Difference between revisions of "Main Page"

From TheBestLinux.com
Jump to navigation Jump to search
(2 intermediate revisions by the same user not shown)
Line 1,002: Line 1,002:
 
GENERAL.CONNECTION:                    lo
 
GENERAL.CONNECTION:                    lo
 
lines 1-23
 
lines 1-23
 +
</pre>
 +
<br /><br />
 +
 +
Using some of this information on using the nmcli command-line tool, we can use it to confirm if networking configuration is handled automatically, using DHCP(Dynamic Host Control Protocol) to automatically obtain an available IP address and configure the DNS servers to be used, routes to traverse etc., or if it's configured to setup the IP address, default gateway, DNS servers, and other routes manually, with information you should already have in order to configure the networking setup.
 +
 +
<br /><br />
 +
Here is an example to display if the networking is configured automatically using DHCP, or if it's configured automatically:
 +
<pre style="color:blue">
 +
[jamie@rocky9vm34.dawgland.com:~]$ nmcli -f ipv4.method con show ens33
 +
ipv4.method:                            manual
 +
[jamie@rocky9vm34.dawgland.com:~]$
 +
</pre>
 +
<br /><br />
 +
 +
In this example, it shows the ipv4.method is configured to be manually configured.
 +
<br /><br />
 +
 +
Here's an example showing a system configured to have it's networking configured automatically, using DHCP:
 +
<pre style="color:blue">
 +
[jamie@rocky94template ~]$ nmcli -f ipv4.method con show ens34
 +
ipv4.method:                            auto
 +
[jamie@rocky94template ~]$
 
</pre>
 
</pre>
 
<br /><br />
 
<br /><br />
Line 1,089: Line 1,111:
  
 
== '''Firewall Information on Linux Systems''' ==
 
== '''Firewall Information on Linux Systems''' ==
Firewalls come in two distinct types:  Hardware-Based & Software-Based. Hardware-based firewalls are usually "dedicated" machines that have a minimum of two ethernet ports, and preferably more. One ethernet port is connected to the external Internet, and the other ethernet port(s) are connected to internal private nee
+
Firewalls come in two distinct types:  Hardware-Based & Software-Based. Hardware-based firewalls are usually "dedicated" machines that have a minimum of two ethernet ports, and preferably more. One ethernet port is connected to the external Internet, and the other ethernet port(s) are connected to internal private network
 +
 
 +
=== '''Fail2Ban - One of the most widely used firewalls on the Linux operating system''' ===
 +
Installation of the fail2ban firewall is pretty straight-forward, so will not go into the details on installation until I have more time to spend creating documentation.
 +
<br /><br />
 +
The MOST-COMMON question and concern, especically for new users, is how to unblock your or someone elses account once it's blocked by fail2ban!  There's nothign worse than being locked out of your own system you just created, LOL!
 +
The following URL will take you to a web page that shows in detail how to unblock blocked accounts under fail2ban:
 +
<br />
 +
https://serverfault.com/questions/285256/how-to-unban-an-ip-properly-with-fail2ban
 +
<br />
 +
 
 
=== '''Red Hat Linux Based System Firewall Configuration & Management''' ===
 
=== '''Red Hat Linux Based System Firewall Configuration & Management''' ===
 
Red Hat Enterprise Linux based systems, such as the old CentOS, and current Rocky, Alpine, Fedora and RHEL itself use a tool called "firewall-cmd" to create firewall rules, manage the firewall, and remove firewall rules.  The firewall-cmd tool requires at least one argument, and all arguments start with a double-hyphen, such as --list-services.  Here's a simple example of the --list-services in use:
 
Red Hat Enterprise Linux based systems, such as the old CentOS, and current Rocky, Alpine, Fedora and RHEL itself use a tool called "firewall-cmd" to create firewall rules, manage the firewall, and remove firewall rules.  The firewall-cmd tool requires at least one argument, and all arguments start with a double-hyphen, such as --list-services.  Here's a simple example of the --list-services in use:

Revision as of 23:17, 11 November 2024

Welcome to TheBestLinux.com Wiki!


TheBestLinux.com is now co-located in multiple data-centers globally!


New Servers Added in Amsterdam & Singapore!


The VM servers making up TheBestLinux.com and it's accompanying sites and services are physically located in data centers in Los Angeles, Amsterdam, Singapore & Western Oregon. If you are interested in any of these types of setups, let me know!

TheBestLinux.com is your source for Linux Operating System Solutions & Information,
and embraces "Open Source" sharing and collaborative development of useful solutions.

TheBestLinux.com not only specializes with Linux based systems, with over 30 years of specializing in Linux based solutions, but also has over 40 years of experience with all things related to computers and computing, both hardware and software, as well as IoT - "The Internet of Things", embracing Internet based technology!

New Email Servers using Kamatera.com as host are being deployed after researching the best VM/VPS hosts for my particular requirements, as well as being the best bang for the buck! I highly recommend them and will be looking into becoming an affiliate.

Nested Virtualization - The Next BIG Thing in Virtualization!

Nested Virtualization has been getting a lot of attention recently, as it allows you to maximize your physical and virtual infrastructure by running virtual machines inside of virtual machines!

Check out the new section dedicated to all things Nested Virtualization here, and as this section is now, please be sure to check back often to see frequent updates with information, tips & tricks! Click this link to check out the new section:

Nested Virtualization

Ansible Information & How-To's

Here is the Ansible info.

New Docker & Kubernetes Information Section Created!

Check out my new Containerization section with info on Docker, Kubernetes, LXC, ECS, Azure and more Right Here!!!

Programming, Coding & Development!

Basic programming & coding

Scripting - Tips & tricks on creating scripts for automation and more!

Check out my new scripting section here!

New Website Development & Programming Section Created

Learn HTML5, CSS & Javascript to create killer websites! - Check it out here!

New PHP Info Micro How-To Right Here!

PHP Info

Newest Linux Info, Tips & Tricks!



New Ubuntu Section - Hope this Section is of Help to Those Using Ubuntu!

Ubuntu_Info

Hardware Specific Information

This section is about computer hardware, both finding out what hardware is in a running Linux computer as well as getting specific types of hardware to work in a Linux environment.

Hardware Querying - Display Information on Your Specific Hardware

There are literally thoughsands of tools and utilities available to display detailed information about your specific current hardware, from basic simple one-liners to complex scripts and programs designed to delve deep within the innards of your computer's hardware! Here are just a few:

Linux Built-In Hardware Querying Tools:

  • dmesg
  • lspci
  • lsusb
  • /proc

Full-Blown Apps & Utilities:


      • AND MUCH More to come, as I find time to add them!

Monitors

There are a number of ways to probe the system for connected monitors and other video devices, from searching thorough kernel messages with the "dmesg" command, to using GUI tools. I prefer using the command line whenever possible, as it's best to know in the event you are working on a "headless"system, and logging into it remotely using SSH(Secure Shell). Tbr />
The "/sys/class/drm" directory often contains files which can be queried and/or decoded to obtain detailed information on connected video devices, such as manufacturer and model number, both of which are extremely useful when trying to diagnose hardware issues, including video problems.
Here is an example of the contents of the /"sys/class/drm" on the computer I am currently logged into, which has only two monitors connected at this time, but has had up to 4 at a time on some occasions.

[jamie@server.dawgland.com:/sys/class/drm]$ ls
card0       card0-DP-2      card0-HDMI-A-2  renderD128
card0-DP-1  card0-HDMI-A-1  card0-VGA-1     version



These are actually whare are known as "symlinks", which are special files which point to other subdirectories within the Linux OS directory structure. Within each of these subdirectories are special files which relate to video devices connected to the system at the time.

