Tag: linux

Safe and Secure SSH Connections

In a modern world where cyber-warfare is common place and every-day users are targets from organised crime, it goes without saying that you are likely to run into problems rather quickly if you don't use every available means of security.

The scope of this article is to connect via SSH Keys however you should also be doing some other more mundane tasks like encrypting the connection (preferably with a VPN on your router) and using altered ports, plus limiting access to SSH users, if you have them.

So what is the safest way to connect to your remote Linux OS distribution, by command line? Well quite simply, it is done with SSH Keys which you generate so that the connection can be established. These keys are then used as a form of password and where the remote user has these pre-generated keys on their system, SSH shares them and if allowed, serves the connection.

Generating Your Keys

From command line on the machine you are connecting from, do the following:

ssh-keygen - Leave as default values

This creates files inside your home directories .ssh folder. This is a hidden folder that you usually don't need access to. To see what's inside, do ls .ssh from your home path.

Now, do the following, from your home path:

cat .ssh/id_rsa.pub

This is your public password. Share this with unlimited amounts of remote servers and while you are using this account, you will have access.

Sharing Your Keys

On a mundane level, you can provide the key you generated via any method you like, only your machine and account will be able to use it.

Now, take the output of cat .ssh/id_rsa.pub, and do echo "key-here" >> .ssh/authorized_keys and voila, the magic is done. You can now do ssh user@example.com, password-free.

So that's one way of achieving passwordless login via SSH, although there is an easier way. Do:

ssh-copy-id user@example.com

This will auto-install the keys for you, assuming you can connect to the server via SSH using other authentication methods - such as password.

Removing Keys

To remove access to a users account, do vi .ssh/authorized_keys and delete the line corresponding to the users account.

It really is that simple!

Voila

Congratulations, you're all set up! Don't forget, while it is perfectly safe to share your id_rsa.pub key, do so with caution. Using it on your website homepage may attract unwanted attention!

Peace.

File Management Creation

mktemp

Creates a temporary file with a random name. Guarantees that the new file doesn’t exist

touch new_file.txt new_file_2.txt

Creates both new_file.txt and new_file_2.txt

touch file_name_{a..c}

Creates file_name_a, file_name_b, and file_name_c

Moving

cp file_name.txt file_name_copy.txt 

Creates a copy of file_name.txt named file_name_copy.txt in the same working directory

Reading

head file_name.txt 

Prints first 10 lines of a file

tail file_name.txt 

Prints last 10 lines of a file

touch new_file.txt 

Creates a new file

touch {new_file, new_file_2}.txt

Creates both new_file.txt and new_file_2.txt

touch file_name_{1..3}

Creates file_name_1, file_name_2, and file_name_3

`mv file_name.txt new_file_copy.txt`

Moves file_name.txt to new_file_copy.txt in the same directory, renaming the file

cat file_name.txt 

Prints full contents of a file

less file_name.txt

Prints a part of file contents

Deletion

rm file_name.txt 

Removes a file

wc file_name.txt

Prints number of lines words and characters in the file

rm -f file_name.txt

Removes a file ignoring non-existent files

Compression and Decompression

zip archive_name.zip file_name_1.php file_name_2.php
tar -cvf archive_name.tar file_name_1.php file_name_2.php 
tar -zcf archive_name.tar.gz file_name_1.php file_name_2.php

Archives separate files (depending on the format)

zip -r archive_name.zip directory
tar -cvf archive_name.tar directory 
tar -zcf archive_name.tar.gz directory

Archives a whole directory (depending on the format)

Replacing in Files

unzip archive_name.zip
tar -xvf archive_name.tar
tar -zxvf archive_name.tar.gz

Extracts an archive (depending on the format)

sed -i 's/search_query/replace_query/' file_name.txt

Modifies the content of the original file if the replacement query exists in the file

sed 's/search_query/replace_query/g' `file_name.txt` > `new_file_name.txt`

Replaces search_query with replace_query in file_name.txt and saves everything in new_file_name.txt

sed 's/search_query/replace_query/g' file_name.txt Replaces search_query with replace_query in file_name.txt

Search in Files

grep 'contents' /file_name.txt 

Searches for contents inside file_name.txt

grep 'contents_1|contents_2' /directory -R 

Searches for contents or contents_2 inside directory recursively

grep 'contents' /directory -i

Performs case-insensitive search

grep 'contents' /directory -x 

Matches the entire line and prints it out

grep 'contents' /directory -l

Only displays files that match contents query

Directories Navigation

cd directory

Goes to the listed sub-directory

cd -

Goes to the previous directory

ls -l

Shows where symbolic links are pointing

grep 'contents' /directory -r

Searches for contents inside directory recursively

grep 'contents' /directory -v 

Displays only the lines that don’t match contents

grep 'contents' /directory -i

Performs case-insensitive search

grep 'contents' /directory -n

Displays line numbers along with the results

grep 'contents' /directory -L

Only shows files that don’t match contents query

 cd

Goes to the home directory

ls

Lists all directories

ls -l -h

Lists all directories in long format, -h flag uses the human-readable format

cd ..

