SSH and initial configuration of a dedicated server

SSH and initial configuration of a dedicated server

How to connect via SSH command line to the dedicated server to administer whole server? Initial Server Setup, how to log in as root, how to edit files,etc:-

These accesses are created either by yourself during installation or provided by your hosting dedicated server after installing the system.

To administer the dedicated server with these identifiers, it is necessary to connect from the command line via SSH (Secure Shell).

Linux

Open a terminal and use the command ssh test.yourdomain.com -l dew

Specifying port 22 (default): ssh test.yourdomain.com -l dew -p 22
Windows: Putty

The best Windows SSH client relationship at present is Putty . You simply specify the address of your server (and possibly the port if it differs from the default port 22 for SSH) to connect it to the server.

Putty SSH

Feel free to customize the display in Window> Colours (background color, font) to make you feel at home. In Window> you can choose the character set (ISO / UTF-8) if accented characters are not displayed correctly.

Root (super administrator)

To configure your server, you’ll need to run commands super-administrator mode. This is a user who has the maximum privileges on the machine. Normally you have to choose a password during the installation of your server.

Ubuntu

Use sudo before each command. For example: sudo apt-get install nano
Debian

Simply use the command su and enter the root password, or install sudo like Ubuntu with apt-get install sudo and set the rights with visudo .

Manual

For more information about a command or a program, use the Linux manual by typing man followed by the command name.

• ls: List the contents of the current directory
  cd: Change directory (eg cd / etc /)
  mv: Move (or rename) a file
  cp: copy a file
  rm: Removes a file (recursively:-rf)
  rmdir: Removes a directory
  mkdir: Creates a directory

The configuration files are usually all stored in / etc /, executable programs in / bin / or / usr / bin / document files (web, mail, mysql) in / var and / home directories in / home / except for root that has / root /.
Change the root password

Feel free to change the password especially if it was given to you by default. Log in as root first (see above) and enter the command:

passwd root
Editing files

To edit the files on the command line (SSH) many text editors available. If you are new to Linux Ubuntu or Debian, we recommend nano, which is relatively easy to access. You can install it with apt-get install nano . Otherwise, prefer vi (or vim) which is very powerful. This is the editor that we use in the tutorials in this section.

Vi few basic commands:

• i: Insert text
  a: Add text
  Esc: Exit the previously selected (or i) fashion
  x: Delete a character
  dd: Clear / off line
  Y: Copy a line
  p: Paste online
  o: Insert a new line
  u: Undo the last action
  : W: Save File
  Q: Quit
  : Q! : Exit without saving
  / Mot_à_chercher: Search for a word
  n Search the following word
  : G/mot1/s / / word2 / g: Search All file to replace the string1 by string2

SSH configuration

To secure SSH access to the server, publish / etc / ssh / sshd_config file. We will change the connection port default to avoid some bruteforce attacks on port 22, which is well known for hosting the service. Do not forget to specify the new port (in Putty or ssh command line Linux) at the next login.

vi /etc/ssh/sshd_config

Port 1337 # Changer le port par défaut PermitRootLogin no # Ne pas permettre de login en root Protocol 2 # Protocole v2 AllowUsers

Restart the SSH service after these changes:

/etc/init.d/ssh restart
Basic configuration of the network

Verify that the hostname of your machine is correct or personalize it by editing / etc / hostname. It must also reflect the reverse configured with your host or datacenter.

vi /etc/hostname

In our example case, we will specify test.yourdomain.com

Check the / etc / hosts file

vi /etc/hosts

It should look something like this, with your own IP address and domain name:

127.0.0.1 localhost test 88.150.120.130 test.yourdomain.com test

We will also optimize some server security along the way. Network do not change these unless you know what you’re doing.

echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route echo "1024" > /proc/sys/net/ipv4/tcp_max_syn_backlog echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

Edit the file / etc / resolv.conf to check or add the DNS servers to use:

vi /etc/resolv.conf

nameserver ip_serveur_dns_1 nameserver ip_serveur_dns_2

After these changes we can restart the network service:

/etc/init.d/networking restart

Or more radically restart the server:

reboot

Wait a few minutes and then reconnect. Check the changes with the following commands:

hostname-f
should return the FQDN or test.yourdomain.com in our example
hostname-s
must return the short name, or test
hostname-d
must return the domain or yourdomain.com
hostname-i
returns the IP address

