Top 10 useful Linux commands – for your first Linux job interview

  1. How to check Linux Kernel version of a system?

[root@localhost /]# uname
Linux

-a = all

-v = version

-r = release

[root@localhost /]# uname -a
Linux localhost.localdomain 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost /]# uname -v
#1 SMP Wed Mar 21 18:14:51 EDT 2018
[root@localhost /]# uname -r
3.10.0-862.el7.x86_64

 

2. How to check your system’s current IP address?

Old method – “ifconfig

2-1 ifconfig

New method – “if addr show‘ or “if addr

2-1 ip addr show

 

3. How to check for free disk space?

df = disk free

-ah = all + human readable

so, use “df -ah

3. df -ah

 

4. How to manage services on a system?

Old method: service [service_name] status

New method: systemctl status [service_name]

sshd status example shown below:

service sshd status

4-1 service sshd status

systemctl status sshd

4-2 systemctl status sshd

 

5. How to check the size of a directory’s contents on disk?

du = disk use

-sh = short

so, use “du -sh [directory_path]

5 du -sh

*note: if you use ‘du var’ without -sh handle, it will display all files in that directory.

 

6. How to check open ports on a Linux server?

netstat = lists all ports, could be too much information, so have to trim it down.

6 netstat

 

nestat -tulpn

-t = TCP, -u = UDP, -l = Listening, -p = program, -n = numeric

 

6 netstat -tulpn

*note: ‘netstat -tupln’ has to run with a privilege to display the programs.

 

7. How to check CPU usage of a given process?

ps aux | grep [service_name]

top = shows top processes utilised, updates every 5 seconds.

 

ps aux | grep sshd

7-1 ps aux grep sshd

top

7-2 top

*You can also install ‘htop’ and see more graphical based process utilisation.

 

8. How to mount a new volume? Mounting a device.

ls /mnt = devices are usually mounted under root directory called ‘mnt’

mount /dev/sda2 /mnt = mount sda2 device to mnt mounting point

mount = list all mounted devices

To check what devices got mounted on boot-up, use ‘less /etc/fstab’

 

9. Finding out something you don’t know?

Use ‘man‘ pages.

[command] –help

 

10. What do you do when you cannot find an answer in a man page?

Search using Google, stack overflow, etc. on the internet.

https://www.google.com/

https://stackoverflow.com/

 

 

Advertisements

4. Install and configure NTP server in Red Hat/Centos 7.5 Linux

NTP (Network Time Protocol) is a protocol which runs over UDP port 123. NTP synchronise clients’ time and date with a master server. Within Enterprise Networking environment, to provide a reliable time service, an NTP server should have a minimum NTP stratum of 5 or less.

Step 1: Install and configure NTP daemon

sudo yum install ntp

 

Step 2: Check and adjust time zone

  1. timedatectl
  2. timedatectl list-timezones <<<to list and find time zones
  3. timedatectl set-timezone Australia/Sydney

Step 3: Enable and start ntpd service

sudo systemctl enable ntpd

sudo systemctl start ntpd

 

Step 4: Check basic NTP functionality

ntpstat

date

ntpq –p

 

Step 5: Check NTP configuration under /etc/ntp.conf

more /etc/ntp.conf

3. Install and configure TFTP server in Red Hat/Centos 7.5 Linux

Step 1: Install, enable and start firewalld

sudo yum install firewalld

sudo systemctl enable firewalld <<<starts up firewall when system boots up

sudo systemctl start firewalld

 

Step 2: Punch a hole in firewalld to allow TFTP traffic.

 

firewall-cmd –permanent –zone=public –add-service=tftp

firewall-cmd –reload

iptables -I INPUT -p udp –dport 69 -j ACCEPT

 

Step 3: Install, enable and start TFTP server and client

sudo yum install xinetd tftp-server tftp

sudo systemctl enable xinetd tftp <<<starts up automatically on system boot-up

sudo systemctl start xinetd tftp

 

Step 4: We don’t want TFTP user to have root user permission. So let’s create a system account called tftpuser with no home directory and no login capability.

sudo useradd –no-create-home –s /sbin/nologin tftpuser

 

Step 4: Create a directory for TFTP Server use.

sudo mkdir –p /tftpdata

sudo chmod 777 /tftpdata

nano /tftpdata/demo1.txt

chown tftpuser:tftpuser –R /tftpdata

 

 

Step 5: Configure TFTP service using the following settings.

 

nano /etc/xinetd.d/tftp

222

Server_args notes:

-c = allows clients to connect and create files on the directory

-s = automatically change directory when client connect to TFTP server, to a specific directory in the configure file such as /tftpdata. A security feature.

