounts are under its orders, rules, legacy and/or policy.
root is identical to UID 0 and any other accounts with different various UID number from 1 to 65535 in Linux. Maximum number of UIDs depends on the flavor of the operating systems. Let's take a look at our sample /etc/passwd
root:x:0:0::/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
adm:x:3:4:adm:/var/log:/bin/false
lp:x:4:7:lp:/var/spool/lpd:/bin/false
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/:/bin/false
news:x:9:13:news:/usr/lib/news:/bin/false
uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false
operator:x:11:0:operator:/root:/bin/bash
games:x:12:100:games:/usr/games:/bin/false
ftp:x:14:50::/home/ftp:/bin/false
smmsp:x:25:25:smmsp:/var/spool/clientmqueue:/bin/false
mysql:x:27:27:MySQL:/var/lib/mysql:/bin/false
rpc:x:32:32:RPC portmap user:/:/bin/false
sshd:x:33:33:sshd:/:/bin/false
gdm:x:42:42:GDM:/var/state/gdm:/bin/bash
apache:x:80:80:User for Apache:/srv/httpd:/bin/false
messagebus:x:81:81:User for D-BUS:/var/run/dbus:/bin/false
haldaemon:x:82:82:User for HAL:/var/run/hald:/bin/false
pop:x:90:90:POP:/:/bin/false
nobody:x:99:99:nobody:/:/bin/false
each value is delimited by a colon. Well let's focus on the first line because this is what we are gonna learn.
root:x:0:0::/root:/bin/bash
the first value is root that means this is the name of account.
the second value is x which means that the password is encrypted and the encrypted password is encrypted password is located on /etc/shadow. the third one is User Identity (UID). the fourth is group Identity (GID). the fifth is description of the account and in this case we have no description. the sixth is the home directory and the seventh is the default shell for the account.
then let's make a user account and assign a password to it. let's call it "fruit".
useradd fruit
passwd fruit
let's change the fruit UID and GID to 0 and (zero) and root UID to 100 and GID to 1000. fruit has taken all the privileges that root once had
installing rpm and tgz package on a debian box
Debian is a magnificent Linux distribution. The default debian Installation package is .deb. However Debian can also install slackkware .tgz package, because .tgz equals to tar.gz with installation script. So from that fact we can simply install .tgz files by extracting. for example we will install xmms because this package is not available on debian repository. I got xmms package from a slackware 12 dvd now i just have to install it.
tar zxvvf xmms-1.2.11-i486-2.tgz -C /
then we can simply remove /install by typing
rm -r /install
but now we have a problem. xmms window won't come up after invoking. libxmms.so.1 is not found on system. actually the library needed is already available in different filename (libxmms.so.1.3.1)That's just because library naming between slackware and debian different. we can simply solve it by linking the library
ln -s /usr/lib/libxmms.so.1.3.1 /usr/lib/libxmms.so.1
yup, we have successfully installed a slackware .tgz package.
Now let's install rpm package from slackware 12 DVD (rpm-4.4.2.3-i486-2.tgz). we also need to install beecrypt because some files on beecrypt are the dependency of rpm. it's also available on slackware 12 DVD.
tar zxvvf rpm-4.4.2.3-i486-2.tgz
tar beecrypt-4.1.2-i486-2.tgz
rm -r /install
again like the previous problem the names of the library are different. Yup let's solve it
ln -s /usr/lib/libbeecrypt.so.6.4.0 /usr/lib/libbeecrypt.so.6
ln -s /usr/lib/libssl.so /usr/lib/libssl.so.0
ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.0
and now we got the problem solved
tar zxvvf xmms-1.2.11-i486-2.tgz -C /
then we can simply remove /install by typing
rm -r /install
but now we have a problem. xmms window won't come up after invoking. libxmms.so.1 is not found on system. actually the library needed is already available in different filename (libxmms.so.1.3.1)That's just because library naming between slackware and debian different. we can simply solve it by linking the library
ln -s /usr/lib/libxmms.so.1.3.1 /usr/lib/libxmms.so.1
yup, we have successfully installed a slackware .tgz package.
Now let's install rpm package from slackware 12 DVD (rpm-4.4.2.3-i486-2.tgz). we also need to install beecrypt because some files on beecrypt are the dependency of rpm. it's also available on slackware 12 DVD.
tar zxvvf rpm-4.4.2.3-i486-2.tgz
tar beecrypt-4.1.2-i486-2.tgz
rm -r /install
again like the previous problem the names of the library are different. Yup let's solve it
ln -s /usr/lib/libbeecrypt.so.6.4.0 /usr/lib/libbeecrypt.so.6
ln -s /usr/lib/libssl.so /usr/lib/libssl.so.0
ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.0
and now we got the problem solved
djbdns
well here I want to explain how to install and setup djbdns on ubuntu server 10.10 64 bit on a single server.
