The simplest way to get your external IP from linux shell or from linux command line is to use the following command:
wget http://ipecho.net/plain -O - -q ; echo
Once executed you should simply get an output like this:
123.124.125.126
If you don't have wget installed yet you can install it like this:
apt-get update; apt-get install wget
Friday, May 6, 2016
Monday, March 21, 2016
Feed in your ssh password into Linux SSH command to login automatically
I needed to login to a linux server automatically, but without using Shared RSA Key. I needed to simulate a human being typing password, but to do that automatically so I can use it inside my shell scripts.Surprisingly this solution was difficult to find on Google. I would like to share this simple technique in hope this will save somebody long research time.
This is an alternative solution from login into SSH using Shared RSA Key technique which is much more secure and the recommended method.
WARNING: This method exposes your ssh login / password! (use with caution)
Install sshpass if you don't have it yet:
apt-get update
apt-get install sshpass
Example shell script:
#!/bin/bash
sshpassword=mypassword
sshpass -p $sshpassword ssh 192.168.1.1 "ls -l"
iPhone Mail IMAP setup with iRedMail Server not working via SSL (SOLVED)
Enable port 993 IMAPs to get iPhone Mail app to work with IMAP against iRedMail (dovecot) server.
I have a iredmail server fully working with many IMAP clients (Outlook, Mac Mail, Thunderbird, etc...), however I have been battling getting it to work on IOS / iPhone Mail IMAP client.
After hours of toiling and googling, I found the solution (or issue). The secret is to enable port 993 (IMAP SSL / IMAPs) protocol in my firewall NAT rules. Meaning I had to port forward port 993 also for IMAPs. I guess this is because the iPhone does not support IMAP SSL TLS with STARTSSL using only port 143.
I hope this clue help save time for somebody else.
Wednesday, January 20, 2016
How to setup Advanced DNS on NameCheap for Mandrill App
Mandrill App is the self-service part of MailChimp.
Basically it is a transactional outgoing email server. Mandrill is very cool having these features:
1. Keeps track of all your email sents.
2. Wondering what happen to that email you just sent? Why the recipient never got it? No more of that problem. Mandrill's log will tell you why.
3. First 12,000 emails sent are FREE, and above 12,000 emails are very reasonably priced.
Okay great... those are all great... but setting up Mandrill is a chore. Since it is transactional email, you have to authorize Mandrill's servers to send emails on your behalf. You have to set DKIM and SPF records as TXT records into your DNS Records.
I use NameCheap, because they are cheap and have good support.
Here is a screenshot of what my NameCheap DNS settings looks like:
Once you set those records in your DNS, you should wait about 30 minutes for the records to propagate to other DNS servers worldwide.
Then, go back to your Mandrill admin panel > Settings > Sending Domains and click on the Test DNS Settings button.
If all goes well... you should see something like this:
The tricky / key part here is setting the 'host' of the DKIM to just 'mandrill._domainkey' instead of 'mandrill._domainkey.domain.com' as suggested by Mandrill's instructions.
Basically it is a transactional outgoing email server. Mandrill is very cool having these features:
1. Keeps track of all your email sents.
2. Wondering what happen to that email you just sent? Why the recipient never got it? No more of that problem. Mandrill's log will tell you why.
3. First 12,000 emails sent are FREE, and above 12,000 emails are very reasonably priced.
Okay great... those are all great... but setting up Mandrill is a chore. Since it is transactional email, you have to authorize Mandrill's servers to send emails on your behalf. You have to set DKIM and SPF records as TXT records into your DNS Records.
I use NameCheap, because they are cheap and have good support.
Here is a screenshot of what my NameCheap DNS settings looks like:
Once you set those records in your DNS, you should wait about 30 minutes for the records to propagate to other DNS servers worldwide.
Then, go back to your Mandrill admin panel > Settings > Sending Domains and click on the Test DNS Settings button.
If all goes well... you should see something like this:
The tricky / key part here is setting the 'host' of the DKIM to just 'mandrill._domainkey' instead of 'mandrill._domainkey.domain.com' as suggested by Mandrill's instructions.
Wednesday, January 13, 2016
Bash shell script to rotate log files in certain directory using array of files
The script below will automatically rotate log files (defined in array) inside certain directory.
