Monthly Archives: May 2017

How to compress/decompress in Linux

Linux has some tools to compress files and extract archives. You can see some of them listed in the tables below. First table has the decompression commands:

Decompress Command Information
gzip -d file.php.gz
gunzip file.php.gz
Extract archives created with the gzip utility.
bzip2 -d file.php.bz2
bunzip2 file.php.bz2
Extract archives created with the bzip2 utility.
unzip archive.zip Extract archives created with the zip utility.
tar -zxvf archivefile.tgz
tar -jxvf archivefile.tbz2
Extract archives created with tar + gzip/bzip2.
-z for gzip decompression ; -j for bzip2 decompression

To see system information for each commands, type commandname –help at the terminal, like:

root@web [~]# gzip --help
Usage: gzip [OPTION]... [FILE]...
Compress or uncompress FILEs (by default, compress FILES in-place).

Mandatory arguments to long options are mandatory for short options too.

  -c, --stdout      write on standard output, keep original files unchanged
  -d, --decompress  decompress
  -f, --force       force overwrite of output file and compress links
  -h, --help        give this help
  -l, --list        list compressed file contents
  -L, --license     display software license
  -n, --no-name     do not save or restore the original name and time stamp
  -N, --name        save or restore the original name and time stamp
  -q, --quiet       suppress all warnings
  -r, --recursive   operate recursively on directories
  -S, --suffix=SUF  use suffix SUF on compressed files
  -t, --test        test compressed file integrity
  -v, --verbose     verbose mode
  -V, --version     display version number
  -1, --fast        compress faster
  -9, --best        compress better
    --rsyncable   Make rsync-friendly archive

With no FILE, or when FILE is -, read standard input.

Report bugs to <bug-gzip@gnu.org>.
root@web [~]#

So, for extracting a .gz archive, use the gzip tool:

root@web [/]# gzip -d archive_file.gz

or gunzip

root@web [/]# gunzip archive_file.gz

But how you compress your files? In the table below see some commands for compressing files/directories:

Compress Commands Information
gzip file1.htm Compress the file using gzip. 
bzip2 file1.htm Compress the file using bzip2.
zip file1.zip file1.htm Compress the file1.htm into the archive file1.zip.
tar -zcvf files1.tgz file.htm
tar -zcvf files1.tgz *.htm
tar -zcvf files1.tgz /directory/dir1/
tar -jcvf files1.tbz2 file.htm
tar -jcvf files1.tbz2 *.htm
tar -jcvf files1.tbz2 /directory/dir1/
With tar utility you can compress many files.
-z for gzip compression ; -j for bzip2 compression

For example, to compress a full directory(with all subdirectories), use:

root@web [/]# tar -czvf archive.tar.gz /home/temp2/

Another common archive type is RAR. You can download the RAR program from http://rarlabs.com/download.htm (for Linux 32/64 only a command line version is available).
How to install it:

root@web [/temp2]# wget http://rarlabs.com/rar/rarlinux-x64-5.5.b3.tar.gz
--2017-05-26 14:54:47--  http://rarlabs.com/rar/rarlinux-x64-5.5.b3.tar.gz
Resolving rarlabs.com (rarlabs.com)... 5.135.104.98
Connecting to rarlabs.com (rarlabs.com)|5.135.104.98|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 534195 (522K) [application/x-gzip]
Saving to: 'rarlinux-x64-5.5.b3.tar.gz'

100%[========================================================================================================

2017-05-26 14:54:48 (845 KB/s) - 'rarlinux-x64-5.5.b3.tar.gz' saved [534195/534195]
root@web [/temp2]# tar -zxvf rarlinux-x64-5.5.b3.tar.gz
rar/
rar/order.htm
rar/acknow.txt
rar/readme.txt
rar/default.sfx
rar/license.txt
rar/rarfiles.lst
rar/whatsnew.txt
rar/makefile
rar/rar
rar/unrar
rar/rar.txt
root@web [/temp2]# cd rar
root@web [/temp2/rar]# install rar unrar
root@web [/temp2/rar]# rar -?

RAR 5.50 beta 3   Copyright (c) 1993-2017 Alexander Roshal   23 May 2017
Trial version             Type 'rar -?' for help

Usage:     rar <command></command> - -  
               <@listfiles...> <path_to_extract\>

  a             Add files to archive
  c             Add archive comment
  ch            Change archive parameters
  cw            Write archive comment to file
  d             Delete files from archive
  e             Extract files without archived paths
  f             Freshen files in archive
  i[par]=  Find string in archives
  k             Lock archive
  l[t[a],b]     List archive contents [technical[all], bare]
  m[f]          Move to archive [files only]
  p             Print file to stdout
  r             Repair archive
  rc            Reconstruct missing volumes
  rn            Rename archived files
  rr[N]         Add data recovery record
  rv[N]         Create recovery volumes
  s[name|-]     Convert archive to or from SFX
  t             Test archive files
  u             Update files in archive
  v[t[a],b]     Verbosely list archive contents [technical[all],bare]
  x             Extract files with full path
....
Share this post:

Add a DMARC record to your domain in cPanel

What is DMARC?

According to dmarc.org :

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

DMARC is a policy with which the sender indicates the message is protected by DKIM and /or SPF. It also tells the receiver what to do with the message if DKIM/SPF authentication fails.

Please check the DMARC resources (from the end of this article) before creating a DMARC record. You can use an online tool to create a DMARC record. Check the DMARC Tools page.

To set a DMARC record for your domain:

  1. Log into cPanel
  2. Navigate to Zone Editor (DOMAINS section)
  3. On the row with the desired domain, click the Manage link
  4. Click the down arrow   from the right of the Add Record button.
  5. Select Add DMARC Record from the drop-down list
  6. Modify any DMARC settings (see below) and click the Add Record button
cPanel DMARC
cPanel DMARC

 

DMARC Settings

Policy Action
None No action is taken; you can use this setting to monitor DMARC
Quarantine Messages will be marked as spam
Reject Messages will be rejected

 

Parameter Settings
Subdomain Policy Action for subdomain policy. Same options as for the main domain policy.
DKIM Mode Relaxed – the system allows some messages from domains that it doesn’t recognize.
Strict – the system will reject all messages from domains that it doesn’t recognize.
SPF Mode Relaxed – the system allows some messages from senders that it doesn’t recognize.
Strict – the system will reject all messages from senders that it doesn’t recognize.
Percentage Default value is 100. It represents the percentage of the email messages you want the system to filter.
Generate Failure Reports When All Checks Fail – report will be send if all checks fail
Any Checks Fail – report will be send if any checks fail
Report Format AFRF – Authentication Failure Reporting Format
IODEF – Incident Object Description Exchange Format
Report Interval The time in seconds between each aggregate email message report. The default value is 86400 (24 hours).

The video tutorial for setting a DMARC record:

 

If you’ve added a valid email for the Send Aggregate Mail Reports To, you will receive a message from receivers that support DMARC, like in the example bellow:

From: noreply@dmarc.yahoo.com
To: admin@plothost.com
Subject: Report Domain: plothost.com Submitter: yahoo.com Report-ID: <1496110592.916792>
In the attachment you will see an XML file with the same name as the zip archive.

