CategoryLinux

SSH to Netapp without password

Assuming you have

1. Linux box

2. Netapp box

You need to ssh to Netapp box without password, please follow the guide below , it is taken from Netapp site with the last steps they didn’t include which is to off and on “ssh2.enable” in order to reset the ssh2.

Setup SecureAdmin:

  1. Configure SecureAdmin to enable SSH2 to only accept defaults when it comes to selecting key size.
    Example:

    filer> secureadmin setup ssh

    SSH Setup
    ---------
    Determining if SSH Setup has already been done before...no

    SSH server supports both ssh1.x and ssh2.0 protocols.

    SSH server needs two RSA keys to support ssh1.x protocol. The host key is generated and saved to file /etc/sshd/ssh_host_key during setup. The server key is re-generated every hour when SSH server is running.

    SSH server needs a RSA host key and a DSA host key to support ssh2.0 protocol. The host keys are generated and saved to /etc/sshd/ssh_host_rsa_key and /etc/sshd/ssh_host_dsa_key files respectively during setup.

    SSH Setup prompts for the sizes of the host and server keys.
    For ssh1.0 protocol, key sizes must be between 384 and 2048 bits.
    For ssh2.0 protocol, key sizes must be between 768 and 2048 bits.
    The size of the host and server keys must differ by at least 128 bits.

    Please enter the size of host key for ssh1.x protocol [768] :
    Please enter the size of server key for ssh1.x protocol [512] :
    Please enter the size of host keys for ssh2.0 protocol [768] :

    You have specified these parameters:
    host key size = 768 bits
    server key size = 512 bits
    host key size for ssh2.0 protocol = 768 bits
    Is this correct? [yes]

  2. Setup will now generate the host keys in the background. This could take a few minutes to complete. After the setup is complete, start the SSH server using the ‘secureadmin enable ssh‘ command. A syslog message is generated when the setup is complete.
    filer> Wed Oct 25 05:59:56 GMT [rc:info]: SSH Setup: SSH Setup is done. Host keys are stored in /etc/sshd/ssh_host_key, /etc/sshd/ssh_host_rsa_key and /etc/sshd/ssh_host_dsa_key.

 

Linux:

  1. Configure and enable SSH on the Storage Controller as outlined in the Windows section above, steps 1 through 3.
  2. Test SSH access from the Linux client:
    linux> ssh root@filer ?
  3. From the Linux client, Generate the public/private key pair:
    linux> ssh-keygen -t rsa
  4. When asked for a ‘passpharse’, do not enter one.  Just press Enter twice.
  5. Mount the Storage Controller’s root volume to a temporary path on the linux client:
    linux> mount filer:/vol/vol0 /mnt/filer
  6. Create a folder on the storage controllers root volume: /etc/sshd/<username>/.ssh
    linux> mkdir -p /mnt/filer/etc/sshd/<username>/.ssh
    — Note: An error may be generated if this path already exists.  This can be safely ignored.
  7. Append the contents of the id_rsa.pub file to the 'authorized_keys' file:
    linux> cat ~/.ssh/id_rsa.pub >> /mnt/filer/etc/sshd/<username>/.ssh/authorized_keys
  8. Set the correct permissions on the .ssh folder and authorized_keys file:
    linux> chmod 700 /mnt/filer/etc/sshd/<username>/.ssh
    linux> chmod 600 /mnt/filer/etc/sshd/<username>/.ssh/authorized_keys
  9. filer>options ssh2.enable off
  10. filer>options ssh2.enable on
  11. Test that SSH to the Storage Controller does not prompt for a password:
    linux> ssh <user>@filer
    filer>
  12. Unmount the Storage Controller’s root volume:
    linux> cd ~
    linux> umount /mnt/filer

awk print output to 1 line

awk '{printf("%s ",$1) }' <file name>

Simple Home NAS solution

I have been thinking on having my home NAS and i did survey for a few market product like QSNAP or SYNOLOGY will cost me near to 1000USD , if i were to get a RAID-5 + hot swap features. I struggled for a while and decided to use the simplest + cheap solution for home NAS to host my photo + movie + mp3.

Step 1 – Identify OS:

1. Freenas – FreeBSD based , i like FreeBSD because it was the core for Netapp too.

2. Openfiler – CentOS based, customized for NAS.

3. Fedora + Samba

I picked number 3 which is Fedora + Samba , as i still need my NAS OS to be a multi purpose server and i love YUM~

Step2 – Hardware

1. 2 years old HP 110 Netbook

2. 2TB Seagate External Harddisk

Finally…. the combination!

HP 2 years old 110

2TB Seagate External Disk

Fedora 15

python script for simple write and delete test

Have been interested for python script and finally i got a chance to play with it.

So the mission for today is to create the write and delete test for my environment.