Administration

Updates with APT

APT is a manager of high performance packages. It will allow you to add or remove programs in the Linux distribution. To begin, put the list of updated packages from servers Reference: apt-get update

Then proceed to update the system. The packages will be replaced by their updates: apt-get upgrade

Here are some very useful APT commands:

• apt-get dist-upgrade
  Updates the entire distribution
  apt-get install package
  Install the package mentioned
  apt-get install package-s
  Installation Simulation
  apt-get remove package
  Uninstall / remove the package
  apt-get remove package – purge
  Complete uninstall (including configuration files)
  apt-cache show package
  Package Information
  apt-cache search package
  Search packages available
  apt-cache depends package
  Dependencies
  apt-cache madison package
  Versions available
  apt-cache policy package
  Versions and options
  apt-get clean
  Empty disk caching packets

Services, demons

In the following tutorials, we will install a service (web, ftp, email) also called demons. Debian, Ubuntu and Linux variants thereof are administered via scripts located in / etc / init.d, taking the argument mostly start terms (start), stop (stop), restart (reboot), reload (reload the configuration without restarting). Example: /etc/init.d/apache restart . It must of course be identified as root (super administrator) to perform these operations.

NTP

NTP can synchronize server time with atomic clocks. Debian Etch already exists openntpd. You can equip your system with apt-get install ntp ntpdate . Edit /etc/ntp.conf or /etc/default/ntpdate to verify the configuration and modify the server address with those closest to you then restart the service: /etc/init.d/ntp restart .
Miscellaneous

Install some tools that will be very useful (to do that if it seems appropriate):

apt-get install zip unzip gcc libc6-dev linux-kernel-headers diff wget bzip2 make

To handle character sets and local do not hesitate to invoke:

dpkg-reconfigure locales
End

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

An Insight into PuTTY

An Insight into PuTTY

Internet is accessible to all and sundry, which makes it most vulnerable to hackers and other types of online threats. That is why; security is one of the most important concerns to the internet users. Downloading PuTTY will provide your connection with an additional layer of security to restrain threats to your account.

What is PuTTY?

It refers to a licensed and free terminal or shell application in the network used for communication. This is exclusively written for Microsoft Windows but now widely used in every OS. PuTTY is also a designed app that provides a security protocol and enables the users to freely use, re-use, develop, improve and copy its blueprint or software through the code application from a secured source.

PuTTY download also makes your connection strong enough to fight out the attackers in your server. It also functions as SSH client, Telnet, rlogin and a client for TCP protocol. SSH was meant to provide the high and most reliable security protocols to protect your connection from any kind of threats and attacks such as hacking, hijacking and eavesdropping.

On the contrary, Telnet is designed to provide a text-oriented and highly interactive communication capacity through the use of fundamental terminal association. Rlogin, which is also an order protocol, provides a limited security for your connection, thus making an account more vulnerable to attacks.

Use of SSH, Rlogin and Telnet makes easy multi-log in from several computer systems to another network of computers. Consequently, it is highly recommended to use secure shell or SSH as a security procedure particularly when browsing across an open and free internet. These protocols remotely run administration over a network of computer systems.

PuTTY features an easy interface which demonstrates easy navigation and application to your files. It enables the users to set up connection to local and remote systems on the internet and allows the users to automatically send a command and response. These commands are fundamental to private servers.

PuTTY download integrates multiple features including IPv6 support, store preferences, sustaining connection to local serial ports, secured settings and hosts for later retrieval, controls SSH port forwarding, SSH control encryption key as well as other protocol versions, 3DES supports, DES and Arcfour, SFTP and SCP supports etc. PuTTY follows xterm apps on VT102 and Mac OSX control sequences.

PuTTY is programmed and configured in such a way that it secures internet connection.PuTTY configuration includes different sections and panels such as logging panel, session panel, keyboard panel, window panel, features panel, behavior panel, selection panel, translation panel, collection panel, color panel, proxy panel, data panel, rlogin panel, SSH panel, key exchange panel, appearance panel, telnet panel, authentication panel, key exchange panel, X11 panel, TTY panel, bugs panel, serial penal and a file to store configuration.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

12 good reasons to be a lazy system administrator

12 good reasons to be a lazy system administrator

“A lazy systems administrator is a good systems administrator”                                                                                                                                                     

The job of a systems administrator is generally not visible to other IT services or end users. Most of the time, they look at systems administrators and wondering why they do not seem to do much. When you see a systems administrator who’s always running around in all directions, trying to extinguish the technical fire, constantly engaged with tech problems, you might think he works hard and is really his job.  When you see aSystem Administrator (UNIX / Linux, database, network), who apparently did not seem to tread a lot in the office, always seems relaxed and did not seem to have an activity visible, you can be sure he does his job.

