Archive

Archive for the ‘Unix’ Category

AdGaurd for blocking ads and tracker!

Hi, I just want to share my own experience of blocking the ads and trackers in PCs and Android devices. In PC normally we do use some kind of antivirus but normally we are not aware of the tracker, many sites always use that information for tracking our web activity and in case of mobile, we really do not think about these things! But I care. Again I do not want to see any kinds of advertisement in my browser or on my mobile apps. That’s why also bought so many apps for my android devices. By the way, I like to do some tricks with my devices. The first thing I do with my phone is how to do root and unlock the bootloader to use TWRP for flashing… Previously I used SuperSU but now using Magisk for Systemless root, which is now compatible with Android Pay.

For blocking ads in my android I used AdAway which is really nice but you need to become root. As for ad blocking it modifies the hosts files in the mobile and blocks the ads. But it cannot block the tracking. Then I was looking for the alternatives which will block the ads as well as can block the tracking. Then I found AdGuard. Did some research before installing and google for reviews… I found it’s good for using. I started with a trial on my mobile. The good thing about this is that you do not have to be root for using this. Without being root you can block ads and track in your device. I am sure if you try you will like it. When I found it is good for android and PC then I decided to purchase. Instead of going for a monthly subscription I found a lifetime license is a good option. I purchased a license for 2 PCs and 2 android devices. Like now you can see 30% off for back to school!

AdAway (root): https://f-droid.org/en/packages/org.adaway/

AdGuard (universal): https://adguard.com/

SSH Allowing remote hosts to connect to local forwarded ports

Sometimes some ISP dont allow user to use port 22 to ssh other server then user could not connect his desired server.
To solve this problem in server which user wants to connect, another port should be forwarded to 22 port. Then user can connect to that port.

In server side, someone should forward that port. Thats the problem… 😦

server side: ssh -gL 8022:localhost:22 localhost

& user should use -p switch to connect that server.

user side: ssh -p 8022 user@server_name

Categories: Unix Tags:

cut command

cut command displays the selected columns or fields from each line of a file.

Column selection mode:

A column is one character position. This type of selection is specified with -c option. List entries can be open (from the beginning like in -5, or to the end like in 6-), or closed (like 6-9).
cut -c 4,5,20 foo # cuts foo at columns 4, 5, and 20
cut -c 1-5 a.dat | more # print the first 5 characters of every line in the file a.dat

Field selection mode:

In this mode cut selects not characters but fields delimited by specifiec one character delimiter specified by option -d. The list of fields is specified with -f option ( -f [list] )

cut -d “:” -f1,7 /etc/passwd # cuts fields 1 and 7 from /etc/passwd cut -d “:” -f 1,6- /etc/passwd # cuts fields 1, 6 to the end from /etc/passwd

The default delimiter is TAB. If space is used as a delimiter, be sure to put it in quotes (-d ” “).

Categories: Ubuntu, Unix

Running jnlp files in Linux while using Firefox

it is quite simple you need to install jdk & you have to choose which file to open that.

1. Install jdk from http://java.sun.com

sudo ./jdk-6u14-ea-bin-b03-linux-i586-10_mar_2009.bin

2. try to open java web start file ( jnlp ) from browser and when browser prompt – openwith – direct to always open with /bin/javaws

Thats all you are done.

Categories: Ubuntu, Unix

installing VMWARE on UBUNTU (.bundle file)

To install .bundle file in ubuntu you need to run the following command

sudo sh VMware-Player-2.5.1-126130.i386.bundle

then follow the instruction & you are done.

Categories: Ubuntu, Unix

Install OpenOffice.org 3.0 on Ubuntu

In installing openoffice3 in ubuntu we have to first remove the existing openoffice from our system

sudo apt-get remove openoffice*.*

download a copy of OpenOffice.org 3.0 (OOo_3.0.0_LinuxIntel_install_en-US_deb.tar.gz worked for me) and extract the download:

tar -zxvf Ooo_3.0.0_LinuxIntel_install_en-US_deb.tar.gz

That will create a directory called something like OOO300_m9_native_packed-1_en-US.9358
Switch into the DEBS directory in that directory:

cd OOO300_m9_native_packed-1_en-US.9358/DEBS/

Now all you need to do is install all of those .deb packages:

sudo dpkg -i *.deb

That will do the trick. Once you’ve given your password your system should install all of the required files.