<?xml version="1.0"?>	
<feedback>	
  <report_metadata>	
    <org_name>Yahoo! Inc.</org_name>	
    <email>postmaster@dmarc.yahoo.com</email>	
    <report_id>1496110592.916792</report_id>	
    <date_range>	
      <begin>1496016000</begin>	
      <end>1496102399 </end>	
    </date_range>	
  </report_metadata>	
  <policy_published>	
    <domain>plothost.com</domain>	
    <adkim>r</adkim>	
    <aspf>r</aspf>	
    <p>none</p>	
    <pct>100</pct>	
  </policy_published>	
  <record>	
    <row>	
      <source_ip>d02.plothost.com</source_ip>	
      <count>1</count>	
      <policy_evaluated>	
        <disposition>none</disposition>	
        <dkim>fail</dkim>	
        <spf>fail</spf>	
      </policy_evaluated>	
    </row>	
    <identifiers>	
      <header_from>plothost.com</header_from>	
    </identifiers>	
    <auth_results>	
      <dkim>	
        <domain>web.plothost.com</domain>	
        <result>neutral</result>	
      </dkim>	
      <spf>	
        <domain>web.plothost.com</domain>	
        <result>none</result>	
      </spf>	
    </auth_results>	
  </record>	
</feedback>		

Resources:
DMARC Website at https://dmarc.org/overview/
DMARC Tools – record creation, lookup, check etc
Google recommendations for DMARC here
cPanel Zone Editor Documentation

Share this post:

Generate private and public key in cPanel for SSH access

The common way to connect to the server via SSH is to use a username and a password. But to increase security, you can use a pair of keys(a private one and a public one) to connect to the server.

The public key will be on the server. The private key will be on your computer. When you are trying to connect, the server compares the two keys. If they are the right ones, you will be able to access it.

We will show in this post how to generate the pair of keys and connect to your server with PuTTY.

To generate and use public and private keys in cPanel:

1.Log in to cPanel
2.Scroll down to the SECURITY section -> SSH Access

3.Click the Manage SSH Keys button

4.Click the +Generate a New Key button

5.You are now on a page with a title Generating a Public Key. Here, choose:
-Key Name – you can leave the default value
-Key Password – enter the password for the key and confirm it
-Key Type (RSA or DSA) – let the default value
-Key Size (2048 or 4096) – let the default value

cPanel mentions:

RSA vs DSA: RSA and DSA are encryption algorithms used to encrypt your key. DSA is faster for Key Generation and Signing and RSA is faster for Verification.

6.Click the Generate Key button. You will see a confirmation message: Key Generation Complete! with some details:

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
b7:9a:55:59:c1:a7:6a:31:5c:9a:40:50:e9:73:24:a0

7.Click the Go Back link
8.Now you need to authorize the public key. (the Authorization Status is not authorized). Click the Manage link.

9.You will see a message The key with the name “id_rsa” is currently “not authorized” for use when connecting to this account.  Click the Authorize button. The success message is: The key “id_rsa.pub” has been authorized.

10.Click the Go Back link
11.Go to the Private Keys sections and click the View/Download link.

12.Here we will Convert the “id_rsa” key to PPK format. Enter the passphrase and click the Convert button.

13.You will see the key to be used in PuTTY. Click the Download key button and save the file to your computer (the filename is id_rsa.ppk) 

14.Now start PuTTY on your computer and go to Connection->SSH->Auth. Here, browse and select the file you saved at 13. (Private key file for authentication)

15. Click the Open button. PuTTY will connect to the server. Enter the Passphrase when asked.

16.You are now connected to the server 🙂

 
One of the most used SSH programs is PuTTY. Download it from chiark.greenend.org.uk/~sgtatham/putty/
Share this post:

Check the login history on your server

Linux has a command to allow you to see details about the last logins on the server. The command is last with a sister command lastb. We’ll discuss a little both of them.

Using the last command without any arguments and you will see the full list of logins. Linux keep this list in /var/log/wtmp. Use the command like last -n and you will see the last n logins, like:

root@web [~]# last -6
root     pts/0        192.168.2.33    Fri May 12 11:04   still logged in
root     pts/0        192.168.2.33    Wed May  3 14:42 - 16:20  (01:38)
root     pts/0        192.168.2.33    Mon May  1 07:50 - 09:07  (01:17)
root     pts/0        192.168.2.9     Fri Apr 28 12:19 - 14:29  (02:09)
root     pts/0        192.168.2.9     Thu Apr 27 06:08 - 09:17  (03:09)
root     pts/0        192.168.2.9     Sun Apr 23 11:29 - 12:20  (00:50)

wtmp begins Mon Aug 24 11:33:10 2015
root@web [~]#

To see the last logins for a specific user, use last -n user. The syntax of the command is:

