Monday, July 22, 2019

COMMON LINUX COMMANDS FOR DAILY USE



PWD ? Print Working Directory, tell in which directory you have.

Cd ? Change Directory, Similar to MS-DOS.

a.    cd .. ? Moves up to one directory level.

b.    cd ../.. ? Moves up to two directory level.

c.    cd`  ? Navigate to your home directory. Works for any user.

d.    cd - ? To your previous working directory.

LS ? Allow you to list the files and directories in your current directory with permission, size and date.

a.    ls –a ? list all files including hidden files in current directory.

b.    ls –r ? list in reverse alphabetical order all nonhidden files in current directory.

c.    ls –F ? List all files by type, Like / represents a directory, * represents a executable files, @ represents a linked files.

d.    ls –I ? List files with inode numbers. An inode number represents the location of files on a volume.

e.    ls –l ? List all the files in the current directory, including current directory (.) and the parent directory (.). Also lists the size, owner and permissions associated with each file in what’s known as long listing format.

f.    ls –t ? List files by the last time they were changed; most recent files are listed first.

g.    ls –u ? Lists files by the last time they were accessed; most recent files are listed first.

NOTE: LS show files and folder in color but if adds a backslash in front of the command, which removes the color. Like \ls –l
Path management

#cd /etc/rc.d/init.d ? direct comes on init.d Directory.

Touch
#touch hcl ? make empty hcl file. Also used to change timestamp.

Copy Command
#cp file1 file2 ? Copies the contents of source file1 to destination file2 with new creation date and new inode.

#cp file* Dir1 ? Copies multiple files to single Directory.

#cp –f file1 file2 ? if you already have a file named file2, this command overwrites its contents without prompting.

#cp –i file1 file2 ? If you already have a file named file2, this command overwrites its contents with prompting.

#cp –p file1 file2 ?Copies the contents of Source file1 to destination file2. The destination file has same inode number and creation date as the source file.

#cp –r Dir1 Dir2 ? Copies the contents of the directory named Dir1, including subdirectories to Dir2. The effect is recursive; 

#cp –u file1 file2 ? If you already have a file named file2 and file1 is newer, this command overwrites its contents without prompting.

NOTE: An inode is the identifier used on each Linux partition for a file. Every file gets its own inode. The inode includes metadata about the file, which includes the permissions, size, last access time and the disk block where the file is located.

MV
#mv file1 file2 ? Changes the name of a file from file1 to file2. 

#mv file* Dir1 ? moves multiple files in Dir1.

RM
#rm –r *.tmp ? to remove files and Directory.

LN
#ln /home/jm/project /home/dli/project ? to make hard link between both project files.

NOTE: #cp –p file1 file2 works just for same purpose.

#ln –s /home/jm/project /home/mj/project ? for make symbolic link.

MKDIR
#mkdir –p Dir1/Dir2 ? creates a directory named Dir2. If Dir1 does not exist, the –p switch tells Linux to create that directory as well.

#mkdir –m 755 /usr/Dir3 ? Creates a directory named Dir3 as a subdirectory in the /usr directory. The permission 755.

RMDIR
#rmdir –p Dir1/Dir3 ? to delete empty directory.

CAT
#cat file1 ? to view the contents of file.
.
Head & Tail
#head –n15 bully.txt ? to view first 15 lines.

#tail –n22 bully.txt ? to view last 22 lines.

More & Less
#less –N bigfile ? known as pagers, big file can see in pages by pages like page up page down.

PERMISSION

Drwxrw-r--    1     root     san    1213   Sep 23 09:39   abc

D ? Directory              rwxrw-r-- ?permission on file 
L ? linked file                                    or Dir.
-- ? Regular file            1213 ? Size of Data
 
Abc ? Dir. Upon which permission are set.

Root ? owner here on specific abc Dir.
San ?Group here on specific ABC Dir.


NOTE: Permission associated with a file is assigned to owner, group, everyone means
  O   G   E
Rwxrw-r--   
Rwx ? owner of that object.
Rw- ? How much group can access.
r-- ? How much everyone can access that object.

NOTE:
R? Read permission ? can only Read, not modify, no changes.
W ? Write permission ? can only write.
X ? Execute permission ? can execute also.