For instance, within the directory pointed to by the "card0-DP-1" symlink, if I first change to this directory, and do a l"long" listing using the "-l" switch to the "ls" list command, "ls -l", you can see here that there are other symlinks as well as other subdirectories and files:

[jamie@server.dawgland.com:/sys/class/drm/card0-DP-1]$ ls -al
total 0
drwxr-xr-x.  5 root root    0 Feb  4 08:40 .
drwxr-xr-x. 10 root root    0 Feb  4 08:40 ..
lrwxrwxrwx.  1 root root    0 Feb  5 17:46 device -> ../../card0
-r--r--r--.  1 root root 4096 Feb  5 17:46 dpms
drwxr-xr-x.  3 root root    0 Feb  5 17:46 drm_dp_aux0
-r--r--r--.  1 root root    0 Feb  5 17:46 edid
-r--r--r--.  1 root root 4096 Feb  5 17:46 enabled
drwxr-xr-x.  3 root root    0 Feb  4 08:40 i2c-9
-r--r--r--.  1 root root 4096 Feb  5 17:46 modes
drwxr-xr-x.  2 root root    0 Feb  5 17:46 power
-rw-r--r--.  1 root root 4096 Feb  5 17:46 status
lrwxrwxrwx.  1 root root    0 Feb  5 17:46 subsystem -> ../../../../../../class/drm
-rw-r--r--.  1 root root 4096 Feb  5 17:46 uevent



The ONE VERY important file that holds the secrets of what video device is connected to this video output port on the computer's video interface card is the "EDID" file.

This particular computer has 2 video cards for a total of 6 video output ports:
card0, card0-DP-2, card0-HDMI-A-2, card0-DP-1, card0-HDMI-A-1 and card0-VGA-1.

The special "EDID" file is encoded, so you can't simply view it's contents, as you will get "garbage", as seen here:

[jamie@server.dawgland.com:/sys/class/drm/card0-DP-1]$ cat edid
 �F(x:C��RD�&PT���������qOV^���)P0 5��!��2KY
      �LC32G5xT
    �HNTT301414
  "F�#	����:�q8-@X,E��!D[



In order to view the contents of the EDID file, you need to install a utility to decode it, namely, the "edid-decode" utility/tool. Using the package management tool of the Linux distribution you are using, install "edid-decode" and any dependencies of may have for your Linux distrubnution. Then, run the "edid-decode" tool against your existing edid files to find out what video device is connected to each video output on your computer. Here is an example of me running it now on the "card0-HDMI-A-2" output port:

[jamie@server.dawgland.com:/sys/class/drm]$ edid-decode <./card0-HDMI-A-2/edid
edid-decode (hex):

00 ff ff ff ff ff ff 00 10 ac f4 40 53 47 56 32
24 1b 01 03 80 33 1d 78 ea eb f5 a6 56 51 9c 26
10 50 54 a5 4b 00 71 4f 81 80 a9 c0 d1 c0 01 01
01 01 01 01 01 01 02 3a 80 18 71 38 2d 40 58 2c
45 00 fd 1e 11 00 00 1e 00 00 00 ff 00 33 47 4a
32 31 37 39 35 32 56 47 53 0a 00 00 00 fc 00 44
45 4c 4c 20 50 32 33 31 37 48 0a 20 00 00 00 fd
00 38 4c 1e 53 11 00 0a 20 20 20 20 20 20 01 9b

02 03 17 b1 4c 90 05 04 03 02 07 16 01 14 1f 12
13 65 03 0c 00 10 00 02 3a 80 18 71 38 2d 40 58
2c 45 00 fd 1e 11 00 00 1e 01 1d 80 18 71 1c 16
20 58 2c 25 00 fd 1e 11 00 00 9e 01 1d 00 72 51
d0 1e 20 6e 28 55 00 fd 1e 11 00 00 1e 8c 0a d0
8a 20 e0 2d 10 10 3e 96 00 fd 1e 11 00 00 18 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ed

----------------

Block 0, Base EDID:
  EDID Structure Version & Revision: 1.3
  Vendor & Product Identification:
    Manufacturer: DEL
    Model: 16628
    Serial Number: 844515155
    Made in: week 36 of 2017
  Basic Display Parameters & Features:
    Digital display
    Maximum image size: 51 cm x 29 cm
    Gamma: 2.20
    DPMS levels: Standby Suspend Off
    RGB color display
    First detailed timing is preferred timing
  Color Characteristics:
    Red  : 0.6513, 0.3378
    Green: 0.3183, 0.6123
    Blue : 0.1513, 0.0654
    White: 0.3134, 0.3291
  Established Timings I & II:
    IBM     :   720x400    70.082 Hz   9:5    31.467 kHz  28.320 MHz
    DMT 0x04:   640x480    59.940 Hz   4:3    31.469 kHz  25.175 MHz
    DMT 0x06:   640x480    75.000 Hz   4:3    37.500 kHz  31.500 MHz
    DMT 0x09:   800x600    60.317 Hz   4:3    37.879 kHz  40.000 MHz
    DMT 0x0b:   800x600    75.000 Hz   4:3    46.875 kHz  49.500 MHz
    DMT 0x10:  1024x768    60.004 Hz   4:3    48.363 kHz  65.000 MHz
    DMT 0x12:  1024x768    75.029 Hz   4:3    60.023 kHz  78.750 MHz
    DMT 0x24:  1280x1024   75.025 Hz   5:4    79.976 kHz 135.000 MHz
  Standard Timings:
    DMT 0x15:  1152x864    75.000 Hz   4:3    67.500 kHz 108.000 MHz
    DMT 0x23:  1280x1024   60.020 Hz   5:4    63.981 kHz 108.000 MHz
    DMT 0x53:  1600x900    60.000 Hz  16:9    60.000 kHz 108.000 MHz (RB)
    DMT 0x52:  1920x1080   60.000 Hz  16:9    67.500 kHz 148.500 MHz
  Detailed Timing Descriptors:
    DTD 1:  1920x1080   60.000 Hz  16:9    67.500 kHz 148.500 MHz (509 mm x 286 mm)
                 Hfront   88 Hsync  44 Hback 148 Hpol P
                 Vfront    4 Vsync   5 Vback  36 Vpol P
    Display Product Serial Number: '3GJ217952VGS'
    Display Product Name: 'DELL P2317H'
  Display Range Limits:
    Monitor ranges (GTF): 56-76 Hz V, 30-83 kHz H, max dotclock 170 MHz
  Extension blocks: 1
Checksum: 0x9b

----------------

Block 1, CTA-861 Extension Block:
  Revision: 3
  Underscans PC formats by default
  Supports YCbCr 4:4:4
  Supports YCbCr 4:2:2
  Native detailed modes: 1
  Video Data Block:
    VIC  16:  1920x1080   60.000 Hz  16:9    67.500 kHz 148.500 MHz (native)
    VIC   5:  1920x1080i  60.000 Hz  16:9    33.750 kHz  74.250 MHz
    VIC   4:  1280x720    60.000 Hz  16:9    45.000 kHz  74.250 MHz
    VIC   3:   720x480    59.940 Hz  16:9    31.469 kHz  27.000 MHz
    VIC   2:   720x480    59.940 Hz   4:3    31.469 kHz  27.000 MHz
    VIC   7:  1440x480i   59.940 Hz  16:9    15.734 kHz  27.000 MHz
    VIC  22:  1440x576i   50.000 Hz  16:9    15.625 kHz  27.000 MHz
    VIC   1:   640x480    59.940 Hz   4:3    31.469 kHz  25.175 MHz
    VIC  20:  1920x1080i  50.000 Hz  16:9    28.125 kHz  74.250 MHz
    VIC  31:  1920x1080   50.000 Hz  16:9    56.250 kHz 148.500 MHz
    VIC  18:   720x576    50.000 Hz  16:9    31.250 kHz  27.000 MHz
    VIC  19:  1280x720    50.000 Hz  16:9    37.500 kHz  74.250 MHz
  Vendor-Specific Data Block (HDMI), OUI 00-0C-03:
    Source physical address: 1.0.0.0
  Detailed Timing Descriptors:
    DTD 2:  1920x1080   60.000 Hz  16:9    67.500 kHz 148.500 MHz (509 mm x 286 mm)
                 Hfront   88 Hsync  44 Hback 148 Hpol P
                 Vfront    4 Vsync   5 Vback  36 Vpol P
    DTD 3:  1920x1080i  60.000 Hz  16:9    33.750 kHz  74.250 MHz (509 mm x 286 mm)
                 Hfront   88 Hsync  44 Hback 148 Hpol P
                 Vfront    2 Vsync   5 Vback  15 Vpol P Vfront +0.5 Odd Field
                 Vfront    2 Vsync   5 Vback  15 Vpol P Vback  +0.5 Even Field
    DTD 4:  1280x720    60.000 Hz  16:9    45.000 kHz  74.250 MHz (509 mm x 286 mm)
                 Hfront  110 Hsync  40 Hback 220 Hpol P
                 Vfront    5 Vsync   5 Vback  20 Vpol P
    DTD 5:   720x480    59.940 Hz   3:2    31.469 kHz  27.000 MHz (509 mm x 286 mm)
                 Hfront   16 Hsync  62 Hback  60 Hpol N
                 Vfront    9 Vsync   6 Vback  30 Vpol N
Checksum: 0xed



As you can see, there is a LOT of information it spits out, so you will probably want to filter out the results using the additional command line tool "grep", (GetRegularExPression). Her is an example to filter out just the manufacturer and model:

[root@server.dawgland.com:/sys/class/drm]# edid-decode <./card0-HDMI-A-2/edid | grep -E 'Man|Mod'
    Manufacturer: DEL
    Model: 1662



That's much better! Just the info we want! You can use these same principles to "grep" other useful information from your system. Play around with it, as you can't really break anything as long as you are not the "root", aka, superuser, or using sudo!
So, with that output, we can deduce there is a Dell model 1662 connected to the HDMI a-2 port on my video card0.

You can use this same process to query the other video output ports on your computer to see what monitor is connect to them. Currently, I only have one other monitor connected to this computer, on "card0-DP-1". Here's the same "edid-decode" command run on that port:

[jamie@server.dawgland.com:/sys/class/drm]$ edid-decode <./card0-DP-1/edid | grep -E 'Man|Mod'
    Manufacturer: SAM
    Model: 28809



As you can see, the monitor connected to "card0-DP-1" is a Samsung model 28809. However, this model number is what is known as an "Internally Used Model Identifier". To get the "Actual" model number, we need to filter our results to find the "Display Product Name" filed, which contains the "real" model, as seen here:

[jamie@server.dawgland.com:/sys/class/drm]$ edid-decode <./card0-DP-1/edid | grep -E 'Display Product Name'
    Display Product Name: 'LC32G5xT'



There is the "REAL" model number! And here's the one for the Dell monitor:

[jamie@server.dawgland.com:/sys/class/drm]$ edid-decode <./card0-HDMI-A-2/edid | grep -E 'Display Product Name'
    Display Product Name: 'DELL P2317H'



There are many other ways to query your video devices, but for now, I will call it good on this topic. There are millions of other sources online in you want to dig even deeper!


One of my favorite commands for finding out exactly what hardware devices are part of a running Linux computer is "dmesg"! I have used this command for over 30 years now, and find it's really useful regardless of the actual Linux distribution a system is running. The "dmesg" command(without the quotes) shows the kernel messages as they relate to the hardware the Linux kernel finds when booting up. You can go through the output of the command one page at a time by piping it into the "more" command.

Here's an example of running the "dmesg" command and piping it into the "more" command. Note that the "pipe" is the straight vertical line, usually above the ENTER key on your keyboard, as a shifted backslash(\). The pipe looks like this: | Here's the example:

[jamie@server.dawgland.com:~]$ dmesg | more



To exit viewing the "dmesg" output while piping it's output into the "more" command, use the "Q" key to Quit the "more" utility.

You can also narrow down the output of the "dmesg" command to search for specific items in the "dmesg" output, by piping the "dmesg" output into the "grep" command(grep stands for "Get Regular ExPression") and using a keyword to search for something specific. I like to give the "grep" command the -i switch, to allow it to find both upper and lower case results.

Here's an example of piping the output of the "dmesg" command into the "grep" command using the -i switch:

[jamie@server.dawgland.com:~]$ dmesg | grep -i bios
[10785680.025014] Hardware name: LENOVO ThinkServer TS140/ThinkServer TS140, BIOS FBKT48AUS 08/26/2013



Here's another example, this time from one of my virtual DNS servers running on my personal VM server:

[jamie@ns1.dawgland.com:~]$ dmesg | grep -i bios
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000001ffeffff] usable
[    0.000000] BIOS-e820: [mem 0x000000001fff0000-0x000000001fffffff] ACPI data
[    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[    0.000000] SMBIOS 2.5 present.
[    0.000000] DMI: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[    0.000000] ACPI: DSDT 0x000000001FFF0470 002325 (v02 VBOX   VBOXBIOS 00000002 INTL 20190509)
[2883115.739886] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006



As you can see from the above command output, it shows that machine is actually a "VM", a "Virtual Machine". I run a bunch of "virtual machines" on my big main servers, allowing me to have servers that perform specific tasks in my network.

Here's the same command, run on an old 32-bit Dell machine:

root@oldslack:~# dmesg | grep -i bios
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000027f76fff] usable
[    0.000000] BIOS-e820: [mem 0x0000000027f77000-0x0000000027f78fff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000027f79000-0x0000000027ffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec0ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee0ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000ffb00000-0x00000000ffffffff] reserved
[    0.000000] SMBIOS 2.3 present.
[    0.000000] DMI: Dell Computer Corporation OptiPlex GX240               /OptiPlex GX240               , BIOS A05 07/19/2002
[    0.154804] PCI: PCI BIOS revision 2.10 entry at 0xfbe2e, last bus=2



One of the great things about using this command is it usually shows you the actual brand name and model number of the computer it's being run on!

Another handy command I use often to find out if a running Linux computer has a 32 bit architecture/CPU or a 64-bit one is the "getconf" command and specifying the system variable "LONG_BIT". Here's an example:

[jamie@server.dawgland.com:~]$ getconf LONG_BIT
64



The "uname" command is also a very handy tool, as one of it's switches, the -m switch, also will show you if a running system is a 32-bit or 64-bit architecture. If a system is 32-bit, the output of the "uname -m" command will show either "i386" or "i686". With a 64-bit system, the output will be "x86_64".

Here's an example of the output of the "uname -m" command on a 32-bit system:

jamie@oldslack:~$ uname -m
i686



And here's the same command, running on a 64-bit system:

[jamie@server.dawgland.com:~]$ uname -m
x86_64



CentOS Specific Info

CentOS_8

Amazon Linux

Amazon_Linux

Grub - GRand Unified Bootloader

Grub has been around for a long time, taking over the bootup role on most Linux installations from the "OLD" Lilo tool. Lilo stands for "LInux Loader", in case anyone is interested.

The configuration files for Grub are usually in /boot/grub2/grub.cfg, /etc/grub2.cfg with additional configuration settings in /etc/grub.d/. After a change has been made to any of the grub configuration files, you must re-apply those changes using the grub2-mkconfig command as the root superuser. Here is an example of the usage of grub2-mkconfig:

[root@cos8vm54.dawgland.com:/boot/grub2]# grub2-mkconfig -o /boot/grub2/grub.cfg
 
Generating grub configuration file ...
done
[root@cos8vm54.dawgland.com:/boot/grub2]#



Changing Runlevel at Bootup Time - Useful for Diagnostics & Repairing Systems

Occasionally, when something doesn't work as it should, and you find your system is not booting up normally as it should, you can modify the runlevel mode it boots into in order to run diagnostic tests and fix issues that may be preventing a normal bootup.
Changing the bootup runlevel can be very helpful in situations where you need to fix a system that maybe is not starting up Xwindows or the GUI display manager correctly, or not at all. Or maybe in multi-user runlevel 3, some services are not starting up properly, changing into runlevel 1(singler-user mode) or runlevel 3(multi-user mode without graphical desktop/interface) can allow you to boot up, log in, and fix stuff!