Goes the directory one level up from the current directory

ls -a

Lists all directories, including hidden ones

ls -t

List directories by modification time, showing newest first

cd ~
tree

Shows directory and file trees

stat `file.txt`

Lists file’s size alongside created and modified timestamps

Creation

mkdir new_directory 

Creates a new directory

mkdir -p parent/child/nested_child 

Creates nested directories

mktemp -d

Creates a temporary directory with a random name. Guarantees that the new directory doesn’t exist

Moving

mv old_directory new_directory Moves old_directory to new_directory
cp -r directory directory_copy

Copies directory to directory_copy recursively

tree -d

Shows directory tree tree -a Shows directory and file trees, including hidden ones

stat directory

Lists directory’s size alongside created and modified timestamps

pwd

Shows current directory path

  mkdir new_directory_1 directory_2 

Creates multiple new directories

mkdir -p {dir_one, dir_two}/nested 

Creates multiple nested directories

  cp directory directory_copy Copies directory to directory_copy

Deletion

rmdir directory 

Removes directory

rm -r directory

Removes dicrectory recursively

Symbolic Links

ln -s path link

Creates a symbolic link called link to the path directory

ln -s -f path link

Overwrites existing symbolic link called link

Popular Directory Permission

777 All possible permissions. Not recommended for security reasons.

755 Directory owner has full permissions. Other users can list the directory but won’t be able to manage the files.

700 Directory owner has full permissions. Other users have no permissions.

Permission Management

ls -l

Displays directory contents in a long format, which displays both permissions and ownership

chown :new_group file_name 

Changes group for file_name

chmod u=rwx, g=r, o-rwx file_name

Sets file_name read, write, execute permissions for the owner and other users, leaving read-only permissions for the group

chmod u+x file_name.txt

Sets the user permissions to execute

chmod u+x, g+x, o+x file_name.txt
chmod a+x file_name.txt
chmod +x file_name.txt

Sets everyone's permissions to execute

chown username:new_group file_name Changes both the owner and group

for file_name

 chown username file_name

Changes the owner for file_name

chmod 777 -R directory

Sets read, write and execute permissions for everyone in directory recursively

chmod g+x file_name.txt

Sets the group permissions to execute

Arrays Creation

indexed_array = (element_1, element_2, element_3) 

Creates an index array

declare -A associative_array = ([key_1] = element_1, [key_2] = element_2, [key_3] = element_3)

Creates an associative array

Adding Elements

indexed_array += (new_element) 

Adds a new element to an indexed array

Printing Out

echo ${indexed_array[0]} 

Prints out the first array element

associative_array += ([key_1] = new_element

Adds a new element to an associative array (note that the key needs to be provided as well)

echo ${indexed_array[@]} 

Prints out the whole array

  echo ${!associative_array[@]}

Prints out all the keys for an associative array

Deletion

unset indexed_array[2]

Removes the third element from an indexed array

unset associative_array[key]

Removes the key element from an associative array

Resource Usage and Processes

top htop

Lists out all the processes interactively

nice -n 10 process_name 

Changes the priority to 10 for process_name

kill 2468

Kills a process that has process ID 2468

 jobs -p

Shows all processes jobs alongside their IDs

 du

Shows current directory, sub-directories and file sizes

Shutdown and Reboot

ps all

Lists out all currently running processes

renice 10 2468

Changes the priority to 10 for a process that has process ID 2468

killall process_name

Kills all processes that have process_name in their name

lsof

Shows all open files and processes that use them

du /directory/sub-directory

Lists specified directory, sub-directories and file sizes

pidof process_name 

Prints out the process ID of process_name

ps -o ni 2468

Displays the priority for a process ID 2468

jobs

Shows all background processes

free

Displays memory usage

df

Shows disks alongside their used and available space

shutdown -r
reboot

Immediately reboots the system

shutdown

Shuts the system down after one minute

shutdown -r +10

Reboots the system after 10 minutes

shutdown now

Immediately shuts down the system

shutdown -c

Cancels a shutdown or reboot

shutdown +10

Shuts the system down after 10 minutes

reboot -f 

Forces a reboot

Scheduled Tasks Crontab Syntax

Access via crontab -e

[minute] [hour] [day] [month] [week] [command]

