Packetfury.net

It happens to all of us. We reinstall a PC, or change an IP address, and suddenly we can't connect to the machine via SSH. SSH is extremely secure, if the fingerprint of a machine changes, SSH refuses to connect, with a nice warning:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 

Do not take this warning lightly; it could be the result of a reinstall, but it could be that another host has taken the place of a previous host, which could be a BadThing(c). If you are absolutely sure that it is the same host (it happens to me when I reinstall), then there are ways of telling SSH that we can proceed. SSH stores the host fingerprints in a file, .ssh/known_hosts. You could just delete the file, but then every time to reconnect to another host for the first time, you get the authentication warning. The easiest way is to use ssh-keygen; ssh_keygen -R <host>. You can now reconnect to the host; SSH will ask to authenticate the host, and you will be up and running again.

"RTFM" is probably one of the things that you are going to hear when you ask a Linux geek anything. And it is true that "man" is a great tool. Reading man pages can be a little daunting from time to time, and if you aren't colorblind, then there is a useful tool called "most" that can colorize output text. On an Ubuntu system, type:

sudo apt-get install most

This will install the package, but the configuration doesn't stop there. Now we need to make "most" the default reader. Type this:

sudo update-alternatives --config pager

This will show you a list of pagers, just select the number corresponding to "most". Now fire up a man page and voilà! The output should be a little more readable.

I had a Gnome system for a client, where the one and only user on the machine was generic, and was used for several people. When the machine went to sleep, on resume Gnome would ask for a password, a password that the client shouldn't have, and didn't need. I wanted a way for the machine to resume, and no longer pester me for a password.

Fire up a terminal, and start gconf-editor.  Go to the Apps /gnome-power-manager / lock folder,  and de-select "suspend", "hibernate" for resuming with no password.

It is well know, root is master of a Linux box. He has the ultimate power, and files (and users) live and die by his command. He can do anything he wants, and with great power comes great responsibility. Sometimes too much. Who here hasn't accidentally erased a file they shouldn't have? It has happened to most of us; a quick F8 in mc or a wrong del command, and we start crying. I had a friend that dropped a database in front of me, convinced that a system was in place to protect the database against that. Wrong.

Making files immutable is one way of protecting yourself on a Linux box. You can make files "immutable", meaning that even root can't modify or delete them. Try this:

# chattr +i test_file

This sets the immutable flag. If you want to remove the flag, just do this:

# chattr -i test_file

You can also check to see what flags have been written to a file by doing this:

# lsattr test_file

----i-------- test_file

chattr can be used for many other things, just man chattr.

I own a LaCie Big Disk Network, a simple home NAS server. It has a hard drive, embedded controller and is small and quiet enough to fit anywhere. Mine lives under the sofa. It can be accessed by FTP or by a WIndows share. I usually transfer photos and data to and from the disk via FTP, but having a Windows share is easier, let's face it. Gnome can connect to the drive using a nice interface, asking for a user and password, but I needed something more basic, an entry in the fstab file for my monitor-less server.

In order to mount the drive from the command line, try this:

mount -t cifs -o user=<username>,pass=<password>,uid=<uid> //192.168.0.1/share /mnt/nas

This will allow you to mount the drive under the specified folder, but also to give the read/write rights to UID <uid>, something that had been a problem for me. With this, the specified user can freely access the system, make files, create folders and run all of my backup scripts.

This tip comes from linux-tipps from this article, lots more hints can be found on his blog.

I have a netbook that, when booted, may or may not be connected to an external monitor. The aim is to be able to correctly set up the system depending on what has been plugged in.

From linux-tipps, create the following file: /etc/X11/Xsession.d/98vgaonly, and make it executable (chmod +x).

Insert the following text into the file:

xrandr -q | grep 'VGA connected' && xrandr --output LVDS --off --output VGA --auto

This will check and see if an external monitor is connected. If it is, it cuts off the internal monitor and sets the external monitor to the best resolution possible. You can keep the internal monitor active, or set to a specific resolution. --output LVDS --mode <mode> will force a video mode, --output LVDS --auto will automatically set up the resolution.

On some machines, it can be useful for some users to run specific commands as root, and to not have a root password, or any sort of password for that matter. I had a netbook where I needed the user to be able to restart or halt his computer without any password, and without any form of authentication. To do this, we need to edit the su user configuration file, so type:

sudo visudo

This opens up an editor and shows the contents of the sudoers file. Add the following line:

user ALL=NOPASSWD:/sbin/halt, /sbin/reboot

The user "user" can now run "su halt" and "su reboot" without being asked for a password. This can, of course, be applied to other commands, just separate them with a comma, and don't forget to use entire paths.