Here are 12 reasons why a lazy system administrator the best systems administrator:

1. Who is the leader? : They do not see quite the machine like other computer services. There is a difference between developers and system administrators. Developers think they are there to serve the machines by writing code. There is nothing wrong with this approach because the developers take great pleasure in writing code. But system administrators think everything else. They believe instead that the machines are in service. All they have to do is feed the machine, make it happy and let the machine do all the hard work while they relax and laze. The first step to becoming a lazy system administrator may request a slight change in attitude: it is to know the machine you’re the boss.

2. Write scripts for recurring tasks:  Being lazy is to be smart. A smart system administrator has mastered all scripting languages ​​(bash, awk, sed, etc..). Whenever it is required to do a task, and there is a vague possibility that it may need to work even later, he wrote a script to do the job. So when he asked later to redo the same work, he will not have to think, it will simply run the script then return lazy.

3. Save All: Being lazy means save all. A lazy systems administrator knows to give a little time in creating the backup process, and then write backup scripts for all applications and all critical systems.  When something goes wrong with the saved data, disk scheduling, processing, he just needs to restore a backup to return to a peaceful position as it was before.

4. Plan a recovery:  System administrators do not like having to gesticulate in all directions in an emergency. When all goes well, they take a little time to create a plan for disaster recovery. When things go wrong, they can follow certain techniques & solve it quickly to return to a normal position.

5. Configure a system high redundancy:  Administrator do not like being woken up in the middle of the night because of a beast of system failure. They therefore ensure that peripherals are highly redundant. This includes both hardware and software: they have two brief configured network cards, dual power supplies, two hard drives, two of everything. Like that, if any of the equipment to fail, the system will still work and our lazy administrator can focus on repairing the faulty equipment after rising in the morning.

6. Leave room for unexpected growth: A lazy system administrator never allows the system to run at full speed. He always keeps the free space for the unexpected issues. He ensures that the system has enough CPU and disk space and RAM available. When the sales department decides to dump tons of data during the night, he did not need to think about how to handle this unexpected growth.

7. Be proactive: Being lazy does not mean that you just have to sit and twiddle your thumbs. It just means to be proactive. Therefore, they always anticipate difficulties and expansion. When they have free time available (and they have a lot), they keep a close eye on projects to manage future growth and avoid unanticipated problems befall.

8. Love the keyboard shortcuts: Lazy systems administrator knows all the shortcuts of all his favorite applications. If he spends significant time daily on an application, the first thing he does is to master the keyboard shortcuts for this application. He wants to spend as little time as possible on the application to achieve its purposes, and become lazy.

9. Skip to master the command line:  This applies to Linux system administrators, administrators, database, network administrators, etc. If you see an administrator launch a GUI while the same task can be done from the command line, then you identify that he is not a lazy system administrator. There are two reasons for systems administrators lazy love command lines. One, it can do things quickly from the command line. And secondly, it gives the impression that he is the boss and not the system. When you use the command line, you have control; you know exactly what you want to do.

10. Learning from mistakes: Administrators lazy systems like never to make the same mistakes twice. They hate working on unforeseen problems, but when they appear they work to fix it as soon as possible. Think about how it’s handled and controlled immediately by applying the necessary logics so that it does not happen again. Work on the same problem twice is considered a sin for a real lazy system administrator. He likes to work on the problem once, do whatever it takes to prevent the occurrence of the same error in the future, and return quietly lounging.

11. Is continuously forming new technologies: There is nothing wrong with learningnew technologies for a better job or just to maintain progress in the field. But a lazy system administrator does not learn new technologies for this reason, because he likes to keep control over the system permanently. He knows that he is the head and not the machine. Thus, when a new technology arrives, he takes the time to study it. Now it has new tools to deal with the system as it continues to laze. It’s laziness that is the main motivation for its formation.

12. Document everything:  You see, the lazy system administrator hates to be disturbed while he is on the beach enjoying his vacation. So what does he do? It documents everything, so that when he is not there than others can do the job base in place of him, and things do turn undisturbed during his vacation. There is another reason why the lazy system administrator documenting all because he forgets things. As lazy, you tend to forget what you did the previous month. A lazy system administrator does not like at all think twice on the same subject, so he documents everything and when he needs to do the same thing in the future, he will return to its documentation to understand what he had done earlier.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

How to check and monitor Tivoli Storage Manager (TSM) RecoveryLog health status

   The recovery log is critical to the operation of the Tivoli Storage Manager server. If the recovery log is unusable, the entire server is unavailable. With the recovery log available, and a restored backup image of the database, you can recover the database to its most current state. To ensure fast recovery time and high availability of the database, you should always mirror the recovery log. Mirroring the recovery log requires much less space than mirroring the database. Taking frequent database backups reduces recovery log storage requirements and the time required to recover the database.

     

Tivoli Storage Manager RecoveryLog

    1)     How to check the log mode? And how to change it?

You can check Q status. There you can find the mode.

You can change the mode using Set log mode roll forward

   2)     How to check the current recovery log information?

      Using this command you can check the current recovery log information Q log f=d

   3)     How to define a mirror copy of RECOVERY LOG?

Define logcopy  volumename  copyvolumename  formatsize=MB  wait=yes/no

   4)     How to check the % utilization of recovery log?

Using this command you can check the % utilization of recovery log Q log

   5)     How to check the number of log volumes?

 Using this command you can check the number of volumes Q logvol

   6)     What is recovery log pinning?

  The recovery log might appear to be out of space, when it is being pinned by an operation or combination of operations on the server. A pinned recovery log is where space in the recovery log cannot be reclaimed and used by current transactions because an existing transaction is processing slowly or is hung.

   7)     What will happen when recovery log is pinning?

When it is being pinned by an operation or combination of operations on the server. A pinned recovery log is where space in the recovery log cannot be reclaimed and used by current transactions because an existing transaction is processing slowly or is hung.

   8)     What are the actions we have to take when recovery log is pinning by any session or process?

If the recovery log is pinned, repeatedly issue the SHOW LOGPINNED command over many minutes. If this reports the same client session or server processes as pinning the recovery log, you might take action to cancel or terminate that operation in order to keep the recovery log from running out of space. To cancel or terminate a session or process that is pinning the recovery log, issue the SHOW LOGPINNED CANCEL command

   9)     Recovery log utilization reached 90% and above, what are the actions you have to take to avoid TSM SERVER Crash?

First issue the SHOW LOGPIN Command, then cancels the pinning session. If it is less than 13 GB, Then we can  extend the log volume. 

   10)   How to find out the RECOVERY LOG VOLUMES Location?

Using this command, you can find out the recovery log volumes Q logvol f=d

   11)   How to format a LOG VOLUME from OS PROMPT?

You can create volume for log in OS level

C:\Program files\Tivoli\TSM\Console\dsmfmt –log c:\ven\log.dsm   512

 Then you can extend log in server mode.

C:\Program files\Tivoli\TSM\Server\dsmserv extend log c:\ven\log.dsm 512   

   12)   How to EXTEND the LOG from OS PROMPT?

You can extend log in server mode.

C:\Program files\Tivoli\TSM\Server\dsmserv extend log c:\ven\log.dsm 512 

   13)   How to define space trigger for LOG?

TSM prepares an additional space when predetermined thresholds have been exceeded in the recovery log. 

Define spacetrigger LogFullpct=80 spaceexpansion=20   Expansionprefix=c: \TSMServer mirrorprefixs=”F:\mirror1, G:\mirror2” Maximumsize=megabytes STGPOOL=storagepoolname  

          Tivoli Storage Manager uses to create recovery log copy volumes. Then Increase the size of the LOG using “EXTEND” command.

   14)   What is the use of SHOW LOGPIN command?

It will show the which client session or server processes is pinning the recovery log

   15)   How to check the Current LOG Transaction related information?

Q log f=d

Related commands:

Define logcopy

Define logvolume

Extend log

Reduce log

Reset log maxutilization

   16)   How to delete a LOG VOLUME? 

Delete logvol volumename

   17)   What is the MAX size of RECOVERY LOG ?

   The maximum size of recovery log is 13 GB in TSM 5.5 and 128GB in TSM 6.X versions.

   18)   In which LOG mode, we cannot extend the LOG?

   In normal mode, we cannot extend the log.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]