NOTE: 
Permission is set with a three number code.

Numeric Permission

Permission                   Number                Basis
r                             4                   =   r(4)
w                             2                    =   w(2)
x                             1                    =  x(1)
rw                            6                    =  r(4)+w(2) 
rx                            5                    = r(4)+x(1)
wx                            3                    = w(2)+x(1)
rwx                           7                    = r(4)+w(2)+x(1)

CHOWN
 #chown root abc (To change owner of object).


CHGRP
#chgrp san abc (To change group of object).

When a superuser (root) login, now 
(root@localhost san)#

Here,

Root ? login user name
@ ? define machine name
Localhost ? is a machine name
San ? is a working directory

# ? define a user have full right means a super user.

When a local user (san) login, now
(san@localhost home)$

Here,

San ? login user name
@ ? define machine name
Localhost ? is a machine name
Home ? is a working directory
$ ? define a user have no administrative rights means a local user, not superuser.

HOW TO CREATE USER, GROUP 

#useradd san ? username

#groupadd san ?groupname

#passwd san ? to Set password on user.


BASIC USER AND GROUP MANAGEMENT

Linux users can be classified into three groups :
1.    Administrative
2.    Service
3.    Regular user
Linux user accounts are organized into groups. While default users are the only member of their default groups, you can organize users into new groups, and you can configure rights and privilege that vary differently by group.
/etc/passwd ? Linux, user accounts are organized in /etc/passwd.
STATEMENT IN /ETC/PASSWD
San:x:509:509:dahiya:/home/san:/bin/bash
Column     Function                Comment
   1             Username            Login Name
   2             Password            If this field contains an x,                                   
                                             Encrypted password store in
                                              /etc/shadow.
   3            User ID                 Red Hat start with 500.
   4            Group ID              Red Hat start with 500.
   5            Extra Information User’s real name.
   6            Home Dir.             /home/username
   7            Default shell          Shell a user sees after logging
                
/etc/shadow ? Their passwords are made more secure in /etc/shadow.
STATEMENT IN /ETC/SHADOW
San:!!:12381:0:99999:7:::
Column     Function                Comment
1             Username            Login Name
2             Password             Encrypted Password
3        Number of Days     Last time the password was 
                                          Changed, in days
4    Min. Password life Set min. no. of days password 
5    Max. Password life Set max. no. of days password
6    Warning period       Warning this many days before
                                           password expires
7         Disable A/C            Disable A/c 
8.      A/C Expiration         Date of Expiring
                                
/etc/group ? Linux, group accounts are organized in /etc/group.
Statement in /etc/group
Column     Function                Comment
  1             Group Name     By default, users are members  
                                           of groups with same name.
  2            Password            x -> encrypted password
  3            Group ID            Users have the same ID as their
                                           Groups
  4            Members            Includes usernames of others 
                                           who are members of the same 
                                           group.          

/etc/gshadow ? configuration file for groups, specifies an encrypted password for applicable groups

Note: When creating a  new account, the default parameters are configured in /etc/login.defs 
Like
Max. Password Age
Min. Password Age
Home Directory make y/n
Useraccount uid etc.
Second, configuration files are normally copied to the new user`s home directory from the /etc/skel directory.
/etc/skel ? where default user bash store.

The Direct Method for creating User
?    Open /etc/passwd in a text editor.
?    Start a new line. The easiest way to do this is by copying the applicable information from a current user.
?    Change the username,userID,GroupID and Home dir.
?    Save changes in /etc/passwd.
?    Open /etc/shadow, Create a new line by copying applicable information from a current user. 
?    Save changes in /etc/shadow.
?    Open /etc/group, Create a new line by copying the applicable information from a current group.
?    Save changes in /etc/group.
?    Set up new user`s home directory like
#mkdir –p /home/san
?    Give new user access to his home directory.
    #chown san /home/san
    #chgrp san /home/san
?    Now, assign a new password through command.
?    Copy all files from /etc/skel to /home/san like
    #cp /etc/skel/.* /home/san
?    Check your identity through su command like
#su – san

DELETING USERS
?    Use #userdel san ? to delete user san
?    Disable user account through /etc/passwd set * for the target password.
?    Delete through Direct Method, now steps are :
1.    Delete the user’s entry from /etc/passwd.
2.    Delete the user’s entry from /etc/group
3.    Delete the user’s entry from /etc/shadow
4.    Delete the user’s entry from /etc/gshadow

?    Use GroupDel to delete groups.