To temporarily change the runlevel at bootup, as soon as you see the Linux bootup screen, known as the Grub screen, use any of the cursor arrow keys on your keyboard to move up or down in the list of OS options to stop the countdown that starts booting in the default configuration. Then, with the default OS highlighted, tap the "E" key on your keyboard to edit that bootup entry. Then, using the down-arrow key on your keyboard, navigate to the line that starts with


Scripts & Other Automation Tools

Shell/Bash Scripts



  • Display IP version 4 address of first network interface on a Linux machine one-liner:
[jamie@www.thebestlinux.com:~]$ ip -4 addr show `ip -4 addr | grep -m 1 '2:' | awk '{ print $2; }' | sed 's/\:.*$//'` | grep -m 1 inet | awk '{ print $2; }' | sed 's/\/.*$//'
64.225.69.239



  • Display username Apache or Nginx web server is running as:
[jamie@www.dawgland.com~]$ ps -ef | egrep '(apache|apache2|nginx)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}'
apache



Conditional Statements

Conditional statements are the basic building blocks of creating scripts that test for certain conditions, and then do something or don't do something, depending on what you want to end results to be.

One of the most common and most useful statements are the "if ... else", to test for a condition to be true or false, or equal to something else, and so on.

Here's a basic example of how "if... else" works. Note that the "if" statements always end with "fi", as seen in this example which tests to see if the MySQL database server is running. This is just the basic begging of the script I am creating, so doesn't do anything other than print statements to the screen as to the results of the test within the "if... else" statement:

#!/usr/bin/bash

chksql=`ps ax | grep -v grep | grep mysqld_safe`
if [[ -z $chksql ]]
then
        echo "The Database Server is NOT RUNNING!!!"
        echo "MUST FIX NOW!!!"
else
        echo "All Good!"
fi

I will then add code to send an email to me if the DB server is down. Or I can just have the script start the database server back up, or do both! The choice is up to you!

Now, we need to have the script actually fix the issue, if it finds the issue is occuring, as this particular issue is intermittant, so I never know when it will occur, causing one of my websites to break. Here is the final version of the script where we remove the "echo" informational statements and have it fix the MariaDB database server is it happens to be down when the script is run. Here is the final version of the script using the standard systemctl tool:

!/usr/bin/bash

chksql=`ps ax | grep -v grep | grep mysqld_safe`

if [[ -z $chksql ]]
then
        /usr/bin/systemctl start mariadb &
fi

The last step is to automate the running of the script. Since this issue is critical, causing the entire website to be down, I want to run this script at intervals that are not too far apart. I chose to have it run every 5 minutes, and I use the standard Linux/UNIX scheduling tool "CRON".

Cron has a ton of options and will already be configured to your particular Linux distribution to run many maintenance tools, so I will not get into the detail of how Cron works, and what each cron "job", as they are referred to, are actually doing. This is how I created the new cron job. The first step is to edit the crontab as the root superuser:

[root@mail:~]# crontab -e

Then, I add the following line:

*/5 * * * *	/usr/local/sbin/ChkMySQL

Use the Vi commands :x to exit saving the file.

You can confirm it created the new cron job by typing "crontab -l", without the quotes. That's an L, for list in this command.

Hard Drives & Other Storage Devices

Hard drives have come a VERY LONG WAY, and are still, in my opinion, the most common and most certain common point of most computer hardware failures. It's not about if a hard drive will die, but WHEN it WILL DIE, because ALL hard drives eventually DIE!!!

That being said, there are many things you can do to help alleviate the horrors of losing a hard drive or other type of storage devices. Some are as simple as following simple basic backup procedures regularly, but that is easier said than done, especially if it needs to be done manually. Automating backups is something EVERYONE should do!!!

Other things you can do is use redundancy, either manually saving copies of important or critical files in more than one location, on more than one device, preferably in different physical locations, so that even disaster recovery is possible! I once read a book titled that about 30-some years ago!

One of the things I really also like to do, on top of backups, is using RAID arrays, such as simple I mirroring, so that every bit of every byte of data is redundantly stored on two mirrored identical hard drives, which is exactly what I do on my main production servers! I use both hardware and software based RAID, and both are rock-hard solid stable and reliable within the Linux operating system! If one hard drive dies, which one always will, the other takes over and when the failed drive is replaced, a mirror image of the other drive is automatically created and synchronized into the mirror RAID array! Suffice it to say, I LOVE RAID!!!

On to actually useful information, instead of my personal long-time experience with thousands upon thousand of hard drives in my lifetime! Here are some very useful hard drive and other storage devices useful commands, in no particular order.

There are many more and I will add them as they come to mind, but off the top of my head, these are the most useful on a day-to-day basis. Each of these command has multitudes of options, arguments, and the like, so I will detail them as I have time. Most require elevated root superuser privileges, so be VERY VERY CAREFUL, and DO NOT HIT the ENTER key until you are certain you have typed the command exactly as you intended and then double and triple check again before you hit the ENTER key!!! There is no going back if you make a mistake as the root superuser, most often, so again, I can't stress enough the important of double and triple checking your commands before committing them!!! Commands run as the root superuser will NOT warn you, or say "Are you sure...", so you MUST BE SURE! Enough on that. You have been warned!



SWAP - Linux Drive Space Configured as Additional RAM Memory - Similar to Windows Pagefile

Linux systems usually always have a one or more dedicated hard drive partitions configured as SWAP type 82 in fdisk/MBR or 0x8200 using gdisk with GPT partition tables, which are used as extra RAM memory storage in the event real system RAM memory is close to being all used up. This prevents eventual crashes due to insufficient memory. The "Linux Standard" for the amount of SWAP size is usually double the amount of physical RAM memory, up to a given point, depending on the total amount of physical memory the hardware supports. But as a general rule, SWAP is configured using a dedicated hard drive partition double the size of available physical RAM memory.

Swap on Virtual & Cloud-Based Machines

On many cloud-based virtual machine(VM's/VPS's/Instances/Etc.), a dedicated hard drive partition is not included by default, and in those cases, I find it best practice to manually add a "Swap File" in place of of a missing or un-included dedicated swap partition. The process is very simple, and uses physical hard drive space to create a dedicated swap file which is configured as "SWAP Space" at system boot-up. Most "Cloud" service providers don't include dedicated Swap partitions, and users can either buy and pay for additional hard drive storage space to configure as dedicated Swap partition space, or you can manually create, configure and use a Swap file which will consume a specified portion of your hard drive storage space which is already part of the Linux operating system, as described here.

Here is the process to create a 2-Gigabyte swap file and configure it to be enabled and used at system startup:

First, create the actual swapfile using either the "fallocate" or "dd" command, as shown here.