1. first of all install all djbdns package
apt-get install djbdns
2. then create corresponding user accounts
useradd -r Gtinydns # for dns server
useradd -r Gdnscache # for caching
useradd -r Gdnslog # for logging
useradd -r Gaxfrdns # for zone transfer
3. make configurations
9.20.3.27 is my ip address. you can change with your own.
4. create /etc/event.d/svscan and fill with
# svscan - daemontools
# https://bugs.launchpad.net/ubuntu/+source/daemontools-installer/+bug/66615
#
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5
stop on runlevel 0
stop on runlevel 1
stop on runlevel 6
respawn
exec /usr/bin/svscanboot
5. touch /etc/dnscache/root/ip/9.20.3.27
6. start the service
7. add zones
=example.com:146.82.204.17:86400
=www.example.com:146.82.204.17:86400
+www.example.com:146.82.204.17:86400
+\052.example.com:146.82.204.17:86400
.59.99.73.in-addr.arpa:146.82.204.17:a:259200
1. first of all install all djbdns package
apt-get install djbdns
2. then create corresponding user accounts
useradd -r Gtinydns # for dns server
useradd -r Gdnscache # for caching
useradd -r Gdnslog # for logging
useradd -r Gaxfrdns # for zone transfer
3. make configurations
tinydns-conf Gtinydns Gdnslog /etc/tinydns 127.0.0.1
dnscache-conf Gdnscache Gdnslog /etc/dnscache 9.20.3.27
9.20.3.27 is my ip address. you can change with your own.
4. create /etc/event.d/svscan and fill with
# svscan - daemontools
# https://bugs.launchpad.net/ubuntu/+source/daemontools-installer/+bug/66615
#
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5
stop on runlevel 0
stop on runlevel 1
stop on runlevel 6
respawn
exec /usr/bin/svscanboot
5. touch /etc/dnscache/root/ip/9.20.3.27
6. start the service
mkdir /etc/service
ln -s /etc/tinydns /etc/service
ln -s /etc/dnscache /etc/service
ln -s /etc/axfrdns /etc/service
7. add zones
cd /etc/tinydns/root
.example.com:146.82.204.17:a:259200=example.com:146.82.204.17:86400
=www.example.com:146.82.204.17:86400
+www.example.com:146.82.204.17:86400
+\052.example.com:146.82.204.17:86400
.59.99.73.in-addr.arpa:146.82.204.17:a:259200
regular expression
regular expression is some kind of pattern to match a criteria. well i'm not good enough at explaining by words, so let's continue by examples. in this case i'll use grep as the command. just to make sure that you already alias grep with grep --color=auto so the result of grep will be marked red
if we want to capture lines containing a phrase for example phrase "lo" from command 'ip a'. let's first invoke 'ip a'. note that lines beginning with # are the things you should type and the result of the command lies below.
#ip a
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:1f:16:2a:6c:00 brd ff:ff:ff:ff:ff:ff
3: wmaster0: mtu 0 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ieee802.11 0c:60:76:7b:54:e0 brd 00:00:00:00:00:00
4: wlan0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 0c:60:76:7b:54:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
inet6 fe80::e60:76ff:fe7b:54e0/64 scope link
valid_lft forever preferred_lft forever
5: vboxnet0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
that's a complete result before we filter anything. let's find some lines containing phrase "lo"
#ip a|grep lo
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
we got four lines here. but it also lists lines containing lo in other words (loopback and global) not standalone lo. to get lines with standalone lo we have
#ip a|grep -E '\'
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
inet 127.0.0.1/8 scope host lo
now let's capture IP addresses. IP addresses are always four octets separated by dots (.). each octet can be a number from 0 to 255. we must split up this number to meet the requirements. in this case. we divide into 3 accounts, so 0 to 255 could be 250-255 or 200-249 or 0-199. [0-9] represents any number from 0 to 9 and | represents logical "or" and ? can represent that phrase is ignorant and/or exists. so the expression would be '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)). remember this is only an octet. to capture a complete IP Address we have to write that expression four times. the dot separator can be represented by \. (escaped dot). the complete command may seem like this
#ip a|grep -E '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))'
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
to capture IP address with the netmask we must again split up thye netmask into 2 accounts. netmask in this case is written by prefix not in the form of IP address. netmask is from 0 to 32 (30-32 or 0-29). the slash must be escaped with "\".
