Debian Stretch 9 issue with vim: copy and paste

20 06 2017

In Debian Stetch 9 there is a new behaviour in vim, the copy and paste with the mouse is unusual and don’t work as the previous versions did.

For fix that, in the file /usr/share/vim/vim80/defaults.vim comment the lines:

" if has('mouse')
" set mouse=a
" endif





Force syn date and time

21 05 2017

apt-get install tlsdate
tlsdate -H mail.google.com





Enable autologin in Debian with Systemd

19 05 2017

For allow autologin in a Debian system with systemd (very usefull with testing virtual machines):

Create dir:
mkdir /etc/systemd/system/getty@tty1.service.d/

Create file /etc/systemd/system/getty@tty1.service.d/override.conf with the following content:
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM

More info:
http://forums.debian.net/viewtopic.php?f=16&t=123694





Deny ssh access to one user

18 05 2017

If you want to deny the access of one user (or group) to a server via ssh, these are the steps for a Debian/Ubuntu server:

Add the user to /etc/security/access.conf
- : user1 : ALL

Assure that “/etc/ssh/sshd_config” have the following line (by default yes):
UsePAM yes

Assure that “/etc/pam.d/sshd” have uncommented the following line:
account required pam_access.so





Configure phpmyadmin for connect to RDS AWS MariaDB

30 03 2017

Ensure that “/etc/phpmyadmin/config-db.php” doesn’t haven any configured values:

$dbuser='';
$dbpass='';
$basepath='';
$dbname='';
$dbserver='';
$dbport='';
$dbtype='';

Create a new file with for your particular values in “/etc/phpmyadmin/conf.d/myconf.php”

<?phpConfigure phpmyadmin for connect to RDS AWS MariaDB
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['host'] = 'name.of.rds.amazonaws.com';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = TRUE;

Go to the phpmyadmin website and log with the administrative account.

More info: http://stackoverflow.com/questions/4402482/using-phpmyadmin-to-administer-amazon-rds





Quick vsftp install and configuration

4 12 2016

This is the simple method for install and have a basic configuration for log into the ftp server with the local users of the system:
apt-get install vfstp
vi /etc/vsftpd.conf
Uncomment the following lines:
local_enable=YES
write_enable=YES

Restart the service and enjoy!
/etc/init.d/vsftpd restart





Testing virtual interface inside a namespace

12 09 2016

One virtual interface (veth0/1) into one namespace (blue) with internet conectivity

– First of all, enable ip forward:

echo 1 > /proc/sys/net/ipv4/ip_forward

– Create the virtual ethernet interface, a veth pair, and bring one side up:

ip link add veth0 type veth peer name veth1
ip link set veth0 up

– Create the network namespace, called blue, in which the other side of the veth is going to reside:

ip netns add blue

– Put the corresponding veth side, veth1, into the namespace. Take into account that the other side, veth0, reside in the system namespace:

ip link set veth1 netns blue

– Configure the veth1 with an IP address and bring it up. The command is executed inside the namespace:

ip netns exec blue ifconfig veth1 10.1.1.1/24 up

– Bring up lo interface too for avoid extrange problems:

ip netns exec blue ip link set dev lo up

– Create the bridge, called br0, and bring it up:

ip link add name br0 type bridge
ip link set br0 up

– Assign an IP address to the bridge interface for gain the level3 behaviour, if not, only works as level2:

ip addr add 10.1.1.254/24 dev br0

– Include the veth0, which is outside the namespace, into the bridge:

ip link set veth0 master br0

– Add a default route for the namespace inside it:

ip netns exec blue ip route add default via 10.1.1.254

– Add the iptables rules for allow NAT in the host system:

iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

– Test 1. Ping and traceroute from the host to the namespace:

ping -c1 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.063 ms

traceroute 10.1.1.1
traceroute to 10.1.1.1 (10.1.1.1), 30 hops max, 60 byte packets
1 10.1.1.1 (10.1.1.1) 0.051 ms 0.012 ms 0.010 ms

– Test 2. Ping and traceroute from the namespace to the bridge:

ip netns exec blue ping -c1 10.1.1.254
PING 10.1.1.254 (10.1.1.254) 56(84) bytes of data.
64 bytes from 10.1.1.254: icmp_seq=1 ttl=64 time=0.038 ms

ip netns exec blue traceroute 10.1.1.254
traceroute to 10.1.1.254 (10.1.1.254), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.059 ms 0.013 ms 0.009 ms

– Test 3. Ping and traceroute from the namespace to internet:

ip netns exec blue ping -c1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=0.838 ms

ip netns exec blue traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.050 ms 0.012 ms 0.008 ms
...
9 google-public-dns-a.google.com (8.8.8.8) 0.884 ms 0.701 ms 0.681 ms

Two virtual interfaces (veth0/1 and veth10/11) into two different namespaces each one (blue and green) using the same subnet with internet conectivity

– Plus the steps done above…

– Create the virtual ethernet interface, and bring it up:

ip link add veth10 type veth peer name veth11
ip link set veth10 up

– Create the network namespace, and include the veth11 interface into it:

ip netns add green
ip link set veth11 netns green

– Include the veth10 into the bridge:

ip link set veth10 master br0

– Configure the veth11 with an IP address, bring it up, the same for lo, and add the default route to the bridge:

ip netns exec green ifconfig veth11 10.1.1.11/24 up
ip netns exec green ip link set dev lo up
ip netns exec green ip route add default via 10.1.1.254

– Test 4. Ping and traceroute from the blue namespace to the green:

ip netns exec blue ping -c1 10.1.1.11
PING 10.1.1.11 (10.1.1.11) 56(84) bytes of data.
64 bytes from 10.1.1.11: icmp_seq=1 ttl=64 time=0.059 ms

ip netns exec blue traceroute 10.1.1.11
traceroute to 10.1.1.11 (10.1.1.11), 30 hops max, 60 byte packets
1 10.1.1.11 (10.1.1.11) 0.055 ms 0.015 ms 0.015 ms

– Test 5. Ping and traceroute from the green namespace to the blue:

ip netns exec green ping -c1 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.068 ms

ip netns exec green traceroute 10.1.1.1
traceroute to 10.1.1.1 (10.1.1.1), 30 hops max, 60 byte packets
1 10.1.1.1 (10.1.1.1) 0.060 ms 0.010 ms 0.008 ms

– Test 6. Ping and traceroute from green namespace to internet:

ip netns exec green ping -c1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=0.804 ms

ip netns exec green traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.073 ms 0.010 ms 0.007 ms
...
9 google-public-dns-a.google.com (8.8.8.8) 0.663 ms 0.726 ms 0.680 m