Using the "fallocate" command:

[root@ca.dawgland.com:/]# fallocate -l 2G /myswapfile



Or, better yet, using the "dd" command. This is the "preferred" method to create a new Swap file, as writing Zero's using the "dd" command as shown in the below example to create the new Swap file prevents the possibility of having "holes" in your swap file,
resulting in an errors similar to this:

swapon: swapfile has holes



The "count" number is calculated by multiplying the number of GB required((2) X 1024) X 1024) --> 2 X 1024 = 2048 --> 2048 X 1024 = 2097152:

Here is an example of the actual command:

[root@ca.dawgland.com:/]# dd if=/dev/zero of=/myswapfile bs=1024 count=2097152
2097152+0 records in
2097152+0 records out
2147483648 bytes (2.1 GB) copied, 14.7458 s, 146 MB/s



Then, change it's permissions to r/w ONLY for the owner, root, and confirm:

[root@ca.dawgland.com:/]# chmod 0600 /myswapfile 
[root@ca.dawgland.com:/]# ls -l /myswapfile 
-rw------- 1 root root 2147483648 Mar  1 05:33 /myswapfile



Convert the new /myswapfile into an actual "swap" file type:

[root@ca.dawgland.com:/]# mkswap -L MYSWAP /myswapfile
Setting up swapspace version 1, size = 2 GiB (2147479552 bytes)
LABEL=MYSWAP, UUID=c56006f3-9926-4b52-9d96-63f30b7e34f2



Enable the new swap file:

[root@ca.dawgland.com:/]# swapon /myswapfile



Make it permanent and enabled at each bootup:

[root@ca.dawgland.com:/]# vi /etc/fstab



Add this line to the end of the file and save it:

/swapfile       none            swap            defaults                0 0



Swap on Physical Computers - aka "Bare Metal"

Most physical "hardware" computers, be them desktop workstations or rack-mounted servers should have a portion of hard drive space configured and used as swap partitions, as in the rare event of a system running out of memory on today's large-memory systems, if there is no SWAP space reserved and configured, the computer and all it's services will come to a screaching crash, causing any open files to be lost and most likely corrupted! It's NOT worth taking the chance as cheap as drive space is these days!

I have seen issues where not enough physical drive space was setup and configured at the time of OS installation, and ended up running short on needed swap space. In those cases, there are usually two options leading to a viable solution:

  • Add one or more additional drive partition(s) and configure those partions as type 82 SWAP (type 8200 on a drive partitioned using the more modern GPT partitionling instead of the older MBR types) - This is the easiest option.
  • Extend & resizethe drive IF it was originally configured and partioned using LVM, Logical Volume Mangement, and there was extra space available but not used on the existing storage drive - Not so easy, but doeable if you are very careful cautious, but can be DANGEROUS!

Add & Configure Additional Storage Drive(s)

Drives, both hard and solid state, have droped drastically over the past decade, making storage CHEAP, a GREAT THING!!! Because of this, unless you have a specifica use case, you should always opt for using solid state hard drives whenever possible! Of course, you do need the physical space/place to install new hard drives, which can be a limmting factor. Assuming you do have a spot or "slot" for installing a new drive, it's as simple as veru carefully, after fully grounding yourself to drain any static charge you may have built up in you body, like when you got a little shokc when rubbinb your feet on the carpet as as kid. To drain any static electricity from your body, it's as simple as carefully touching bare metal on the back of a tower-type computer case, that's still plugged into the wall, so it has a connection to the ground wiring in your house, that 3rd prong on the power cord. Once drained, be sure to not shuffle your feet or get up and walk anywhere, or you will have to drain your hands to a ground source again. If you are working on a laptop, you will have to find another device nearby to touch and drain any potential static from your body. I actually use a specail wrist strap connected with a wire to the ground wiring in my office I have physically setup, and also like to use a specal anti-static workspace mat that's grounded with a wire and designed for the purpose of prevening static discharge damage to any electronic device, s I have "zapped" too many things over the past 50+ years I've been working on building and repairing electronic devices, and have learned my lesson the "hard" way unfortunately!

Once you have the drive installed and both the data and power cables/wires have been properly connected(shoot me an email if you want details on how to install and wire a drive in a computer, and I will gladly help - Tech @ JRComputers dot net), you need to configure it within the OS, which on Linux means first using the fdisk or more modern gdisk command to add the new swap partition, using the "n" command, lower case without the quotes, which is the "New Partition" command. But, before you get to that part, you MUST ALWAY be sure to start the fdisk or gdisk command specifying the EXACT disk drive you are wanting to use, or else you stand a very easy change if completely deleting your entire operating system!


The LVM - Logical Volume Way

Accessing Data on Windows and Other File Systems on Other Partitions

Coming soon - Detailed step-by-step instructions with screenshots detailing how to access your data on other partitions, such as Windows partitions on dual-boot/multi-boot machines.

XFS Recommended FSTAB settings

Here is an example of my recommended "/etc/fstab" mount option settings for XFS filesystems:

/dev/sda5 /mnt/data xfs rw,seclabel,noatime,attr2,discard,inode64,logbufs=8,logbsize=32k,noquota 0 0



Add Windows Partitions to FSTAB with Correct Read/Write Permissions Using FMASK & DMASK

Although it's easy enough to simply add the partition and mount point of your Windows installation to your /etc/fstab file, so as to allow it to be auto-mounted when the machine is booted up, having the "CORRECT" permissions is another major concern!

In the "old" days, we used to use "UMASK" with a value of 022 as the "standard" way of setting up Windows partitions to be mounted with correct read/write permissions. These days, the "preferred" method is using FMASK and DMASK.

When I first purchased the laptop I am typing on right now, it only had Windows 10 on it, so I used the Linux "parted" tool to shrink down the Windows partition, allowing me to then create Linux partitions on which I then installed my favorite desktop Linux distro, Fedora Linux. My example below assumes your UID & GID are 1000. Adjust as appropriate. If you don't know what a UID is, use Google to look it up. Basically, as it's name implies, UID(User ID), this is the unique number assigned to your user account. UID number 1000 is usually the first normal user created on a Linux system. GID is basically the same thing, but on a group level. On most Linux systems, your main group and group ID is the same as your username and user ID. For instance, in my case on this laptop I am currently using, my username is "jamie", case sensitive without the quotes, and my main group membership is also "jamie". My UID is 1000 and the GID of the "jamie" group is also 1000.

Here is the /etc/fstab contents of this laptop:

# /etc/fstab
# Created by anaconda on Tue Mar  9 00:57:29 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
UUID=dca7d381-2784-4839-8c55-141702999d41 /                       xfs     defaults        0 0
UUID=68e3c043-0b5d-40a6-af84-a39527756962 /boot                   ext4    defaults        1 2
UUID=c9db933c-2101-4032-ae0d-b359c523c3be /home                   xfs     defaults        0 0
UUID=ec82d8bd-8bcd-4c8e-9a95-217baeb8b004 none                    swap    defaults        0 0

# Added 04-05-2021 by Jamie to correctly auto-mount the Windows partition:
UUID=5C2C252E2C25049C /windows ntfs rw,auto,user,fmask=133,dmask=022,uid=1000,gid=1000 0 0



GNOME Desktop Sharing Not Accessable from Windows --> Finally Fixed!!!

After many years of not being able to log into my Linux desktops from work laptops that of course have Windows installed on them, even within my own home network, gsettings comes to the rescure to resolve this long standing issue that's been a major inconveneice for me being a Linux guy working in the corporate world! The solution fixing the terminal menu below got me thinking that gsettings must be able to re-configure the default behavior of modern GNOME desktop's desktop shareing feature, which uses VNC, Virtual Network Computing, and specificially "x11vnc", it's default configuration is a security model not supported by most WIndows VNC clients. Therefore, the easy fix for me is to disable the security when using VNC on my local network(LAN). I actually do use VNC on through the internet as well, but always through an SSH tunnel, so it's highly encrypted!

Anyways, on to the fix. Within a terminal, as your normal user, type this gsettings command and hit the ENTER key:

[jamie@server.dawgland.com:~]$ gsettings set org.gnome.desktop.remote-desktop.vnc encryption "['none']"


If your system uses Vino, as many do, you may also have to type this command and hit ENTER:

[jamie@server.dawgland.com:~]$ gsettings set org.gnome.Vino require-encryption false


You can verify the above command worked and made the desired change by typing this command and hitting the ENTER key:

[jamie@server.dawgland.com:~]$ gsettings list-recursively org.gnome.Vino


You will have to scroll back up through all the data that the above command will provide to find the section you are looking for, or you can grep for it! For instance, modifying the above command to grep for the remote-desktop setting, type this command in a terminal and hit the ENTER key:

[jamie@server.dawgland.com:~]$ gsettings list-recursively org.gnome.desktop.remote-desktop.vnc | grep encryption


Restart your window manger or your entire computer, your choice, but logging out and back in should suffice. You should then be able to use VNC from any operating system, including Windows and MAC, along with Linux which has always worked regardless of the security modes and settings!