Local machine  —-COPY—>  Mounted filesystem in NAS

Why i am doing so? to get a baseline for my write and delete operation.I will make use of “time” command to get total runtime for the script to complete the operation. So here goes the simple script(Feel free to provide your code if you have idea, i am a noob in python:) )

BTW, Nanako is just an echo.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/python
import os
import shutil
 
#set source path & file name
src = "/usr2/"
file_name = "testfile.txt"
source_file_path = src + file_name
 
#set destination path
dest = "/data/tingwei/test_copy/"
 
#set number of copies for the copying progress
copies = 1000
dir_copies = 10
 
for x in range(dir_copies):
    dirname = dest + str(x)
    if not os.path.isdir(dirname):
        os.mkdir(dirname)
        print "Nanako: mkdir " + str(dirname)
#start progress
        print "Nanako: Ready to copy " + `copies` + " files."
        for i in range(copies):
                new_file_name = file_name + `i`
                dest_file_path = dirname + "/" + new_file_name
                shutil.copyfile (source_file_path, dest_file_path)
 
print "Nanako: Done copying " + `copies` + " files."
print "Nanako: Preparing to cleanup " + dest
 
#this line is to remove the files & directories created
for x in os.listdir(dest):
   shutil.rmtree(os.path.join(dest,x))
 
#just in case you want to see is there any left over in the destination
def listdir_fullpath(d):
    return [os.path.join(d, f) for f in os.listdir(d)]
 
for i in listdir_fullpath(dest):
    print i

LVM extend in live mode!

Q: I have a LVM(logical volume) in my Linux, i need to extend the size without offline the logical volume.

A:

You will need to ensure you have spaces in volume group. Assuming the VG name is : VolGroup00.

[root@linux1 data]# vgdisplay
— Volume group —
VG Name               VolGroup00
System ID
Format                lvm2
Metadata Areas        1
Metadata Sequence No  10
VG Access             read/write
VG Status             resizable
MAX LV                0
Cur LV                8
Open LV               8
Max PV                0
Cur PV                1
Act PV                1
VG Size               1.36 TB
PE Size               32.00 MB
Total PE              44703
Alloc PE / Size       28570 / 872.81 GB
Free  PE / Size       16133 / 524.16 GB
VG UUID               d2vwa2-6JHI-lTXJ-0WHg-iXhv-6COc-h01kf6

According to “Free PE/Size” you have 524.16GB left . Then you are good to proceed with the steps.

Lets check the current size of the LV you want to resize

[root@linux1 data]# df -h .
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-lvdata
296G  191M  281G   1% /data

Lets start increasing the size!

[root@linux1 data]# lvextend -L+20G /dev/VolGroup00/lvdata
Extending logical volume lvdata to 320.00 GB
Logical volume lvdata successfully resized

Then resize it live!

[root@linux1 data]# resize2fs /dev/VolGroup00/lvdata
resize2fs 1.39 (29-May-2006)
Filesystem at /dev/VolGroup00/lvdata is mounted on /data; on-line resizing required
Performing an on-line resize of /dev/VolGroup00/lvdata to 83886080 (4k) blocks.
The filesystem on /dev/VolGroup00/lvdata is now 83886080 blocks long.

The final output you are looking for 🙂

[root@linux1 data]# df -h .
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-lvdata
315G  195M  299G   1% /data

Easy right? The original guide in Redhat showed “ext2online” but i don’t see it in my /sbin ! Luckily my best friend google told me resize2fs is the new method 🙂 Redhat you should update your documentation!

Promote NIS Slave Server in Redhat/CentOS

Situation: You have NIS Master, you need a slave setup in your office.

This tutorial is covering steps for Redhat/CentOS/Fedora 64 bits. It might differ from what you have seen online.

1. Install ypserv in your server

yum install -y  ypserv.x86_64

2. Start the services

service ypserv start

service ypxfrd start

3. Verify the yp is ready

#rpcinfo -u localhost ypserv
program 100004 version 1 ready and waiting
program 100004 version 2 ready and waiting
4. Copy the database fro Master

/usr/lib/yp/ypinit -s master_domain_name

or

/usr/lib64/yp/ypinit -s master_domain_name

5. edit /etc/yp.conf

ensure you have the new slave hostname set is primary

6. Test

ypcat -k passwd | grep userid

7. Never forget to turn on

chkconfig ypserv on

chkconfig ypxfrd on

How to keep the database in sync?

1. Master push , this can be done via master. You can find it here

2.Slave pull from Master.

/usr/lib64/yp/

either one will do:

ypxfr_1perday  ypxfr_1perhour  ypxfr_2perday

Run this at your crontab 🙂

Use awk to calculate total size of files – part 1

Your boss came to you and asked for total size of files which has not been accessed for more than 30 days! Assume that you are just checking for 1 directory “/abc” . Here comes the simple command:

find /abc -atime +30 -exec ls -lk ‘{}’ \;  | awk ‘{SUM += $5} END {print SUM} ‘

Explaination:

find /abc -atime +30 -exec ls -lk ‘{}’ \

find command will find /abc and check for accestime which has not been access for 30 days and list it out the result

awk ‘{SUM += $5} END {print SUM} ‘

awk will sum all the result then only print out final figure.