#ip a|grep -E '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\/((3[0-2]|[0-2]?[0-9]))'
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
to capture a whole global line that we must read carefully from left to right. first we must put a caret "^" that represents the start of the line. second there are 4 spaces so we must indicate them with "\ {4}. followed by word "inet", followed again by a space "\ ", then an IP address with subnetmask (we have discussed this earlier. then a word "brd" means broadcast followed by broadcast ID. broadcast ID have the same rule as IP address. then space, word "scope" space "word global space and at last the interface. interface could be wlan0, wlan1, eth0, eth1 etc.
#ip a|grep -E '^\ {4}inet\ ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\/((3[0-2]|[0-2]?[0-9]))\ brd\ ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\ scope\ global\ ((wlan[0-9]|eth[0-9]))'
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
escape "\" is necessary when capturing characters that has special meaning. some characters that has special meaning in regular expression are
backslash \ escaping character
slash / directory delimiter
space command delimiter
dot . any single character
parentheses () special environment
brackets [] to allow any single character in the brackets
braces {} amount of characters before an open brace
plus + any number before the plus sign starting from 1
asterisk * any number before the plus sign starting from 0
question mark ? can be 0 or 1 character before ? sign
comma , delimiter used in braces
pipe | logical or
quote ' used to specify a phrase or pattern
double quote " used to specify a phrase or pattern
back tick ` command substitution
caret ^ the start of the line
dollar $ the end of the line
if we want to capture lines containing a phrase for example phrase "lo" from command 'ip a'. let's first invoke 'ip a'. note that lines beginning with # are the things you should type and the result of the command lies below.
#ip a
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:1f:16:2a:6c:00 brd ff:ff:ff:ff:ff:ff
3: wmaster0: mtu 0 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ieee802.11 0c:60:76:7b:54:e0 brd 00:00:00:00:00:00
4: wlan0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 0c:60:76:7b:54:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
inet6 fe80::e60:76ff:fe7b:54e0/64 scope link
valid_lft forever preferred_lft forever
5: vboxnet0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
that's a complete result before we filter anything. let's find some lines containing phrase "lo"
#ip a|grep lo
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
we got four lines here. but it also lists lines containing lo in other words (loopback and global) not standalone lo. to get lines with standalone lo we have
#ip a|grep -E '\'
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
inet 127.0.0.1/8 scope host lo
now let's capture IP addresses. IP addresses are always four octets separated by dots (.). each octet can be a number from 0 to 255. we must split up this number to meet the requirements. in this case. we divide into 3 accounts, so 0 to 255 could be 250-255 or 200-249 or 0-199. [0-9] represents any number from 0 to 9 and | represents logical "or" and ? can represent that phrase is ignorant and/or exists. so the expression would be '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)). remember this is only an octet. to capture a complete IP Address we have to write that expression four times. the dot separator can be represented by \. (escaped dot). the complete command may seem like this
#ip a|grep -E '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))'
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
to capture IP address with the netmask we must again split up thye netmask into 2 accounts. netmask in this case is written by prefix not in the form of IP address. netmask is from 0 to 32 (30-32 or 0-29). the slash must be escaped with "\".
#ip a|grep -E '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\/((3[0-2]|[0-2]?[0-9]))'
inet 127.0.0.1/8 scope host lo
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
to capture a whole global line that we must read carefully from left to right. first we must put a caret "^" that represents the start of the line. second there are 4 spaces so we must indicate them with "\ {4}. followed by word "inet", followed again by a space "\ ", then an IP address with subnetmask (we have discussed this earlier. then a word "brd" means broadcast followed by broadcast ID. broadcast ID have the same rule as IP address. then space, word "scope" space "word global space and at last the interface. interface could be wlan0, wlan1, eth0, eth1 etc.
#ip a|grep -E '^\ {4}inet\ ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\/((3[0-2]|[0-2]?[0-9]))\ brd\ ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\ scope\ global\ ((wlan[0-9]|eth[0-9]))'
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlan0
escape "\" is necessary when capturing characters that has special meaning. some characters that has special meaning in regular expression are
backslash \ escaping character
slash / directory delimiter
space command delimiter
dot . any single character
parentheses () special environment
brackets [] to allow any single character in the brackets
braces {} amount of characters before an open brace
plus + any number before the plus sign starting from 1
asterisk * any number before the plus sign starting from 0
question mark ? can be 0 or 1 character before ? sign
comma , delimiter used in braces
pipe | logical or
quote ' used to specify a phrase or pattern
double quote " used to specify a phrase or pattern
back tick ` command substitution
caret ^ the start of the line
dollar $ the end of the line
Subscribe to:
Posts (Atom)