Fedora Terminal Missing Menu Fix

gsettings set org.gnome.Terminal.Legacy.Settings headerbar false

USB Flash Drive Info

Controlling USB Devices from the Linux Command Line

There are many tools available for use in controlling and managing USB devices connected to a Linux machine from the command line, giving you the most powerful means of managing USB devices!

Here are some of my favorites, in no particular order:


Have a USB flash drive floating around, and not sure of it's capabilites? I just ran into that same exact issue, though with a brand new USB flash drive that's a really kewl 500GiB double-ended thumb-type drive, one end the standard USB-A connector, and the other end, an iPhone "Lightning" connector! Perfect for me with all my iPhones, iPads, and over 74 computers just in my house!

So, here's a simple one-liner to find out how fast it will run at, which is all I really wanted to kmnow at this immediate moment in time! Here it is:

[jamie@fc33hw01.dawgland.com:~]$ sudo lsusb -vvv | grep operate


And here is the output of the above command, showing the speeds the device is capable of operating at:

can't get debug descriptor: Resource temporarily unavailable
      Device can operate at Full Speed (12Mbps)
      Device can operate at High Speed (480Mbps)
      Device can operate at SuperSpeed (5Gbps)
can't get debug descriptor: Resource temporarily unavailable
can't get device qualifier: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
can't get device qualifier: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
can't get device qualifier: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
[jamie@fc33hw01.dawgland.com:~]$


You can totally ignore the lines starting with the word "cant", as they are meaningless. As you can see from the above output, the device can operate at "Full", "High", and "SuperSpeed"! Wonderful, I now know what I wanted. I hope you find that little tidbit useful. Of course, you do have to be a member of the "sudoers" group. So, on that note, why not create another little snippet on how to add a normal, already existing user account to the sudoers group, allowing them to "safely" run apps with eleveate administrator/root user privileges. I'll put it here: SUDO - Running commands and apps with elevated superuser/root/administrator privileges safely!

News

The LinuxJamie.com, TheBestLinux.com & Dawgland.com web and email servers have been moved over to a new box that should provide much faster performance and more stability. Previously, the servers had been running on a very old VMWare server on my Fedora desktop.

I have also maxed out the RAM memory that my new Xeon based server motherboard is able to use, doubling it from 16GB to 32GB!

Please let me know if you experience any performance or other issues with any of my websites.

The best way to let me know is by email, @ Jamie at Dawgland.com.

New Pages Created!


I've created LOTS of new Windows related pages with all sorts of Windows tips, tricks,and How-To's. They can all be accessed directly at Windows so be sure to check them out, as I am currently added many new tips almost daily as I remember how to do things as I need to recall for both work and personal purposes.

Previous "New Wiki Pages":
New VMWare page created including two new custom how-to solution pages! Check it out here: VMWare Page

Special Interest

Linux

Linux - THE BEST OS(Operating System) EVER!

Linux Acronyms - What do they all mean?!?!

Linux Distributions, aka "Distros" - Bundles of software that makes up an entire usable operating system, including apps, utilities, etc.

Brand New Linux Server Administration Info, Tips & Guides

Brand New Linux Server Info, Configuration Guides & Very Useful Info on The Newest Distro Versions, Including Systemctl, the Replacement for Init.d Scripts and DNF, the new and modern Yum replacement! There's also lots of other new more modern Linux information added to this section all the time, so be sure to check it out often! For example, just today I added a really cool and handy Red Hat Enterprise 5,6 & 7 cheat sheet for common administrative commands in PDF format suitable for printout as "Hang-on-the-Wall" posters!!!

Apple iOS

Apple iOS Info

Linux Gaming

SteamOS: Linux based gaming operating system

Audio & Video - Playing, Creating, Editing, Modifying, Converting & More!

This new section if devoted to all things audio & video, from just playing different types of audio and/or video formats, codecs, etc., to creating, modifying/edting and converting between different formats, qualities, sizes, and everyting in between!

MS Windows

Operating Systems

Windows Desktop/End-User Operating Systems (OS)

Microsoft Windows Desktop/End-User Operating System Info - The Desktop operating system most people use at home and at work.

Windows 10 Information, Tips, Tricks, & Very Useful Stuff! - Includes Business Related Must Have Info and How-To's!

Windows 11 Info, Upgrading, Configuring, Tweaking & Other Hopefully Useful Stuff Going Forward

Windows Server Information

Windows Server - General Information Common to All Versions for the Most Part

Windows Server 2022 Info - The Latest Greatest!

Windows Server 2019 Info

Windows Command Line Tools & Commands - Most Can be Used for Creation of Scripts

MS Virtualization

MS Windows computers, both End-User desktops like Windows 10, 11, etc and Windows Server versions come with Microsoft's own virtualization environment called Hyper-V. If you have not tried Hyper-V recently, you should if you are working in a mostly-windows environment, as it's really come a very long way in just the past couple of years with tons of new features that make using virtualization on top of Windows a breeze! It's what Azure machines run on for the most part, and can be administered using a GUI such Hyper-V on single Windows desktop machines, as well as on clusters made up of Windows Server machines. On a cluster, you should use "Failover Cluster Manager" to create, administer, modify and configure. Using PowerShell, you can get even more fine-tuned control over VM's, allowing you to do anything and a LOT more compared to using the GUI interface. And for the ultimate in Hyper-V management, using WAC, "Windows Admin Center". One of the very cool things about using WAC to create and manage Hyper-V VM's is it actually shows you the PowerShell commands to perform what you are doing within the WAC GUI!


PowerShell

Windows PowerShell Information and Examples Here you will find information on using PowerShell basic commands as well as more complex scripting.

VirtualBox by Oracle

VirtualBox provided for free by Oracle!!! Great VM solution which is totally free, unlike how VMWare has gone commercial, and is supposed to remain free forever. Better than VMWare in my tests and opinion, and is now being used to host all of my VM's, including this one running my Apache web server!

DNS Info

DNS, Bind, Named and other DNS related information

BIND Named DNS Server on Fedora Google Search

Bind on Fedora YouTube Video How-To



More info on the BIND DNS server to come as I find the time to create more documentation...



VMware

VMware - Run virtual machines(computer running on top of your computer - let's you run Linux on Windows, Windows on Linux, other versions of Windows on Windows, etc.) on your existing computer and it's free & easy!

Remote Desktop & VNC Info For Linux & Windows!

RDP - Remote Desktop Protocol for Windows - Now Safe Using SSH Tunneling!

VNC - Virtual Network Computing

VNC - Remote Virtual Network Computing for All Operating Systems!

VPN Server & Client Setup Using Linux

VPN - Setup a Virtual Private Network Easily Using a Linux Server!

MySQL & MariaDB

MySQL & MariaDB, the FREE MySQL Clone! - My Favorite SQL Database Servers

Vi/Vim

Vi/Vim Information, Tips & Tricks

PERL

Perl Scripting Information

PHP

PHP Scripting Information

DOS & Windows

My Favorite Windows Command-Line Tools & PowerShell Commands Often Used

DOS & Windows - Miscellaneous Information, Tips, Tricks & Other Helpful Stuff - The "Heterogeneous Environment" Getting Windows and Linux to Play Nicely Together!

iTunes Information for Windows

WMIC Info & Tips - wmic diskdrive list brief

Hardware

Raspberry Pi

  • Versions
  • Types
  • Upgrades
    • Cameras
    • Other

Cisco Information

Cisco IOS Command Line Information

Cisco 1000 Series Enterprise Routers

Some of My Old floppy Disk Utilities

Here is a link to the link to the ISO of Jamie's Floppy Disk Utilities

Network Utilities

SSH - Secure Shell'

SSH, short for "Secure Shell", is a text mode method of remotely logging into another computer "securely", meaning, all traffic in both directions are encrypted and require encryption "keys" in order to decrypt the data being transmitted. Other applications can also be "tunneled" through an "SSH-Tunnel" to encapsulate and encrypt the data being sent using those apps.

