Tag Archives: opensource

Allow root login on FreeBSD

To allow root login via ssh on FreeBSD, edit sshd_config file:

sudo vi /etc/ssh/sshd_config

Find this line:

#PermitRootLogin no

and change it to:

PermitRootLogin yes

Now Restart sshd:

[email protected]:~ # /etc/rc.d/sshd restart
Performing sanity check on sshd configuration.
Stopping sshd.
Waiting for PIDS: 1698.
Performing sanity check on sshd configuration.
Starting sshd.

Restore grub without live CD on Linux

If you start your Ubuntu and it display a grub shell to you, you can run this command below to fix it:

grub-rescue> prompt
             set prefix=(hdX,Y)/boot/grub
             set root=(hdX,Y)
             ls /boot
             insmod /boot/grub/linux.mod
             linux /vmlinuz root=/dev/sdXY ro
             initrd /initrd.img

* Ensure that you entered correct partition (e.g. hd0,1) for hdX,Y. If not, than your grub will be messed.

References :

Maltrieve on Mac OS X

Maltrieve originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites, including:

  • Malc0de
  • Malware Black List
  • Malware Domain List
  • VX Vault
  • URLqery
  • CleanMX

If you want to install maltrieve on your Mac OS X, below is the steps to install it.

  • First, install beautifulsoup4 via pip
sudo pip install beautifulsoup4
  • Install required dependencies via apt-get
sudo port install libxml2 libxslt py-lxml
  • Download maltrieve from github
sudo git clone https://github.com/technoskald/maltrieve.git
cd maltrieve
python maltrieve.py -d pull -l maltrieve.log

Done. Now you can use the Maltrieve on your Mac OS X.

Installing Comodo Positive SSL Certs on Apache

Recently, I purchased Comodo Positive SSL for one of my web. Since this is my new experience on installing SSL onto Apache, I write this article so that anyone can refer to this step and also as my personal note.

  1. Before you install the certificates, you need to set up your virtual hosts and Apache configuration.
    In /etc/apache2/ports.conf add this line:
NameVirtualHost *:443

So the ports.conf will be something like this:

NameVirtualHost *:80
Listen 80

NameVirtualHost *:443
  1. Then in your vhost file which is usually located at /etc/apache2/sites-enabled/default-ssl, edit or make sure this line is there:
<VirtualHost _default_:443>

SSLEngine on
SSLCertificateFile    /etc/ssl/crt/www_your_domainname_org.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCACertificatePath /etc/ssl/crt/
SSLCACertificateFile /etc/ssl/crt/www_your_domainname_org.cer

This is the actual SSL certificate. Comodo will name it after your domain e.g. www_your_domainname_org.crt. So just copy the file into the correct directory /etc/ssl/crt/ and make sure your vhost file points to it.

When you first generated your CSR to send to the commercial SSL issuer you should have gotten a key file. You just need to move it into the same folder as your SSL cert if it’s not there already and point the line to your vhost config.

Comodo sends you that zip file with 3 individual CRT files in it you need to combine a couple of them into one file. You can ignore the file named after your domain and just focus on the other two. You need to combine them into one file in a very specific order.

Run this command to generate a file that matches your vhost config, remembering to change the file names to whatever the SSL issuer has given you:

cat PositiveSSLCA2.crt AddTrustExternalCARoot.crt > www_your_domainname_org.cer

Then, restart your server:

sudo a2enmod ssl
sudo service apache2 restart

Update MySQL root password

To change your MySQL root password, first you need to connect to the sql server via terminal
mysql -u root -p

In my case, my root password is null/empty. So I need to create new mysql root password.
So, after you login to the mysql, enter this command:

use mysql;
update user set password=PASSWORD("") where User='root';
flush privileges;

Upgrade Ruby on Mac OS X

Ruby Version Manager (RVM)
RVM is a command-line tool which allows you to easily install, manage, and work with multiple ruby environments from interpreters to sets of gems. RVM provides the flexibility to use any version of Ruby that you require. It also can be use to upgrade your current ruby version on Mac OS X. You can look for more info at here: https://rvm.io

So now, let’s try open new Terminal, and run this command:
ruby -v

Likely, it’ll show version number ruby 1.8.7.
If you’re just starting out with Ruby, don’t use an old version; you want 1.9.2!
So here is there steps to upgrade your ruby version to the current latest version via RVM.