Managing User Access with “chage”

#chage –m days user ? Min. life of password.
#chage –M days user ? Max. life of password.
#chage –I days user ? no. of days that an account inactive.
#chage –E date user ? date after which an account is 
                                       Inaccessible
#chage –W days user ? advance warning,password change
#chage –l user  ? List user`s password and account
                              information currently 

Using the Shadow Password Suite
?    By default, Red Hat Linux uses this suite to provide additional security through encrypted passwords in the /etc/shadow and /etc/gshadow files. These files require commands to convert passwords to and from the companion /etc/passwd and /etc/group configuration file.
?    These encrypted password files have more restrictive permission than /etc/passwd or /etc/group.
?    Only the root user is allowed to even view these files, and they are not writeable by default.
?    Converting User Passwords:
?    Pwconv : Converts an existing /etc/passwd file. Passwords that currently exist in /etc/passwd are replaced by an x; the encrypted password, username and other information are transferred to the /etc/shadow file.
?    Pwunconv : Passwords are transferred back to /etc/passwd and the /etc/shadow file is deleted. Be careful, because this also deletes any password-aging information.
?    Converting Group Passwords:
?    Grpconv : Converts an existing /etc/group file. The relevant information is transferred to /etc/gshadow.
?    Grpunconv : Reverses the process of the grpconv command.

UMASK
?    By default value of umask is 022 so the permission of any object is default :
?    Rw-r—r—
?    To change umask #umask 033 then default permission of any object is also change.

WC
#wc san.txt
1914    9298   76066
Here, 1914 ?line
          9298 ?words
          76066 ? characters
FIND
#find san*.* ?use find command for searching with wildcards.
#locate san*.* ? working same as find.

GREP
#grep “san” /etc/passwd ? to see a specific contents in a file.
FILE EDITOR   

Vi Editor : can see, write, modify contents of a file.
Nano Editor : Easy to learn, Easy to use.
Gedit : a simple graphical editor.
Vim : an advanced, full feature editor
Gvim : a graphical version of the vim editor

?    When we open file then line counting comes with
:set nu
?    Deleting Text
: It is easy to delete text in vi.
: three deletion commands are associated with the current location of the cursor:
X ? Delete the current character.
Dw ? Delete the current word.
DD ? Delete the current line.

?    Searching Text in a file.
/word ? which you want to search in a file.
?    Small Tips on Vi Editor

a ? Starts insert mode after the current cursor position
A ? Starts insert mode by appending at the end of the current line.
Cw ? Delete the current word and then enters insert mode to allow you to replace that word.
Dw ? Delete the current word without entering insert mode.
Dd ?Deletes the current line.
G ? Moves the cursor to the end of the line.
15G ?Moves the cursor to the 15th line.
H ? Moves the cursor left one space.
I ? Enters insert mode.
U ? undo last changes, 
Esc ? exits from the insert mode.

 RPM PACKAGES

#mount /media/RHEL-DVD
#rpm –I package ?To install a package or service from the cd.
#rpm –q package ? To view version of the package.
#rpm –e package ? To delete package from Linux O.S
#rpm –Uvh package ? To u or f for upgrade the package,v for verbose of package (verifying intergrity value of a file),h for provide monitor the progress of the installation of packages.