Usage: last [-num | -n num] [-f file] [-t YYYYMMDDHHMMSS] [-R] [-adioxFw] [username..] [tty..]
-num = how many entries the command will show
-f = what file to use; by default the command will read data from /var/log/wtmp file
-t = look for the logins on a specific date
-R = the IP/hostname will not be displayed
-F = print full login and logout dates
-w = display full username and domains

For example, to display the last three full dates of logins/logouts for user root, use:

root@web [~]# last -3 -F root
root     pts/0        192.168.2.33     Fri May 12 11:04:30 2017   still logged in
root     pts/0        192.168.2.33     Wed May  3 14:42:05 2017 - Wed May  3 16:20:11 2017  (01:38)
root     pts/0        192.168.2.33     Mon May  1 07:50:57 2017 - Mon May  1 09:07:59 2017  (01:17)

wtmp begins Mon Aug 24 11:33:10 2015
root@web [~]#

The lastb command has the same options as last command and it will display the failed logins. This command takes data from the /var/log/btmp file. A sample output looks like:

root@web [~]# lastb -5
friends  ssh:notty    220.225.230.1    Fri May 12 00:20 - 00:20  (00:00)
friends  ssh:notty    220.225.230.1    Fri May 12 00:20 - 00:20  (00:00)
friends  ssh:notty    220.225.230.1    Fri May 12 00:20 - 00:20  (00:00)
friends  ssh:notty    220.225.230.1    Fri May 12 00:20 - 00:20  (00:00)
test1    ssh:notty    220.225.230.1    Thu May 11 00:09 - 00:09  (00:00)

btmp begins Tue May  2 19:57:23 2017
root@web [~]#

The lastb syntax is:

Usage: lastb [-num | -n num] [-f file] [-t YYYYMMDDHHMMSS] [-R] [-adioxFw] [username..] [tty..]

Share this post:

Command-line history in Linux

In Linux shell you can use the up and down keys on your keyboard to scroll through previously used commands. Once you find the command you want, you can edit it – move the cursor with the left and right keys and make the changes you want to it. When done press the Enter key to execute the command.

To see a list of the last commands, use the history command.
– use the history without any options to see ALL the previous commands (this can be a very long list)
– use the history -n  to see the last n commands (the last command in the list will be the history command itself)

root@web [~]# history 10
  944  2017-05-03 14:57:22 mysqlcheck llp
  945  2017-05-03 14:57:31 mysqlcheck roundcube
  946  2017-05-03 14:57:41 mysqlcheck -o roundcube
  947  2017-05-03 16:20:11 exit
  948  2017-05-12 11:12:13 history 3
  949  2017-05-12 11:12:31 history 5
  950  2017-05-12 11:12:45 w
  951  2017-05-12 11:12:49 free -m
  952  2017-05-12 11:12:51 uptime
  953  2017-05-12 11:12:56 history 10
root@web [~]#

– notice that you can also see how many commands are in the history. Look at the number in front of the commands. In the above example, we have 953 commands. – to see and execute the last executed command use !!

root@web [~]# date
Fri May 12 11:23:59 EDT 2017
root@web [~]# !!
date
Fri May 12 11:24:02 EDT 2017
root@web [~]#

Another tip is to use the CTRL+R to search a previous executed command. Just press CTRL+R, and you will see

(reverse-i-search)`d': date

Here type part of the command you are looking for. When you find it, press Enter to execute it.

CentOS is the most used Linux distribution in the web hosting world. It uses Red Hat Enterprise Linux (RHEL) as its upstream source. More info at CentOS page on Wikipedia
To connect to the Linux shell you can use a software like PuTTY.
Share this post:
Page 2 of 7
1 2 3 4 7