Each line represents one command to be run as directed

crontab -i

Will show a prompt before removing a user’s crontab

@daily cat /home/hello_world.sh

Schedules a background job to run every day

@reboot cat /home/hello_world.sh

Schedules a job to run after each system reboot

crontab -l

Used to view crontab entries (cron jobs), and display system crontab file contents

crontab -r

Will remove the current crontab file

* * * * * cat /home/hello_world.sh

Schedules a job to run every minute

00 08-17 * * * cat /home/hello_world.sh

Schedules a job to run every weekday, including weekends, from 8am to 5pm

@monthly cat /home/hello_world.sh

Schedules a job to run at the beginning of each month

0 12,15,17,19,21 * * * cat /home/hello_world.sh

Schedules a job to be run five times a day at 12pm, 3pm, 5pm, 7pm and, 9pm

HTTP Requests

curl https://domain.tld 

Returns response body for domain.tld

curl -o file.txt https://domain.tld Outputs to a text file

Network and DNS

ip addr

Shows all IP addresses on a system

ping -c 15 -i 3 domain.tld

Pings the domain 10 times, 3 seconds apart

traceroute domain.tld

Displays all servers the network traffic goes through

curl -i https://domain.tld

Returns response body for domain.tld and includes status code and HTTP headers

curl -H|--header "User-Agent: Agent" https://domain.tld 

Adds an HTTP header

ip route show

Shows all IP addresses to router

netstat -l

Shows all open ports

nmap 0.0.0.0

Scans for the 1,000 most commonly open ports on localhost

host example.net

Display IPv4 and IPv6 addresses for domain.tld

ping domain.tld

Sends multiple ICMP protocol ping requests netstat -i Shows all open ports with in/out usage

nmap 255.255.255.255

Scans for the 1,000 most commonly open ports on remote IP address

dig example.net

Display complete DNS information

dig example.net +short

Display complete DNS in short format

dig example.net ns 

Query NS records

dig example.net txt 

Query TXT records dig example.net A Query A records

dig example.net cname 

Query CNAME records

dig example.net MX Query MX records

Secure Shell Protocol (SSH)

ssh hostname

Connects to hostname using current username via default SSH port 22

ssh root@255.255.255.255 -p 1023

Connects via given username and IP via given SSH port

ssh root@255.255.255.255

Connects via given username and IP via default SSH port 22

Linux is an open-source Operating System which is released with different flavours (or distros) under the guise of free-to-use software. Anybody can download and run Linux free-of-charge and with no restraints on the end-user; you could release, distribute and profit from Linux with relative ease with no worry of associated cost or licensing infringement.

It is fair to say Linux has formidably and profoundly revolutionised and defined the process of interacting with electronic devices. You can find Linux in cars, refrigerators, televisions and of course, as a desktop-grade or headless operating system. Once you become accustomed to Linux, you quickly see just why all the top 500 supercomputers all run Linux.

Linux has been around since the mid-1990’s and is is one of the most reliable, secure and hassle-free operating systems available. Put simply, Linux has become the largest open sources software project in the world. Professional and hobbyist programmers and developers from around the world contribute to the Linux kernel, adding features, finding and fixing bugs and security flaws, live patching and providing new ideas—all while sharing their contributions back to the community.

Wikipedia

Linux is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds.

Direct Link to Linux on Wikipedia

Open Source

Linux is a free, open source operating system, released under the GNU General Public License (GPL). Anyone can run, study, modify, and redistribute the source code, or even sell copies of their modified code, as long as they do so under the same license.

Command Line

The command line is your direct access to a computer. It's where you ask software to perform hardware actions that point-and-click graphical user interfaces (GUIs) simply can't ask.

Command lines are available on many operating systems—proprietary or open source. But it’s usually associated with Linux, because both command lines and open source software, together, give users unrestricted access to their computer.

Installing Linux

For many people, the idea of installing an operating system might seem like a very daunting task. Believe it or not, Linux offers one of the easiest installations of all operating systems. In fact, most versions of Linux offer what is called a Live distribution, which means you run the operating system from either a CD/DVD or USB flash drive without making any changes to your hard drive. You get the full functionality without having to commit to the installation. Once you’ve tried it out, and decided you wanted to use it, you simply double-click the “Install” icon and walk through the simple installation wizard.

Installing Software on Linux

Just as the operating system itself is easy to install, so too are applications. Most modern Linux distributions include what most would consider an app store. This is a centralized location where software can be searched and installed. Ubuntu Linux (and many other distributions) rely on GNOME Software, Elementary OS has the AppCenter, Deepin has the Deepin Software Center, openSUSE has their AppStore, and some distributions rely on Synaptic.

Regardless of the name, each of these tools do the same thing: a central place to search for and install Linux software. Of course, these pieces of software depend upon the presence of a GUI. For GUI-less servers, you will have to depend upon the command-line interface for installation.