Secure Shell is most often used for administrative purposes of remote computer servers which are known as "headless" machines, which have no direct monitor, keyboard and/or mouse directly connected to them. It is also a must-use tool for administering computers which have no "GUI", a Graphical User Interface, such as the traditional Windows and MAC end-user PC's. These machine are managed using command-line commands only, for the most part, though larges strides are being made all the time to use web-based interfaces to manage computer systems, such as the Linux Cockpit tool, or Windows WAC, the Windows Admin Center. Both Linux and Windows servers are managed from the command line through an SSH connection, as best practice, regardless of the underlying OS. This is why Secure Shell is so important.

SSH needs both a "Server" and "Client" to function. The SSH Server, otherwise known as the SSH Daemon (SSHD), is what handles connections to the server is is running on. You need to use a SSH client to connect to that server. There are hundreds, along with it being built into the command line shell on most Linux and even Windows computers these days. If the feature is not enabled, it's very easy to enable it. I will provide instructions on doing so for all operating systems later one.

The SSH Daemon needs to have a configuration file which controls many of the ways it functions. On a Linux computer, it is located at /etc/ssh/sshd_config and can be edited and saved with any text editor.

I like to edit one of the first lines, AddressFamily, to have the value of "inet", forcing it to only use ii

Network Command-Line Tools & Utilities

There are over a bazillion tools available for use in the Linux Operating System, including those already built into the base/core Linux Distribution you happen to be using, as well as ones that can be easily installed on an existing system! Many are common to ALL Linux distributions, which I will start to post here as time permits, as there really so many networking tools and commands that it would take months just to type them all out!

Here are some of the most common networking tools and commands that I use all the time, usually on a daily basis as a Linux Admin.

  • ip
    • Displays IP(Internet Protocol) address and other related information on existing and active network interfaces(NIC's).
    • Arguments, options & other switches:
    • a - Displays "ADDRESSES" of NIC's. Eg: ip a
      • Add an additional IP "Virtal" temporary IP address from the command line:
[root@ns1.dawgland.com:~]# ip addr add 192.168.200.204/24 dev enp0s3 label enp0s3:1

Add an additional "Virtual" IP address permanently on Ubuntu:

network:
    ethernets:
        enp0s3:
            dhcp4: no OR false
            addresses: [192.168.200.202/24, 192.168.200.204]
            gateway4: 192.168.200.1
            nameservers:
              addresses: [192.168.200.103,192.168.200.120,75.75.75.75]
    version: 2


  • ifconfig
    • Displays IP addresses as above, but in a nicer format for reading. Also shows statistics.
  • route
    • Displays network routing table, including default gateway.
  • route add default gw "NIC-NAME" --> Eg: route add default gw eth0
    • Add a default Gateway to a NIC.

NetworkManager - Red Hat and Other RPM-Based Distributions

"NetworkManager", purposely spelled as ONE contiguous work, CASE-Sensitive!, is a system used by Red Hat Linux, and all of it many variants, such as the "old" CentOS, along with the current Fedora Linux, Rocky Linux, Alma Linux, and others, to configure and manage network connections. There is both a command-line tool(nmcli) as well as a "GUI"(Graphical User Interface) to use the tools which comprise the "NetworkManager" package. The "nmicli" command-line tools can be used in any "runlevel" (Graphical/X-Windows Mode or plane black & white text-mode screen, with RunLevel 5 being X-Windows graphical desktop mode and RunLevel 3 being just black & white text screen without graphics), and the "NetworkManager" GUI toolset is only avalable if you are running in an X-Windows graphical "Desktop Environment".

Here are some of the "nmcli" command-line tools I use every day for system deployments & management.

  • nmcli connection show
    • Displays name, UUID, type and device of each NIC.
    • Can abbreviate the word "connection" in the command with just a "c" and "show" with just an "s", like this: nmcli c s
  • nmcli networking off
    • Disables/turns-off all networking.
  • nmcli networking on
    • Enables/Turns-on all networking/NIC's.
  • nmcli con show ens34
    • Show ALL NetworkManager targets!
  • nmcli con modify ens34 ifname ens34 ipv4.addresses 192.168.200.118/24 gw4 192.168.200.1
    • Changes existing network connections IP address and Gateway IP address.
  • nmcli con mod ens34 ipv4.addresses 192.168.200.118/24
    • Modify IP address of existing network interface.
  • nmcli con mod ens34 ipv4.gateway 192.168.200.1
    • Change Gateway IP address
  • nmcli con mod ens34 ipv4.dns "192.168.200.203,192.168.200.120,75.75.75.75"
    • Change DNS Servers.
  • nmcli con mod ens34 ipv4.method manual
    • Change from DHCP to Static Set IP addressing.

USE: nmcli networking off;;nmcli networking on to have changes take effect.

Network Configuration

Red Hat-Based distributions

Red Hat and it's variants, such as Fedora, CentOS, Rocky & Alma, to name a few, are usually managed by a tool called "NetworkManager", mentioned in the section above.

If working within a graphical desktop environment, configuring networking settings is very straight forward using the "Settings" section of your particular distribution.

Setting up networking using the command line gives you more flexibility and often access to otherwise hidden configuration settings, and is invaluable when creating automation scripts for larger deployments of multiple systems. All network configuration files are stored under the /etc directory, as do most Linux configuration files, and depending on the major release, such as 9.x, being the the current Red Hat based distro, or most likely on existing systems, 8.x, or even 7.x & 6.x!(x being the "minor" release number, such as 9.2 for the current version release number as of the writing of this document.

While on the subject of the version number of the Linux distribution you are using now, you can easily find out from a terminal command line, like this:

[root@rocky9vm32 etc]# cat /etc/os-release | grep VERSION_ID
VERSION_ID="9.2"

The actual configuration files for the current Red Hat 9.x based 9 release are stored in /etc/NetworkManager/system-connections/ in a file whose name starts with the name auto-assigned at bootup to your NIC(Network Interface Card), ans usually starts with the letters "en".

Actual Real-Life Examples

Here's an actual example copy & pasted from one of my many VM's to show how to switch a brand new Red Hat Linux based distribution, Rocky Linux 9.2:

[root@rocky9vm32 ~]# nmcli con show
NAME   UUID                                  TYPE      DEVICE 
ens34  5720caf4-017d-37ad-87e8-45d69abd4ae3  ethernet  ens34  
lo     e41e3f6e-2937-444b-98ed-906a244e7093  loopback  lo


[root@rocky9vm32 ~]# nmcli con mod ens34 ipv4.addresses 192.168.200.192/24
[root@rocky9vm32 ~]#


[root@rocky9vm32 ~]# nmcli con mod ens34 ipv4.gateway 192.168.200.1
[root@rocky9vm32 ~]# 


[root@rocky9vm32 ~]# nmcli con mod ens34 ipv4.dns "192.168.200.103,192.168.200.120,75.75.75.75"
[root@rocky9vm32 ~]# 


[root@rocky9vm32 ~]# nmcli con mod ens34 ipv4.method manual
[root@rocky9vm32 ~]# 


[root@rocky9vm32 ~]# nmcli networking off
[root@rocky9vm32 ~]# 


[root@rocky9vm32 ~]# nmcli networking on
[root@rocky9vm32 ~]# 


[root@rocky9vm32 ~]# nmcli device show
GENERAL.DEVICE:                         ens34
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:DA:9C
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens34
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveC>
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.200.192/24
IP4.GATEWAY:                            192.168.200.1
IP4.ROUTE[1]:                           dst = 192.168.200.0/24, nh = 0.0.0.0, m>
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 192.168.200.1, mt>
IP4.DNS[1]:                             192.168.200.103
IP4.DNS[2]:                             192.168.200.120
IP4.DNS[3]:                             75.75.75.75
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          100 (connected (externally))
GENERAL.CONNECTION:                     lo
lines 1-23



Using some of this information on using the nmcli command-line tool, we can use it to confirm if networking configuration is handled automatically, using DHCP(Dynamic Host Control Protocol) to automatically obtain an available IP address and configure the DNS servers to be used, routes to traverse etc., or if it's configured to setup the IP address, default gateway, DNS servers, and other routes manually, with information you should already have in order to configure the networking setup.



