Eu vou andando Sozinho
Pelas ruas sem destino
Os carros passam acelerados
Pessoas vao num passo apressado
Mil pensamentos na cabeca
Vem e vao num segundo
Tudo gira de vagar
Essa e uma estranha sensacao
Quando olho pra tras
Tudo passou num carrerao
Quadros nas paredes, imoveis
Sera que estao parados?
O mundo gira la fora
como pode algo nao ser sugado
Por esse turbilhao
Que passa desembestado
O mnundo gira, os carros passam
A vida passa e tudo muda
Tudo muda, sera?! Ou nada muda?
O mundo gira desembestado
A vida passa num carreirao
Vai num passo troteado
Arrastando tudo de supetao
tudo vai sendo sugado aos poucos
por esse voraz turbilhao
Sera que isso e vida
Ou sera so uma ilusao?
by Renato de Oliveira
Wednesday, 23 July 2014
SSH Passwordless or RSA key authentication
Log to a remote system using SSH without having to type the password.
This has few different names, such as: passwordless, RSA key authentication, key based auth etc.
Recently i was trying to implement a mechanism to save all logs under /var/log/ to a central server, just for keeping a record daily of these logs, in case we need to check things out at later date (security).
You will need to make some changes to the remote SSH server and the local SSH client.
To start with lets name two Linux Servers: Linux01 and Linux02.
You want to lot to Linux02 from Linux01 without having to type the password for a specific user, let's call it "user01".
Make sure the user exists on both Linux servers or at least on the remote Server (Linux02).
# adduser user01
# passwd user01
# su - user01
~ ssh-keygen
cat .ssh/id_rsa.pub | ssh user01@linux02 'cat >> .ssh/authorized_keys'
chmod 600 authorized_keys
by Renato de Oliveira
This has few different names, such as: passwordless, RSA key authentication, key based auth etc.
Recently i was trying to implement a mechanism to save all logs under /var/log/ to a central server, just for keeping a record daily of these logs, in case we need to check things out at later date (security).
You will need to make some changes to the remote SSH server and the local SSH client.
To start with lets name two Linux Servers: Linux01 and Linux02.
You want to lot to Linux02 from Linux01 without having to type the password for a specific user, let's call it "user01".
Make sure the user exists on both Linux servers or at least on the remote Server (Linux02).
# adduser user01
# passwd user01
# su - user01
~ ssh-keygen
cat .ssh/id_rsa.pub | ssh user01@linux02 'cat >> .ssh/authorized_keys'
chmod 600 authorized_keys
by Renato de Oliveira
Sunday, 25 May 2014
Send Users Commands typed in the SHELL to Syslog
# cd /etc
# vi profile
Add the lines below:
function history_to_syslog
{
declare command
command=$(fc -ln -0)
if [ "$command" != "$old_command" ]; then
logger -p local1.notice -t bash -i -- $USER : "$command"
fi
old_command=$command
}
trap history_to_syslog DEBUG
# vi rsyslog.conf
Add the lines below:
# Logging users BASH commands to syslog
local1.notice /var/log/cmd.log
By Renato
# vi profile
Add the lines below:
function history_to_syslog
{
declare command
command=$(fc -ln -0)
if [ "$command" != "$old_command" ]; then
logger -p local1.notice -t bash -i -- $USER : "$command"
fi
old_command=$command
}
trap history_to_syslog DEBUG
# vi rsyslog.conf
Add the lines below:
# Logging users BASH commands to syslog
local1.notice /var/log/cmd.log
By Renato
Thursday, 22 May 2014
Juniper SRX web-management not loading or working (Security)
Today I was trying to do some work on one of our Juniper Firewalls and I tried and tried to access the web interface and no luck.
I could access the firewall over SSH but I wanted to visually check the configuration using HTTP.
I tried resetting logs
I tried removing old traceoptions
I did not want to reboot the firewall and I did not! Happy days
In the end what did the trick was easy option, to restart the web-management
admin@firewall> edit
admin@firewall# run restart web-management
Web management gatekeeper process started, pid 75995
{primary:node0}[edit]
admin@ccpsrx240-01#
I could access the firewall over SSH but I wanted to visually check the configuration using HTTP.
I tried resetting logs
I tried removing old traceoptions
I did not want to reboot the firewall and I did not! Happy days
In the end what did the trick was easy option, to restart the web-management
admin@firewall> edit
admin@firewall# run restart web-management
Web management gatekeeper process started, pid 75995
{primary:node0}[edit]
admin@ccpsrx240-01#
And that is it!
If you come across this problem next time.
by Renato de Oliveira
Tuesday, 6 May 2014
Give root privileges without giving root shell (Security)
Give root privileges without giving root shell
If you have a team of Linux Sysadmins, and would like the team to have root privileges, but would not want to give a shell to them, this is what you need to do.
You will need to familiarise yourself with a package called sudo. Let's say you have a sysadmin named admin1.
All you need to do is:
Create an account for admin1 then edit the sudo configuration file called sudoers.
Create new user
# adduser admin1
Set the new users password
# passwd admin1
Change to etc folder
# cd /etc
Edit sudo config file
# vi sudoers
Add the lines below to sudoers
## Shell and SU
Cmnd_Alias NSHELLS = /bin/sh,/bin/bash
Cmnd_Alias NSU = /bin/su
admin1 ALL=(ALL) ALL
It is that simple. Does not take too long and now you can keep the root password separate and do not need to disclose it to other sys admins.
by Renato de Oliveira
If you have a team of Linux Sysadmins, and would like the team to have root privileges, but would not want to give a shell to them, this is what you need to do.
You will need to familiarise yourself with a package called sudo. Let's say you have a sysadmin named admin1.
All you need to do is:
Create an account for admin1 then edit the sudo configuration file called sudoers.
Create new user
# adduser admin1
Set the new users password
# passwd admin1
Change to etc folder
# cd /etc
Edit sudo config file
# vi sudoers
Add the lines below to sudoers
## Shell and SU
Cmnd_Alias NSHELLS = /bin/sh,/bin/bash
Cmnd_Alias NSU = /bin/su
admin1 ALL=(ALL) ALL
It is that simple. Does not take too long and now you can keep the root password separate and do not need to disclose it to other sys admins.
by Renato de Oliveira
Monday, 5 May 2014
Rushing Around by Renato de Oliveira
Rushing around
Trying to do everything
There is a feeling
Something I am missing
So many hours in a day
How many things can I do?
Even if I don't sleep
I can't do much too
Rushing around
This is how I am feeling
Never enough time
For what I need
From one thing to another
Jumping from here to there
Why should I even bother
Or even really care
Frustration builds up
Never finishing what I started
goal post is a moving target
Rushing around
is the new world we live in
There is never enough time
for you or for me
I like writing and I am exercising my writing in English. If you like this lyric and would like to make a song just get in touch.
My Days Are Counted
My Days Are Counted by Renato de Oliveira
I have this feeling
What’s the meaning of all of that
Is it really worth it
I go home, what do I have
My days are counted
How many I don’t know
My days are counted
I just have to go
I just have this feeling
And it won’t go away
It is so unfulfilling
I just can’t stay
My days are counted
1, 2 , 3 I really don’t know
My days are counted
I just have to go
It is not that easy
To live this way
A life without meaning
Dragging day by day.
Counting my days
How far can I go?
Counting my days
It is sad though
My days are counted…..
If you find this lyric interesting or good and are interested in making a song of it, just get in touch and I have some ideas.
by Renato de Oliveira
Subscribe to:
Posts (Atom)