PROBLEM: I do not need swap. SOLUTION: One command swap disable. [?] What is swap? https://www.linux.com/news/all-about-linux-swap-space Run:
|
1 |
root@server:~# swapoff -a |
And remove swap entry from fstab (the second line only!) And reboot the system.
PROBLEM: I would like to determine network bandwidth between two devices. SOLUTION: Use very simple test tool – iperf! [?] What is bandwidth? https://searchnetworking.techtarget.com/definition/bandwidth First of all, download iperf from official website! It works on Windows, Linux, OS X or Android. I will use Windows on this case. Start cmd (as the admin, just to be sure) and navigate to iperf directory. If you do not know your IP address, just open new cmd and run ipconfig. If you want to run…
PROBLEM: SSH is disconnecting after a short time! SOLUTION: Edit SSH server configuration and increase timeout. [?] Boot what? https://www.computerhope.com/jargon/b/boot.htm It is good to reboot the machine and run these 3 commands to understand what is happening during boot and how fast it was. This will show kernel and userspace boot start time.
|
1 |
root@server:~# systemd-analyze |
OUTPUT:
|
1 2 |
Startup finished in <strong>3.972s</strong> (kernel) + <strong>9.259s</strong> (userspace) = <strong>13.232s</strong> graphical.target reached after 7.717s in userspace |
Show services startup order:
|
1 |
root@server:~# systemd-analyze blame |
And to show very detailed report run:
|
1 |
root@server:~# dmesg |
And now you should determine what is slowing down your boot!
PROBLEM: I would like to see how fast is boot of my machine! SOLUTION: No problem! [?] What is SSH? https://www.youtube.com/watch?v=X9jAjG3PWPo By adjusting SSH timeout we can achieve a balance between security (if you forget to close your SSH client) and irritating interruption of your work. You can adjust configure your client or server. I prefer to do this on the server, because you don’t have to do this on every client for every user. Just edit SSH deamon config…
PROBLEM: I have Ubuntu machine and I would like to use it as a VPN server. SOLUTION: Easy 5 minutes setup! [?] What is VPN? https://thebestvpn.com/what-is-vpn-beginners-guide/ 1.0 Find your IP (it has to be public), in my case it is (example) 1.2.3.4.
|
1 |
root@server:~# ifconfig |
Output:
|
1 2 3 4 5 6 7 8 |
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet <strong><span style="color: #ff0000;">1.2.3.4</span></strong> netmask 255.255.255.0 broadcast 1.2.3.4 inet6 fff::fff:ff:f prefixlen 64 scopeid 0x20 ether ff:00:00:00:00:00 txqueuelen 1000 (Ethernet) RX packets 1333033 bytes 1624453300 (1.6 GB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1368419 bytes 939479780 (939.4 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 |
2.0 Download openvpn-install.sh script
|
1 |
root@server:~# wget https://git.io/vpn -O openvpn-install.sh |
2.1 Runs the script!
|
1 |
root@server:~# bash openvpn-install.sh |
Use IP address you discovered in step 1, use port 1194 (standart OpenVPN port). Pick your favourite DNS service and put name of the first…
PROBLEM: I want some files from my linux server! SOLUTION: Use FileZilla! [?] Get FileZilla client today! https://filezilla-project.org/ Open Site Manager (CTRL+S) and create New Site Switch Protocol to SFTP, put server’s IP and port number (by defautl it is 22). Choose Logon Type – Normal is basic username / password auth. if you are using certificates choose Key file instead. And Connect! And you should see your home folder now! You can start transfer data to our from your server!
PROBLEM: I would like to check all active connections to my VPN server. SOLUTION: Simple one line command CAT just simply shows what is inside the status log with current connections and IP addresses.
|
1 |
root@server:~# cat /etc/openvpn/openvpn-status.log |
OUTPUT (1.2.3.4 is a host address with port used)
|
1 2 3 4 5 6 7 8 9 10 |
OpenVPN CLIENT LIST Updated,Wed Nov 21 17:53:43 2018 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since srvrv,1.2.3.4:5552,1159072,4339219,Wed Nov 21 17:47:54 2018 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.5.0.2,srvrv,1.2.3.4:5552,Wed Nov 21 17:53:42 2018 GLOBAL STATS Max bcast/mcast queue length,1 END |
PROBLEM: Everyone can test SSH access on my server SOLUTION: Use ufw to allow connection only from specified network Just use simple ufw command, where 10.5.0.0/24 is your e.g. VPN network (or you can use your public IP) and port number is desired port for SSH (can be adjusted in /etc/ssh/sshd_config).
|
1 |
root@server:~# ufw allow from 10.5.0.0/24 to any port 22 |
PROBLEM: Enabled telnet as a security vulnerability. SOLUTION: Disable telnet and enable SSH [?] Telnet vs. SSH https://www.ssh.com/ssh/telnet Telnet is a way how to remotely control something. This sounds great, but you should know telnet has been developed in the 1960’s and it is unencrypted. So everyone with e.g. Wireshark can read your username & password combo. The more secure way how to access your devices over the net is using SSH, which is significantly more secure. //Just use this code…
PROBLEM: I would like would like to use the second router/switch as a backup one. SOLUTION: Use very simple HSRP! [?] What is EIGRP? https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html Let’s have a look at the topology diagram, at first: We can see two networks (A, B) and two Routers (1, 2). We would like to keep one router as a primary (e.g. Router 1) and the second one as a backup. So e.g. if Router 1 goes down, we can still access the other network through Router…