HELP SEARCHING TOPIC
#man sendmail ? to give help support for sendmail command.
#date ? to provide date detail.
#cal ? display calendar
#time ? display time
#startx ? to go on GUI mode.
#history ? to view last back commands.
#hostname ?to view machine name
#hostname dns ?to set dns machine name
#lpr ?to send print jobs
#sendmail ?to send mail for users
#ifconfig ?to view ip address of machine
#lpq ? to view the contents of queue
#lprm ? remove print job from a queue
#lpstat –a ? list configured printers
#ping ipaddress ? to test connectivity between machine


FILE AND DIRECTORY NAMES

Note: Names may be up to 255 characters.
          All characters are valid, except the forward-slash
          Names are case-sensitive

How to configure NFS server


Qes.5 => How to configure NFS server
Ans=> Fallow these step to configure nfs server.
Step-1 => Install nfs server package
#yum install nfs*
step-2 => Make a directory to share with nfs server.
#mkdir /nirmal
step -3 => make entry inside nfs configuration file
#vim /etc/exports
/nirmal *(rw,sync,no_root_squash)
save and exit
step-4 => Restart NFS server services
#service nfs restart
#chkconfig nfs on
step-5 => Verify NFS share folder
#showmount -e (server IP)


step-6 => Mount nfs share
mount -t nfs 192.168.1.50:/nirmal /mnt
or
mount 192.168.1.50:/nirmal /mnt

How to configure SSH Key Gen based authentication


  How to configure SSH Key Gen based authentication
Ans.-1 => Follow these step for password and passphrese less authentication
#ssh-keygen ( This command will generate a pair off key inside ~/.ssh/id_rsa and ~/.id_rsa.pub
2=> Copy ssh id to remote host.
#ssh-copy-id -i ~/.ssh/id_rsa_pub root@192.168.0.51


3=>
#ssh-agent bash
#ssh-add
#ssh-add -l => This command is used to show ssh agent key list

How can create yum server with ftp for network use

Qus  => How can create yum server with ftp for network use.
ANS =>
Configure your machine as ftp server.
Copy Server folder from DVD to /var/ftp/pub like this
#cp -r /media/RHEL5.4/Server /var/ftp/pub/
After this make repo file inside /etc/yum.repos.d/ like this
Cat /etc/yum.repos.d/rhel-debuginfo.repo > /etc/yum.repos.d/nirmal.repo
After run this command change configuration of file like and make entry like this
#vim /etc/yum.repos.d/nirmal.repo
[Yum-Server]
Baseurl=ftp://192.168.0.254/pub/Server/
enabled=1
gpgcheck=0
save this file and exit
Install createrepo* package to create repos file (index file)
#cd /var/ftp/pub
#rpm –ivh Server/createrepo-0.4.11-3.el5.norach.rpm
#createrepo -v Server/
#yum update if this command was run successfully it means yum server is working fine if you get error then run
#yum clean ALL it will clean all cache off yum .
  1. Note – if you want to create yum client just create a repo file inside client machine /etc/yum.repos.d/

  2. Like server repo file nirmal.repo

How to create ftp server in RHEL | FTP Server


Qus => How to create ftp server in RHEL
Ans => 1 – install vsftpd-2.0.5-16.el5.i386.rpm rpm package
#rpm -ivh vsftpd-2.0.5-16.el5.i386.rpm
# service vsftpd restart
#chkconfig vsftpd on
After run this step you have a directory inside /var
#/var/ftp/pub
After installing this package pub directory automatically share
To verify ftp run #ftp localhost
username : anonymous
password : none
ftp> if you see this it means ftp is working.
Note use username for ftp login anonymous and password blank .

How to create local Yum server in RHEL.

Qus  => How to create local Yum server in RHEL.
Ans 1 => Make a directory
# mkdir /yumdata ( copy all rpm package inside that folder /yumdata from DVD,Pen Drive,Network )
Here im using ftp to copy rpm package
#wget –P /yumdata/ ftp://192.168.0.254/pub/Server/*
2- create a file in /etc/yum.repos.d with any name but extenuation should be .repo and write server configuration entry like this
# vim /etc/yum.repos.d/nirmal.repo
[redhat-nirmal]
name=Yum Server
baseurl=file:///yumdata/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release


save this file
3- #cd /yumdata
yumdata]#rpm –ivh createrepo-0.4.11-3.el5.noarch.rpm
yumdata]#createrepo –v /yumdata/ ( this command is used to create index file for yum server)
4 – yum update ( this command is user to check yum server is working or not)
  1. Note this yum server working with local system only if you want make this for network please use ftp server to share repository .




Linux server hardening | Secure Linux Servers

 Linux server hardening is the process of securing a Linux server by reducing its attack surface and mitigating security risks. The goal is ...