With that done you should have just one thing left to do: Install the desktop integration package. That should be in the DEBS folder:

cd desktop-integration

From that folder install the package:

sudo dpkg -i openoffice.org3.0-debian-menus_3.0-9354_all.deb

If everything works out you should be able to open OpenOffice.org 3.0 from the Applications menu on your desktop.

Disclaimer: It is always a good idea to backup your important stuff before removing applications and installing new ones.

One other problem with removing my previous version of OpenOffice.org was that my aspell spellchecker got messed up. Coincidence? Maybe, but if you have the same problem you may need to re-install aspell-en to get your spellchecker for apps such as pidgin working again.

Categories: Ubuntu, Unix

.bz2 extension handling

The .bz2 extension belongs to the bzip2 compression utility which replaces gzip. You may unpack the .tar.bz2 files directly using one of the following commands:

        using the newer version of tar:
tar xjf

or, using the older version of tar:
tar xIf

or, with all versions of tar:
bunzip2 -c | tar xf -

Categories: Ubuntu, Unix

Advanced SSH security tips and tricks

Change SSH listening port

By default, SSH listens for connections on port 22. For security reason person can change the port for listening. Then other person connecting from the network have to specify the port number otherwise connection will be refused.

Open the /etc/ssh/sshd_config file and look for the line that says:

Port 22

Change the port number and restart the SSH service:

/etc/init.d/ssh restart

Suppose new port number is 222. Then only those person can connect to my PC who knows my new PORT number. Then person have to specify the port number while connecting via SSH

mishu@mishu:~$ ssh picklu@192.168.6.9
ssh: connect to host 192.168.6.9 port 22: Connection refused // as I made change in the listening port.

mishu@mishu:~$ ssh -p 222 picklu@192.168.6.9
picklu@192.168.6.9’s password: // when particular port number is given then it gives the password prompt.

Allow only SSH protocol 2

There are two versions of the SSH protocol. Using SSH protocol 2 only is much more secure.

Edit /etc/ssh/sshd_config and look for the line that says:

Protocol 2,1

Change the line so it says only protocol 2.

SSH with graphical interface

If any one is willing to access the remote PC with graphical interface then user have to use a switch -Y.

command is like this

picklu@picklu:~$ ssh -Y mishu@mishu

Allow only specific users to log in via SSH

User should not permit root logins via SSH, because this is a big and unnecessary security risk. Configure SSH server so that root user is not allowed to log in. Find the line that says:

PermitRootLogin yes

Change yes to no and restart the service. You can then log in with any other defined user and switch to user root if you want to become a superuser.

If you would like to have a list of users who are the only ones able to log in via SSH, it can also be specified in the sshd_config file. For example, let’s say I want to allow users mishu, and rumee to log in via SSH. At the end of sshd_config file I would add a line like this:

AllowUsers mishu rumee

Using DSA/RSA public key authentication

Instead of using login names and passwords for SSH authentication, user can use DSA/RSA public keys for authentication. Note that user can have both login names and DSA/RSA public key authentication enabled at the same time. User need a pair of DSA/RSA keys — one public and one private. User keep the private key on your machine and copy the public key to the server or other machine where s/he wants to login. When user wants to log in to an SSH session, the server checks the keys, and if they match, you are dropped into the shell. If the keys don’t match, you are disconnected.

In this example the private machine (from which I will connect to the server/other machine) is station1 and the server machine is server1. Procedure is following:

First I need to create a pair of keys on my private machine.

picklu@picklu:~$ ssh-keygen -t rsa

There will be prompted for a pass-phrase for your private key, but it can be blank because this is not a recommended method. A key pair is generated: private key is located in ~/.ssh/id_rsa and your public key is located in .ssh/id_rsa.pub.