Note the Logfiles array in variable $Logfiles.
To use this script simply save the script to filename (you can change this): rotate_logs.sh
Change the values for variables:
Directory
Extension
Logfiles
then make it executable using:
chmod +x rotate_logs.sh
-----------------------------
Directory='/log';
Extension='log';
Logfiles=('file_1' 'file_2' 'file_3');
echo "Directory: ${Directory}";
echo "Extension: ${Extension}";
echo "Logfiles: ${Logfiles}";
for File in "${Logfiles[@]}"
do
cd ${Directory}
echo "Rotating: ${Directory}/${File} ... "
mv ${File}.${Extension} ${File}-`date +%Y%m%d`.${Extension}
touch ${File}.${Extension}
chmod 777 ${File}.${Extension}
done
------------------------------
Once rotate daily / nightly you should also remove old log files using these lines in your cron table:
crontab -e
----------------
40 3 * * * find /log -mtime +5 | xargs rm -f
----------------
The first cron table line '/cron_shell/rotate_logs.sh' is the rotate script I described above.
The second line removes files older than 5 days.
Monday, November 23, 2015
Fixing server error: SMART error (CurrentPendingSector) detected on host: (your_sever_hostname)
This morning I got an email from one of my server with this content:
-----------------
This email was generated by the smartd daemon running on:
host name: (your_server_hostname)
DNS domain: yourdomain.com
NIS domain: (none)
The following warning/error was logged by the smartd daemon:
Device: /dev/sdb [SAT], 1 Currently unreadable (pending) sectors
For details see host's SYSLOG.
You can also use the smartctl utility for further investigation.
The original email about this issue was sent at Sat Nov 21 15:15:52 2015 CST
Another email message will be sent in 24 hours if the problem persists.
host name: (your_server_hostname)
DNS domain: yourdomain.com
NIS domain: (none)
The following warning/error was logged by the smartd daemon:
Device: /dev/sdb [SAT], 1 Currently unreadable (pending) sectors
For details see host's SYSLOG.
You can also use the smartctl utility for further investigation.
The original email about this issue was sent at Sat Nov 21 15:15:52 2015 CST
Another email message will be sent in 24 hours if the problem persists.
---------------------
The confusing part is ... when I check the hard drive /dev/sdb using smartmon tool, it actually says PASSED!
smartctl -H /dev/sdb
smartctl 5.41 2011-06-09 r3365 [x86_64-linux-2.6.32-40-pve] (local build)
Copyright (C) 2002-11 by Bruce Allen, http://smartmontools.sourceforge.net
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
But when I do a long test:
smartctl --test=short /dev/sdb
or
smartctl --test=long /dev/sdb
and check the result using:
smartctl -a /dev/sdb
I found some errors:
SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Short offline Completed: read failure 90% 6518 84256
as you can see I have a problem and it was confirmed by ONLY the long test.
I replaced the bad drive /dev/sdb and ran another short test. Problem has been confirmed and fixed.
How to convert or create .pem and .key files from .p12 certificate file for Kount RIS certificate
I have a client who uses Kount for fraud detection and management. Every year Kount require renewal of their RIS (Risk Inquiry System) certificate to be renewed.
This certificate is a X.509 certificate which has to be generated from Kount website.
Here are the steps I took to renew Kount RIS certificate:
This certificate is a X.509 certificate which has to be generated from Kount website.
Here are the steps I took to renew Kount RIS certificate:
Step 1: Login to Kount awc.kount.net (If you are a developer like me and have not logged into Kount for more than a few months, you may need to do forgot password)
Step 2: go to Admin menu > RIS Certificate > Create New certificate
(USE FIREFOX - which allows exportation of p12 file)
(p12 file will be installed inside firefox)
(export the p12 file to your local computer)
Step 3: Copy p12 file to your web server to convert to .pem and .key file there using OpenSSL
To convert from .p12 to .pem
openssl pkcs12 -clcerts -nokeys -in your_source.p12 -out your_target.pem
To convert from .p12 to .key
openssl pkcs12 -nocerts -in your_source.p12 -out your_target.key
Step 4: Make a copy of .p12 .pem .key to uniform filename used by your PHP script.
Step 5: Copy the newly generated .pem and .key files to any other web server you have.
Subscribe to:
Posts (Atom)