-u = specifies the user as the owner of the directory /tftpdata

-p = Perform no additional permissions check

-U = Set-up Umask setting when client creates or pushes a new file

-v = Print some logging verbose when client connect to TFTP server.

 

Step 6: Edit file system start service for TFTP. Update [Service] > ‘ExecStart’line as below:

sudo nano /usr/lib/systemd/system/tftp.service

 

 

[Unit]

Description=Tftp Server

Requires=tftp.socket

Documentation=man:in.tftpd

 

[Service]

ExecStart=/usr/sbin/in.tftpd -c -v -u tftp -p -U 117 -s /tftpdata

StandardInput=socket

 

[Install]

Also=tftp.socket

 

Step 7: Reload the system daemon & TFTP services

 

sudo systemctl daemon-reload

sudo systemctl start xinetd

sudo systemctl enable xinetd

sudo systemctl start tftp

sudo systemctl enable tftp

 

 

Step 8: Check UDP port 69 is in listening mode

https://www.tecmint.com/20-netstat-commands-for-linux-network-management/

 

netstat -na | grep udp6

111

 

Use ‘netstat –lu’ for all UDP listening ports/services

222

Use ‘netstat –ap | grep tftp’ to check the service.

333

 

Check that firewall is allowing udp port 69.

netstat -tupan

netstat –tupan | grep 69

111

 

Step 9: Check connection and download a demo.txt file. Using another server/router/switch. Download a demo.txt from TFTP server.

 

  1. On TFTP server (192.168.47.135), create demo.txt file under tftpdata directory.

 

nano /tftpdata/demo.txt

222

 

  1. On another Linux host (IP: 192.168.47.131), download demo.txt file.

 

tftp 192.168.47.135

get demo.txt

 

333

 

Now verification has been completed and you have a working TFTP server.

2. Install and configure SFTP server in Red Hat/Centos 7.5 Linux

Step 1: Create a SFTP user with password

sudo adduser sftpuser

sudo passwd password

 

Step 2: Create Directory for File Transfer

 

  1. sudo mkdir –p /var/sftp/sftpdata

 

[root@localhost /]# find . -name “sftpdata”

find: ‘./run/user/1000/gvfs’: Permission denied

./var/sftp/sftpdata

 

  1. Make the root user as the owner of this directory.

sudo chown root:root /var/sftp

 

  1. Grant write permission to the root user and read permission to other users.

sudo chmod 755 /var/sftp

 

  1. Modify the owner of sftpdata to be the user access.

sudo chown sftpdata:sftpdata /var/sftp/sftpdata

 

Step 3: Restrict Directory Access

 

  1. open sshd_config file

 

sudo nano /etc/ssh/sshd_config

 

  1. Add the following to the end of the file.

Match User sftpuser

ForceCommand internal-sftp

PasswordAuthentication yes

ChrootDirectory /var/sftp

PermitTunnel no

AllowAgentForwarding no

AllowTcpForwarding no

X11Forwarding no

 

  1. Restart sshd to apply change

sudo systemctl restart sshd

 

Step 4: Verification via SSH connection

 

ssh sftpuser@192.168.47.135

 

The SSH connection gets closed as expected.

333

 

sftp sftpuser@192.168.47.135

You can connect via sftp and now download and manage files as below.

111

Now the ssh access has been restricted successfully and the sftpuser can only upload and manage his/her file via SFTP only.

1. Install and configure FTP server in Red Hat/Centos 7.5 Linux

Step 1: Install vsftpd (very secure FTP daemon) package.

yum install -y vsftpd ftp

 

Step 2: Enable FTP on firewall

firewall-cmd –permanent –zone=public –add-service=ftp
firewall-cmd –reload

 

Step 3: to automatically start FTP Server when server powers on.

  1. enable vsftpd service.

systemctl enable vsftpd.service

2. Checking the status of ftp server

systemctl status vsftpd.service

 

Step 4: Configure vsftpd package. Edit /etc/vsftpd/vsftpd.conf

nano /etc/vsftpd/vsftpd.conf

 

  1. Change the line which contain anonymous_enable=NO to anonymous_enable=YES. This will give permit any one to access FTP server with authentication. If this setting is changed to ‘NO’, then users must use their login and password to access files from their home directory. [Note: For our use, I am keeping this setting as YES, so each user has to log in access their own files]
  2. local_enable=YES
    c. write_enable=YES
  3. Add the following to the end of the file.