Next, copy the contents of ~/.ssh/id_rsa.pub to server1 into the ~/.ssh/authorized_keys file.

If the file ~/.ssh/authorized_keys already exists, append the contents of the file ~/.ssh/id_rsa.pub to the file ~/.ssh/authorized_keys on server1 by following command.

cat id_rsa.pub >> .ssh/authorized_keys

The only thing left to do is to set the correct permissions of ~/.ssh/authorized_keys file on server1:

~$ chmod 600 ~/.ssh/authorized_keys

Now, configure the sshd_conf file to use the DSA/RSA keys authentication. Make sure you have the following three lines uncommented:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

Restart the service. If everything configured correctly, user should now be able to SSH to the server without any interaction.

If you would like to use DSA/RSA authentication only, make sure you uncomment and change the PasswordAuthentication line in sshd_config from yes to no:

PasswordAuthentication no

If anyone tries to connect to your SSH service and doesn’t have a public key on the server, he will be rejected without even seeing the login prompt with this error:

Permission denied (publickey).

N. B. If .ssh or its parent directory is group writable then this will not work.

Create a custom SSH banner

If you would like any user who connects to your SSH service to see a specific message, you can create a custom SSH banner. Simply create a text file (in my example in /etc/ssh-banner.txt) and put any kind of text message in it; for example:

*****************************************************************
*This is a private SSH service. You are not supposed to be here.*
*Please leave immediately. *
*****************************************************************

When done editing, save the file. In the sshd_conf file, find a line that says:

#Banner /etc/issue.net

Uncomment the line and change the path to your custom SSH banner text file.

Categories: Unix

Shebang

In computing, a shebang (also called a hashbang, hashpling, or pound bang) refers to the characters “#!” when they are the first two characters in a script file. Unix-like operating systems take the presence of these two characters as an indication that the file is indeed a script, and attempt to execute that script using the interpreter specified by the rest of the first line in the file. For instance, Bourne shell scripts always start with the first line:

#!/bin/sh

More precisely, a shebang line consists of a number sign and an exclamation point character (“#!“), followed by the (full) path to the interpreter program that will provide the interpretation. The shebang is looked for and used when a script is invoked directly (as with a regular executable), and largely to the end of making scripts look and act similarly to regular executables, to the operating system and to the user.

Example shebang lines

Some typical interpreters for shebang lines:

  • #!/bin/bash — Execute using the Bourne-again shell
  • #!/bin/bash -c '/bin/bash' — Execute using bash in the /bin/ directory, and calls bash inside the /bin/
  • #!/bin/csh — Execute using csh, the C shell
  • #!/bin/ksh — Execute using the Korn shell
Categories: Unix

remote copy using rsync

Sometimes its better to use rsync then scp command for copying file from remote machine where bandwidth is one of the issue. You can specify the bandwidth usage in the rsync but this facility is not available in scp.

command format:

rsync [OPTION]…bwlimit=XX [USER@]HOST:SRC DEST

-v, –verbose increase verbosity
-a, –archive archive mode; same as -rlptgoD (no -H, -A)
-u, –update skip files that are newer on the receiver
-r, –recursive recurse into directories
-e ssh = specify the remote shell to use
–bwlimit=KBPS limit I/O bandwidth; KBytes per second

e.g.: rsync -av bwlimit=XX -e ssh user@host:/path_of_the_SRC_file /path_where_it_will_stored

Some times you will find error like
ld.so.1: rsync: fatal: libgcc_s.so.1: open failed: No such file or directory
i.e. no libgcc found on /usr/local/lib and rsync always look for libgcc_s.so.1 on /usr/local/lib
Then simply make a soft link
ln -s /usr/sfw/lib/libgcc_s.so.1 /usr/local/lib/libgcc_s.so.1 [on Sun host only]

Categories: Ubuntu, Unix