Year: 2012

Home » 2012

Linux Restricted Shells: rssh and scponly

by
security

Restricted shells like rssh and scponly give sysadmin the possibility to limit the operations that Linux user can do, for example you can create user that will be allowed to copy files via scp but won’t be permitted to login into system’s command line. This is quite important security feature that should be considered by every sysadmin to prevent unauthorized activity by users for example over SSH. If you have some online storage that is used for uploading backup data over scp or rsync/ssh from remote hosts then … Read more

Home » 2012

Track file changes using auditd

by
command line

Most of Linux distributions comes with Linux Auditing System that makes it possible to track file changes, file accesses as well as system calls. It’s pretty useful functionality for sysadmins who wish to know who and when accessed and/or changed sensitive files like /etc/passwd, /etc/sudoers or others. Daemon auditd that usually runs in background and starts after reboot by default logs those events into /var/log/audit.log file (or into other file if different syslog facility is specified). The common usage is to list all files which should … Read more

Home » 2012

Limit CPU usage of Linux process

by
CPU not matter anymore

cpulimit is a small program written in C that allows to limit CPU usage by Linux process. Limit is specified in percentage so it’s possible to prevent high CPU load generated by scripts, programs or processes. I found cpulimit pretty useful for the scripts running from cron, for example I can do overnight backups and be sure that compression of 50GB file via gzip won’t eat all CPU resources and all other system processes will have enough CPU time. In most of Linux distributions cpulimit … Read more

Home » 2012

Top 5 Password Managers for Linux

by
keepassx

In this post you will find set of password managers for Linux which provides secure storage for your passwords for sensitive data. If you still keep the passwords in plain text then you must consider one of available password managers so this article is for you. KeePassX KeePassX has been a very popular and famous password manager for Linux for a very long time and still trusted by pretty big number of users. When user launches the KeePassX password manager first it requires to set … Read more

Home » 2012

Grub Fallback: Boot good kernel if new one crashes

by
grub featured

It’s hard to believe but I didn’t know about Grub fallback feature. So every time when I needed to reboot remote server into a new kernel I had to test it on local server to make sure it won’t panic on remote unit. And if kernel panic still happened I had to ask somebody who has physical access to the server to reboot the hardware choose proper kernel in Grub. It’s all boring and not healthful – it’s much better to use Grub’s native fallback feature. … Read more

Home » 2012

Why Mosh is better than SSH?

by
command line

Mosh (stands for Mobile Shell) is replacement of SSH for remote connections to Unix/Linux systems. It brings a few noticeable advantages over well known SSH connections. In brief, it’s faster and more responsive, especially on long delay and/or unreliable links. Key benefits of Mosh Stays connected if your IP is changed. Roaming feature of Mosh allows you to move between Internet connections and keep Mosh session online. For example, if your wifi connection changes IP you don’t need to reconnect. Keeps session after loosing connection. … Read more

Home » 2012

Attach ISO image stored in XenServer local storage

by
xen server featured

Citrix XenServer is powerful hypervisor that is based on Linux (Redhat/Centos/Fedora family) and competes with Vmware ESXi and offer wide range of virtualization features for data centers. In general you can do a bare-metal installation of XenServer to your hardware server and create multiple virtual machines (VMs) inside XenServer host. Obviously you’ll need to have the possibility to boot VM from DVD-Rom to start installation of, let’s say, Linux Mint. You can do it using hardware DVD-Rom of the host XenServer or attach ISO image and … Read more

Home » 2012

Track Cisco BGP peers using Nagios

by
Nagios (featured logo)

Few will deny that monitoring of Cisco devices is essential part of sysadmin’s job. I personally use Nagios to track states of BGP neighbors on Cisco routers so if one of peers goes down I’ll receive a phone call from Nagios. You may have redundant network topology but it still makes sense to know when peer goes offline, how often it happens and how fast failover router (if any) pick-ups the traffic from failed peer. There are a few plugins for Nagios to monitoring BGP … Read more

Home » 2012

Top Open Source IP Address Management Software

by
ipplan feat

In this post you will find top open source software for IP address management (IPAM). If you are sysadmin at organization that holds pool of IP addresses and allocates its parts to clients then you must use IP address management tools to track used, reserved, allocated or free IP addresses. It usually prevents an overhead and allows to have clear picture of IP addresses resources usage within an organization on the whole. For example, it may be useful to know how many free IP networks are … Read more

Home » 2012

Top 5 Linux Monitoring Tools. Web Based.

by
Monitoring (featured logo)

Linux system monitoring is one of the most important tasks for every sysadmin: it is crucial to know everything about system including CPU load, network traffic statistics, memory consumption, logged in users, availability of disk free space or service. And it’s inevitable that something breaks or goes down from time to time so usually it’s just better to know it happened from Linux monitoring system’s alert rather than from angry user. Believe me, it is true. In this article I’ve listed top 5 web based … Read more