Step 1
Open a terminal and run the following command:
\curl -L https://get.rvm.io | bash -s stable –ruby

Step 2
After a few seconds of installation, we need to make the RVM available to the shell. We’ll do this by updating our ~/.bash_profile file.

cd ~/
sudo vim .bash_profile
[[ -s “$HOME/.rvm/scripts/rvm” ]] && source “$HOME/.rvm/scripts/rvm” # This loads RVM into a shell session.

* If this file does not exist, you should create it manually. Paste the following to the bottom of the page.

Step 3
To be safe, let’s restart the terminal to make sure that everything took effect. To ensure that RVM is correctly installed, type:

Step 4
Ensure you have the latest version of Xcode

Step 5
To download Ruby 1.9.2, open a new terminal, and type:
rvm list known

You’ll see a long list of versions…
$ rvm list known

Now, let’s try install Ruby 1.9.2:
rvm install 1.9.2

That should take a moment to install.

Once the installation has completed, we need to tell RVM which version of Ruby we currently want to use. Run the following comamnd:
rvm use 1.9.2

Next, test it by checking the version number:
ruby -v

It should returns ruby 1.9.2p290 (2011-07-09 revision 32553) [x86_64-darwin11.1.0].
Nice. Now you’re now using Ruby 1.9.2.

If you closed the terminal, and run the ruby -v command, and it returns the old version of ruby, you need to specify the latest ruby version.

Open new terminal, and run this command:
rvm –default use 1.9.2

So now it should be as we wanted. πŸ™‚

Install/Upgrade to MySQL 5.6 on Ubuntu 12.04 LTS

First, you need to get MySQL installers from https://dev.mysql.com/downloads/mysql/#downloads

I ran following command to get MySQL 5.6.14(32bit):
wget -O mysql-5.6.14.deb https://dev.mysql.com/get/Downloads/MySQL-5.6/mysql-5.6.14-debian6.0-i686.deb/from/http://cdn.mysql.com/

Install dependency
sudo apt-get install libaio1

Then install Mysql 5.6.14
sudo dpkg -i mysql-5.6.14.deb

Backup your MySQL 5.5 data
You will need this only if you are upgrading…

cd ~
mkdir backup && cd backup
mysqldump -A –events > dump/alldb.sql

cp -pr /etc/mysql config

service mysql stop
cp -pr /var/lib/mysql/ data

This is your backup folder & data in case if of anything. But if everything when well, you will not need the backups.

Remove MySQL 5.5 Packages
sudo apt-get remove mysql-common mysql-server-5.5 mysql-server-core-5.5 mysql-client-5.5 mysql-client-core-5.5
sudo apt-get autoremove

Setup MySQL 5.6 Startup Script
cp /opt/mysql/server-5.6/support-files/mysql.server /etc/init.d/mysql.server
update-rc.d -f mysql remove
update-rc.d mysql.server defaults

Update environment
sudo nano /etc/environment
source /etc/environment

Confirm changes
Run this command:
which mysql

Should show:

Update mysql config file
sudo nano /etc/mysql/my.cnf
basedir = /opt/mysql/server-5.6
lc-messages-dir = /opt/mysql/server-5.6/share

Start MySQL 5.6
Its time to start new mysql…
service mysql.server start

If you cannot start mysql server, then install this package:
sudo apt-get install ia32-libs php5-mysql

Then try to start it again.

Final Step
If you are upgrading from mysql, run this command:
mysql_upgrade -u root -p

Otherwise if its a fresh install, run following:
/opt/mysql/server-5.6/scripts/mysql_install_db –user=mysql –datadir=/var/lib/mysql

Enjoy. πŸ™‚

SSH warning: unprotected private key file!

Recently I tried to playing around with Amazon EC2 server. After subscribing & setup my server, it will give you cert pem key to access the server instead of entering the key manually.

When I try to login, I got this error:
Permissions 0440 for ‘xxx.pem’ are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: xxx.pem

To fix this problem, just run this command:
chmod 0400 xxx.pem

The xxx.pem is your cert key file. After that try to login again. Should be fine. πŸ™‚