#ADDED BY BC

allow_writeable_chroot=YES

pasv_enable=Yes

pasv_min_port=40000

pasv_max_port=40100

 

Step 5: Start FTP Server
systemctl start vsftpd.service

 

Step 6: Verification. Create a file under ‘var/ftp/pub’. Use a web browser to access the file.

[root@localhost /]# find . -name “pub”

find: ‘./run/user/1000/gvfs’: Permission denied

./var/ftp/pub

[root@localhost /]# cd var/ftp/pub

[root@localhost pub]# nano ftppubfile1.txt

 

If anonymous_enable=YES, ./var/ftp/pub Directory will be used.

111

If anonymous_enable=NO, users have to login with their credentials to access files.

222

Python: Installing netmiko (paramiko) on Windows 10 PC for automation

In order to write a script and automate your infra devices via ssh/telnet, python uses paramiko. In Linux/MAC OS environment, it is easy to install or this module is already included as a package. For windows, the module installation process is more cumbersome. I have come a few articles on Google attempting to do this but the examples given were clear as mud. Here is a precise steps for the installation and also some troubleshooting URLs referenced for your convenience. 🙂

1. Install Python (https://www.python.org/downloads/https://www.python.org/downloads/)

2. Install Anaconda. (https://store.continuum.io/cshop/anaconda/https://store.continuum.io/cshop/anaconda/)

3. From the Anaconda Prompt (Shell), run “conda install paramiko”.

4. From the Anaconda Prompt (Shell), run “pip install scp”.

5. Install git for Windows. (https://www.git-scm.com/downloadshttps://www.git-scm.com/downloads)

6. From Git Bash window. Clone netmiko with “git clone https://github.com/ktbyers/netmiko&#8221;

7.From Git Bash window. Unable to install Netmiko in windows after it cloned. define the path for python.

bchoi@AUD-4D1KYF2 MINGW32 /h/netmiko (develop)

$ export PATH=$PATH:/C/Users/bchoi/AppData/Local/Programs/Python/Python36-32

8. cd into the netmiko directory and run “python setup.py install”.

bchoi@AUD-4D1KYF2 MINGW32 /h/netmiko (develop)

$ python setup.py install

End result: You can now use parmiko on your windows PC!

paramiko OK

Tip1: To display Windows 10 Roaming folder

https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_files-insiderplat_pc/windows-10-roaming-folder/6c99ffdc-90d5-4d1d-8ab1-b4f448ecc8ee?auth=1https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_files-insiderplat_pc/windows-10-roaming-folder/6c99ffdc-90d5-4d1d-8ab1-b4f448ecc8ee?auth=1

Unable to install Netmiko in windows after it cloned:

https://stackoverflow.com/questions/47726184/unable-to-install-netmiko-in-windows-after-it-clonedhttps://stackoverflow.com/questions/47726184/unable-to-install-netmiko-in-windows-after-it-cloned

 

VMware Virtual Machine Files

The following files are existing files before a virtual machine powers on. Once the virtual machine powers on initially, another five files are created.

VMware VM before power on files

vmname.vmx = This is the primary configuration file, which stores settings chosen in the New Virtual Machine Wizard or virtual machine settings editor. [Virtual Machine, size=small, KB]
vmname.nvram = This is the file that stores the state of the virtual machine’s BIOS. [Non-volatile memory file, size=small, KB]
vmname.vmdk = This is a virtual disk file, which stores the contents of the virtual machine’s hard disk drive. [Virtual Disk, size = allocated disk size, large]
vmware.log = This is the file that keeps a log of key VMware ESXi activity. This file can be useful in troubleshooting if you encounter problems. This file is stored in the directory that holds the configuration (.vmx) file of the virtual machine. [virtual Machine log file, size = 279.25KB]
vmname.vmsd = File, contains line entries which define the relationships between snapshots as well as the child disks for each snapshot.
vmname.vmxf = File, This is a supplemental configuration file for virtual machines that are in a team. Note that the .vmxf file remains if a virtual machine is removed from the team.

 

The following screenshot is the new files created immediately after a VM’s initial  power-on.

VMware VM initial power on files

On initial Virtual Machine power on,the following files are created:

vmware-1.log = Virtual Machine log file, size = 279.25KB
vmname-Ref#.vswp = Virtual Swap file
vmname.vmx~ = File
vmx-hostname-Ref#-1.vswp = Virtual Swap file, size = Big
vmname.vmx.lck = VM Lock file

 

 

Ref: What Files Make Up a Virtual Machine 

https://www.vmware.com/support/ws55/doc/ws_learning_files_in_a_vm.html