Here is an example to display if the networking is configured automatically using DHCP, or if it's configured automatically:

[jamie@rocky9vm34.dawgland.com:~]$ nmcli -f ipv4.method con show ens33
ipv4.method:                            manual
[jamie@rocky9vm34.dawgland.com:~]$



In this example, it shows the ipv4.method is configured to be manually configured.

Here's an example showing a system configured to have it's networking configured automatically, using DHCP:

[jamie@rocky94template ~]$ nmcli -f ipv4.method con show ens34
ipv4.method:                            auto
[jamie@rocky94template ~]$



Using nmcli to Disable IPv6 from the Command Line


Find name of network connection you are wanting to disable IPv6 on using the nmcli "show" option:

[root@rocky9vm32 ~]# nmcli connection show
NAME             UUID                                  TYPE      DEVICE 
enp0s3           a5354541-ac69-46b7-80eb-491ecda180bc  ethernet  enp0s3



Disable IPv6 on that network connection name. Be sure to substitute the actual network connection name you identified with the previous "show" command!

[root@rocky9vm32 ~]# nmcli connection modify enp0s3 ipv6.method "disabled"



Restart the same network connection, using the actual name you found in the previous "show" command example!

[root@rocky9vm32 ~]# nmcli connection up enp0s3
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)



Confirm IPv6 has now been disabled on the required network interface connection, using the same connection name as previously used.

[root@rocky9vm32 ~]# ip address show enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:9e:6b:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.193/24 brd 192.168.200.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever



You should not see any reference to inet6, and only see inet in the output of the command, along with it's IP address, if configured.

Another way to confirm IPv6 has been disabled on the specific network interface connection is to cat it's status with the /proc filesystem, as shown here. Again, BE SURE to use the specific connection name!

[root@rocky9vm32 ~]# cat /proc/sys/net/ipv6/conf/enp0s3/disable_ipv6
1



The output will be the number 1 if IPv6 has really been disabled. Otherwise, it will be a zero(0), indicating IPv6 is enabled.

OLDER

The network configuration files for Red Hat 8.x and previously based systems are located at /etc/sysconfig/network-scripts/ and the files containing the settings, such as IP address, gateway, DNS servers, etc., start with "ifcfg-enp" with numbers following for each NIC. Here's an example of a Rocky Linux 8.7 server with 3 NIC's:

[root@rocky8vm51 network-scripts]# ls -l
total 12
-rw-r--r--. 1 root root 460 Aug 21  2022 ifcfg-enp0s3
-rw-r--r--. 1 root root 247 Aug  8  2022 ifcfg-enp0s8
-rw-r--r--. 1 root root 247 Aug  8  2022 ifcfg-enp0s9

As an example, here are the contents of the first NIC, which I have configured to be "Static", meaning it is assigned a permanent IP address that never changes, as opposed to a "Dynamic" IP address, meaning it's assigned private IP address at bootup by a DHCP server on the same network.

The contents of the first NIC on this server, ifcfg-enp0s3:

[root@rocky8vm51 network-scripts]# cat ifcfg-enp0s3 
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="no"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s3"
UUID="c9f144b2-1322-4e88-a33a-041595217462"
DEVICE="enp0s3"
ONBOOT="yes"
IPADDR="192.168.200.151"
PREFIX="24"
GATEWAY="192.168.200.1"
DNS1="192.168.200.103"
DNS2="192.168.200.121"
DNS3="75.75.76.76"
DOMAIN="dawgland.com"

Dropbox and Other Online File Share Platforms

Dropbox info for All Platforms & Operating Systems - Great for synchronizing, backing up, restoring and archiving all of your important files over the local network and Internet to all of your computers and mobile devices! Keeps all of your files the same on all of your computers, iPhones, iPads, and other networked devices at all times!!!

Firewall Information on Linux Systems

Firewalls come in two distinct types: Hardware-Based & Software-Based. Hardware-based firewalls are usually "dedicated" machines that have a minimum of two ethernet ports, and preferably more. One ethernet port is connected to the external Internet, and the other ethernet port(s) are connected to internal private network

Fail2Ban - One of the most widely used firewalls on the Linux operating system

Installation of the fail2ban firewall is pretty straight-forward, so will not go into the details on installation until I have more time to spend creating documentation.

The MOST-COMMON question and concern, especically for new users, is how to unblock your or someone elses account once it's blocked by fail2ban! There's nothign worse than being locked out of your own system you just created, LOL! The following URL will take you to a web page that shows in detail how to unblock blocked accounts under fail2ban:
https://serverfault.com/questions/285256/how-to-unban-an-ip-properly-with-fail2ban

Red Hat Linux Based System Firewall Configuration & Management

Red Hat Enterprise Linux based systems, such as the old CentOS, and current Rocky, Alpine, Fedora and RHEL itself use a tool called "firewall-cmd" to create firewall rules, manage the firewall, and remove firewall rules. The firewall-cmd tool requires at least one argument, and all arguments start with a double-hyphen, such as --list-services. Here's a simple example of the --list-services in use:

[jamie@ns1.dawgland.com:~]$ sudo firewall-cmd --list-services
cockpit dhcpv6-client dns http https ntp ssh vnc-server
[jamie@ns1.dawgland.com:~]


As you can see, the firewall-cmd tool requires elevated privileges, so "sudo" must be used, as seen in the above example.



UPnP & DNLA Info

Differences and similarities between the two media sharing protocols can be found here UPnP & DNLA Comparison

Web Utilities

Web Browsers

Chrome

Google's Chrome Web Browser is become the most popular WWW browser lately, but with that, and all it's features, comes heavy resource requirements, namely, RAM memory! It has become somewhat of a memory hog, but still remains the most popular. Here are a few tips, tricks and shortcuts to make life a little easier when using the Chrome web browser.

* Clear Cache, Browsing History, Etc.CTRL-Shift-Delete



Sitebar Bookmarks/Favorites utility which stores and organizes all your bookmarks/favorites in an online database accessible from any web browser and any computer anywhere. Plugs available for your favorite web browsers are also available. Run your own Sitebar on your own Linux server, or use mine! Just email jamie@dawgland.com to request your own free Sitebar database!

CA Certificate Info

Free CA Certificate Information

Other Operating Systems

ReactOS

Drupal Info

Drupal_Information

Online Shopping & Related Info

Internet Based Shopping Including Online Store Info & Personal Experiences

Online Banking, Payment Options & Other Monetary Information

Download Tested & Confirmed Safe Software!

Tested Safe Software Downloads

Some Useful Links

Here are some lists of useful URL's and other links on all sorts of topics yet to be categorized!

Reference & Miscellaneous Information

Miscellaneous Conversion and Other Reference Information - Including Metric Conversions

Coming Soon

I just bought the new iPad 3rd generation, so will be adding a new section dedicated to tips and tricks I learn on the way!

I've already learned a lot of cool things that are not normally available without jail breaking the thing,
so check back every so often for new iPad content!

Thanks for visiting My Wiki!

Wiki Abuse

The ability to create your own account has been seriously abused for personal and commercial gain, so I have disabled this feature.

If you wish to contribute content here, please contact me through Facebook account at https://www.facebook.com/jamie.rubinstein1, and I will create an account for you.

This policy is subject to change.

Copyright Statement

All content and information on this website is the sole property of Jamie D. Rubinstein.
Any type of duplication is strictly prohibited by United States copyright law unless otherwise granted by Jamie D. Rubinstein.
© 1992 - 2023 Jamie D. Rubinstein - LinuxJamie.com - Dawgland.com - TheBestLinux.com - J.R. Computers. All rights reserved.