Let’s look at two different tools to illustrate how easy even the command line installation can be. Our examples are for Debian-based distributions and Fedora-based distributions. The Debian-based distros will use the apt-get tool for installing software and Fedora-based distros will require the use of the yum tool. Both work very similarly. We’ll illustrate using the apt-get command. Let’s say you want to install the wget tool (which is a handy tool used to download files from the command line). To install this using apt-get, the command would like like this:

sudo apt-get install wget

The sudo command is added because you need super user privileges in order to install software. Similarly, to install the same software on a Fedora-based distribution, you would first su to the super user (literally issue the command su and enter the root password), and issue this command:

yum install wget

That’s all there is to installing software on a Linux machine. It’s not nearly as challenging as you might think. Still in doubt?

You can install a complete LAMP (Linux Apache MySQL PHP) server on either a server or desktop distribution. It really is that easy.

More resources

If you’re looking for one of the most reliable, secure, and dependable platforms for both the desktop and the server, look no further than one of the many Linux distributions. With Linux you can assure your desktops will be free of trouble, your servers up, and your support requests minimal.

1) Ubuntu

– Ubuntu is by far the most popular Linux distribution with an intuitive GUI (Graphical User Interface) that is easy to learn and very familiar for Windows users.

– It is essentially Debian-based and easy to install with top-notch commercial support although this is largely irrelevant if you can point and click with a basic understanding of how to interact with applications as you do in Windows.

– Most preferred Linux distribution for non-tech people.

Ubuntu Project Home Page

2) CloudLinux

– CloudLinux is on a mission to make Linux secure, stable, and profitable.

– Based solely on the same platform as Red Hat Enterprise Linux for stable releases and usually command prompt based servers.

– License fees are reasonable for small businesses so it is still a go-to option in the Linux flavour world.

CloudLinux Project Home Page

3) Red Hat Enterprise Linux (a.k.a. RHEL)

– Another most famous and open-source Linux Distribution is Red Hat Enterprise Linux (RHEL). It is a stable, secure yet powerful software suited mostly to the server classification; however it does provide a wealth of tools, apps and other front end software, if not run headless.

– RHEL was devised by Red Hat for commercial purposes. It offers tremendous support for Cloud, Big Data, IoT, Virtualization, and Containers.

– Its components are based on Fedora, a community-driven project.

– RHEL supports 64-bit ARM, Power, and IBM System z machines.

– The subscription of Red Hat allows the user to receive the latest enterprise-ready software, knowledge base, product security, and technical support.

Red Hat Enterprise Linux

4) AlmaLinux

– Stable and open-source derivative of Red Hat Enterprise Linux, an easy way to run the commercial product in open-source format.

– A popular free Linux distros for VPS and operationally compatible with RHEL.

– AlmaLinux is a open-source distribution owned and governed by the community. As such, they are free and focused on the community's needs and long-term stability. Both Operating Systems have a growing community with an increasing number of partners and sponsors.

– Considered the go-to Operating System of choice since CentOS announced the end-of-life for CentOS 8, in favour of being an upstream provider to RHEL (releasing software before RHEL)

AlmaLinux Project Home Page

5) Rocky Linux

– Similar to AlmaLinux, this OS is a stable and open-source derivative of Red Hat Enterprise Linux. Use open-source instead of paying license fees.

– A popular free Linux distros for VPS and operationally compatible with RHEL.

– Rocky Linux is of course open-source and while they don't have the backing financially like AlmaLinux, it's still a worthy community contributed effort.

Rocky Linux Project Home Page

6) SUSE

– The subsequent widespread distribution is SLES which is based on OpenSUSE.

– Both OpenSUSE & SUSE Linux Enterprise Server have the same parent company – SUSE.

– SUSE is a german-based open-source software company.

– The commercial product of SUSE is SLED and OpenSUSE is the non-commercial distro.

SUSE Project Home Page

7) Debian

– It is open-source and considered a stable Linux distribution.

– Ships in with over 51000 packages and uses a unified packaging system.

– Used by every domain, including Educational Institutions, Companies, Non-profit, and Government organizations.

– Supports more significant of computer architectures. It includes 64-bit ARM (Aarch64), IBM System z, 32-bit PC (i386), 64-bit PC (amd64), and many more.

– At last, it is integrated with a bug tracking system. By reading its documentation and content available for web related to Debian helps you in its support.

Debain Project Home Page

---

Welcome to the world of open-source distros relevant today. It is all about the 7 best Linux Distros for VPS Hosting of 2023. Let us know which distribution you or your company using today. If you plan to purchase the Linux VPS Server and are confused between the Linux Distros, connect via the comments or lookup more content on here for some easy learning.