The command is extremely useful especially you have multiple of directory residing in /abc :

/abc/123

/abc/456

/abc/789

Just write a simple script to generate it! I will cover this on next post.

-rwsr-xr-x Unix file permission

Everybody handling a Unix operating system would very well know what chmod 777 means. That the owner, group and the user of the file is given all permissions (Read, Write and Execute on a particular file). This could otherwise be written as “chmod ugo+rwx “. Meaning that you are giving User, Group and Owner of the file, the rights to Read, Write and Execute the file.

Here comes the rws scenario. Best example that is available for this rws is /usr/bin/passwd command (just issue a “ls -l /usr/bin/passwd”) .

Normally, any user is allowed change HIS password. Meaning he can make an entry or change HIS entry in the /etc/passwd file. But he can never be given ‘WRITE’ permissions on the file because he might end up disturbing other person’s password too. Only a ROOT user is allowed permissions on the /etc/passwd file.

This is where the “rws” comes to picture. When we give “rws” permission to the /usr/bin/passwd command, Unix would assume that the command is executed by the ROOT user. (the user doesnt have permissions on the /etc/passwd file but the root user has). Root user (RWS) permissions could be given on a file as chmod 4700 .

arun@arun-desktop:~/Desktop$ chmod 4700 hi.txt
arun@arun-desktop:~/Desktop$ ls -l hi.txt
-rws—— 1 arun arun 0 2007-01-17 06:48 hi.txt

If you need to act as a group user of a file and not a normal user when executing a particular command (as against the root user) then user “chmod 2700 ”

arun@arun-desktop:~/Desktop$ chmod 2700 hi.txt
arun@arun-desktop:~/Desktop$ ls -l hi.txt
-rwx–S— 1 arun arun 0 2007-01-17 06:48 hi.txt

The 4 and 2 in the front of the chmod commands are called as SUID and SGID bits.

What if we put a 1 instead of 4 and 2 (chmod 1700 ).

arun@arun-desktop:~/Desktop$ chmod 1700 hi.txt
arun@arun-desktop:~/Desktop$ ls -l hi.txt
-rwx—–T 1 arun arun 0 2007-01-17 06:48 hi.txt

It shows a “T” in the place of “x” for a normal user. This “T” bit is called as the Sticky bit.

“When the sticky bit is turned on for a directory users can have read and/or write permissions for that directory, but they can only remove or rename files that they own. The sticky bit on a file tells the operating system that the file will be executed frequently. Files like this are kept in swap space even when they aren’t being executed. Although this takes up swap space it greatly reduces the time it takes to execute the program. Some programs such as vi have the sticky bit turned on by default on some Unixes.”

Source: http://beanpicks.wordpress.com/2007/02/03/rwsr-xr-x-unix-file-permission/

Redhat KVM – Network bridge

Redhat just released RHEL 5.4 with KVM & Xen both supported in this release, so i have downloaded CentOS 5.4 and try to play around with KVM.

My hardware:

Dell M710 with 8 cores of  Nehalem , 72G of RAMs

My OS:

CentOS 5.4 with KVM & Xen installed

My test guest:

Windows 7

The sweet thing:

The bad thingssss:

  • Xen & KVM cannot run in the same time, it is either KVM or Xen
  • No paravirtualization in KVM, only FULL Virtialization, Xen jhas both!
  • Need driver for network in paravirtualzied mode for XP,Vista,Win7
  • No network bridge setup!! Xen do this automatically for us! Network bridge allow your guest os to have their own IP without sharing with the host! I will cover this later on.

Continue reading

Linux useful find command

find /var/log -mtime +60 -type f -exec rm -rf {} \;

This command will do a search in /var/log for all files that were last modified 60 or more days ago and executes a recursive forced (-rf) remove (rm). The “{}” (curly braces) is the place holder for exec to use where it will put the name of the file, and the “\;” tells exec that’s the end of the statement. Find is very powerful, and I suggest you do some reading BEFORE you do any removing using “find”. Also, as a test you can replace the “rm -rf” with “ls -la” to get a list of all the files that would be removed. And, if you want to remove files with specific names or extensions use the “-name” argument.

Source : http://www.linuxquestions.org/questions/linux-general-1/shell-script-to-remove-old-files-based-on-date-7368/

I wanted to find the file which has not been modified(untouch) for more than 30days and list it out for me.

find /usr1 -mtime +60 -type f -exec ls -l {} \;

so, if you want to find the file has been modified within 10  days just modify mtime value

find /usr1 -mtime -10 -type f -exec ls -l {} \;

© 2018 Thinkway

Theme by Anders NorénUp ↑