Haack's Wiki

User Tools

Site Tools

Trace:
computing:miscadmin

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computing:miscadmin [2019/09/07 23:54] oemb1905computing:miscadmin [2024/04/21 22:01] (current) oemb1905
Line 1: Line 1:
- 
 ------------------------------------------- -------------------------------------------
   * **miscadmin**    * **miscadmin** 
Line 26: Line 25:
   gsettings set org.gnome.desktop.background show-desktop-icons false   gsettings set org.gnome.desktop.background show-desktop-icons false
   gsettings set org.nemo.desktop show-desktop-icons true   gsettings set org.nemo.desktop show-desktop-icons true
- 
  
 -motd- -motd-
Line 47: Line 45:
      
   cat /etc/motd   cat /etc/motd
-  
    
 -Firefox- -Firefox-
  
 To install the latest firefox on Debian and make it default, do the following.  The link below may not always work, so replace when updated. To install the latest firefox on Debian and make it default, do the following.  The link below may not always work, so replace when updated.
- 
  
   sudo mkdir -p /opt/firefox   sudo mkdir -p /opt/firefox
Line 66: Line 62:
   mv /usr/lib/firefox-esr/firefox-esr_orig /usr/lib/firefox-esr/firefox-esr   mv /usr/lib/firefox-esr/firefox-esr_orig /usr/lib/firefox-esr/firefox-esr
      
 +-youtube-dl-
  
--optical ripping-+  sudo curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/local/bin/youtube-dl 
 +  sudo chmod 750 /usr/local/bin/youtube-dl 
 + 
 +-optical ripping example-
  
   cdrecord -pad -dao -data blag-140k-i686.iso   cdrecord -pad -dao -data blag-140k-i686.iso
  
- +-pam hardening location-
- +
--pam garbage-+
  
   sudo nano /etc/pam.d/common-password   sudo nano /etc/pam.d/common-password
Line 188: Line 186:
   set static on wndr wan   set static on wndr wan
  
--exim delete all messages-+-exim delete all messages and other-
      
   exim -bp <print message ids>   exim -bp <print message ids>
   exim -Mrm <message id>   exim -Mrm <message id>
   exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash   exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash
 +  
 +  use this for local interfaces for ipv6
 +  ::::0:0.0.0.0
 +  
 +  view
 +  exim -Mvh
      
 -verifying TLS with swaks on exim4 relay setup -verifying TLS with swaks on exim4 relay setup
Line 205: Line 209:
 -temporary name servers - how to add some - temporary/permanent syntax below: -temporary name servers - how to add some - temporary/permanent syntax below:
  
-  echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf > /dev/null +  echo "nameserver 4.2.2.1" | sudo tee /etc/resolv.conf > /dev/null 
-  echo "nameserver 8.8.8.8" | sudo tee /etc/resolvconf/resolv.conf.d/base > /dev/null+  echo "nameserver 4.2.2.1" | sudo tee /etc/resolvconf/resolv.conf.d/base > /dev/null
      
 -strip desktop environments from GUI system -strip desktop environments from GUI system
Line 214: Line 218:
   sudo apt-get purge $(tasksel --task-packages desktop)   sudo apt-get purge $(tasksel --task-packages desktop)
  
 +-deborphan
  
 +  sudo apt install deborphan
 +  sudo apt-get remove `deborphan`
 +  for i in `deborphan`; do apt-get --purge remove -y $i; done
  
- --- //[[oemb1905@jonathanhaack.com|oemb1905]] 2019/08/08 17:52//+-checking ssh logs 
 + 
 +  cat /var/log/auth.log | grep 'sshd.*Invalid' 
 +  cat /var/log/auth.log | grep 'sshd.*opened' 
 +   
 +-checking disk space- 
 + 
 +  du -ch -d 1 | sort -hr 
 + 
 +-check disk space with ncurses tool- 
 + 
 +  sudo apt install ncdu 
 +  ncdu 
 +   
 +-stop/start sleep of any form on servers- 
 + 
 +  sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target 
 +  sudo systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target 
 +   
 +-xorg with ssh 
 + 
 +  touch /root/.Xauthority  
 +  touch /home/user/.Xauthority 
 +   
 +-batch convert with ffmpeg to mp4 from mkv 
 + 
 +  for i in *.mkv; do 
 +  ffmpeg -i "$i" -codec copy "${i%.*}.mp4" 
 +  done 
 + 
 +-fix badly configured zpool that used short names to by-id names. This command can be entered as-is, and does not need to be adjusted at all for what your specific ids are or for multiple drives. It literally exports the short names and by-ids, unmounts the volumes/pool, then remakes it using the blkid. 
 + 
 +  zpool export tank  
 +  zpool import -d /dev/disk/by-id tank 
 +   
 +monitor ram usage every 3 seconds in human readable way 
 + 
 +  free -h -w -s 3 
 +   
 +postfix to relay, satellite option, enter the relay like this:  to prevent lookups 
 +   
 +  [smtp.smtpserver.com]:587 
 +   
 +Re-attach to screen session that's attached. 
 + 
 +  screen -d -r <session#.user> 
 +   
 +mysqldump to local from remote 
 + 
 +  ssh root@hub.haacksnetworking.org /usr/bin/mysqldump --all-databases --single-transaction --skip-comments --skip-dump-date > hknet.sqldump 
 +   
 +Turn off sleep. 
 + 
 +  sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target 
 +   
 +Amd gPU errors fix 
 +   
 +  mkdir ~/Repositories 
 +  cd /home/user/Repositories && git clone https://kernel.googlesource.com/pub/scm/linux/kernel/git/firmware/linux-firmware.git 
 +  sudo cp /home/user/Repositories/linux-firmware/amdgpu/* /lib/firmware/amdgpu && sudo update-initramfs -k all -u -v 
 +   
 +Unattended Upgrades 
 + 
 +  sudo apt install unattended-upgrades 
 +  sudo apt install apt-config-auto-update 
 +  sudo unattended-upgrades --dry-run --debug 
 +  sudo systemctl status unattended-upgrades 
 + 
 +Next ... ssh failed attempts 
 + 
 +  grep "Failed password" /var/log/auth.log 
 +  journalctl _SYSTEMD_UNIT=ssh.service | egrep "Failed|Failure" 
 +  faillock --user <user> 
 +  grep "authentication failure" /var/log/auth.log | awk '{ print $14 }' | cut -b7-  | sort | uniq -c 
 + 
 +Display Managers (Lightdm, etc.) 
 + 
 +  sudo nano /etc/lightdm/lightdm-gtk-greeter.conf 
 +  [SeatDefaults] 
 +  allow-guest=false 
 +  greeter-hide-users=true 
 +  nano ~/.config/gtk-3.0/settings.ini 
 +  [Settings] 
 +  gtk-application-prefer-dark-theme=1 
 +  sudo nano /etc/lightdm/lightdm.conf 
 +  cd /usr/share/lightdm/light.conf.d/ 
 +   
 +Setting ufw to allow connections to only certain subnets. 
 + 
 +  ufw allow from 192.168.1.0/24 to any proto tcp port 8006 
 +   
 +Establish NIC name using mac:ID 
 + 
 +  nano /etc/udev/rules.d/70-persistent-net.rules 
 +  SUBSYSTEM=="net",ACTION=="add",ATTR{address}=="00:00:00:00:00:00",ATTR{type}=="1",NAME="eth100" 
 + 
 +   
 + --- //[[jonathan@haacksnetworking.org|oemb1905]] 2024/01/28 20:31//
computing/miscadmin.1567900470.txt.gz · Last modified: 2019/09/07 23:54 by oemb1905

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki