Archive for category linux

when openssh will kick out idle users ?

when reading CIS security baseline. it mentions following lines:

Having no timeout value associated with a connection could allow an unauthorized user access to another user’s ssh session (e.g. user walks away from their computer and doesn’t lock the screen). Setting a timeout value at least reduces the risk of this happening..
While the recommended setting is 300 seconds (5 minutes), set this timeout value based on site policy. The recommended setting for ClientAliveCountMax is 0. In this case, the client session will be terminated after 5 minutes of idle time and no keepalive messages will be sent.

Review our settings:
ClientAliveInterval 300
ClientAliveCountMax 1

According to man sshd_config
If ClientAliveInterval (see below) is set to 15, and ClientAliveCountMax is left at the default, unresponsive SSH clients will be disconnected after approximately 45 seconds. This option applies to protocol version 2 only.

Interesting thing is: you won’t be kicked out after 45s if you set as above with Protocol 2.

From my test: the timeout will ONLY work when you set ClientAliveCountMax to 0. and idle time set to what you want kick out the user.

1 Comment

Migrate existing hadoop to CDH

Don’t need to sell CDH’s benefits. you should know it before want to migrate 🙂

Very Important, The following has been tested in my lab, all goes fine. can’t grantee if also works for you.
I migrate from Apache Hadoop 2.2 to CDH 5.3 or 5.4 all works.

## Backup namenode
# cd /mnt/hadoop/hdfs/name
# tar -cvf /root/nn_backup_data.tar .


## Install CDH WITHOUT create any service.
Read the rest of this entry »

No Comments

Ubuntu tips: grub rescue and apparmor

Installed Ubuntu on Old laptop for testing new thing like Docker. met 2 issue.

Issue 1. Update the disk partition table caused the grub confused.
I have 4 slice of my harddisk, /dev/sda1 for Windows. /dev/sda5 for windows 2nd partition. /dev/sda6 for Ubuntu./dev/sda7 for Ubuntu swap.
when I need more space for linux, I remove /dev/sda5. then /dev/sda6 become /dev/sda5 …. that confused grub. because grub still hold the record /dev/sda6 is the linux partition.

Fix: grub rescue>ls
grub rescue>set
Read the rest of this entry »


No Comments

syslog simple notes

configure the syslog send to central log server

For historical reasons, the key, not a simple blank space, is used to define white space between the selector on the left side of the line and the action on the right side. Throughout the Log Analysis configuration documents, we’ve used the to remind you of this — but of course, when you look at the file, you’ll only see white space.

# Solaris
# Linux

# Bounce syslog
Read the rest of this entry »

No Comments

ssh: access denied for user

Jun 20 03:18:04 localhost sshd[512]: Failed password for iamid from 10.x.x.1 port 44241 ssh2
Jun 20 03:18:04 localhost sshd[513]: fatal: Access denied for user iamid by PAM account configuration

check /var/log/secure, got above messages.

tips to troubleshooting:

1. /etc/nologin exists or not, if exists, remove it.
2. /etc/security/access.conf, whether your group/user exists in allow list.

if still have issue, turn on DEBUG for sshd.


No Comments

ssh_exchange_identification: Connection closed by remote host

What’s wrong with the server ?

debug1: identity file /export/home/intprd/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host
Connection closed

if your sshd is busy, you may consider to increase the MaxStartups 10 -> MaxStartups 100, change the value according to your request.

more details you can get by turn debug on for sshd server LogLevel DEBUG

If you got error msg like following from messages/secure logs.
May 30 02:49:14 localhost sshd[19458]: [ID 800047 auth.debug] debug1: drop connection #10
May 30 02:49:15 localhost sshd[19458]: [ID 800047 auth.debug] debug1: drop connection #10

which means you reach MaxStartups 10 now.

No Comments

(Solved) sftp: Received message too long

when you connect by ssh. it works fine. but doesn’t work with sftp ?

check your ~user/.bashrc or ~user/.profile or ~user/.cshrc anything related with your environment.

remove the echo from above files.

addons: check free memory on Solaris without top
vmstat 1 2 | tail -1 | awk '{printf "%d%s\n", ($5*4)/1024, "MB" }'

No Comments

(resolved)sqlplus issue need set oracle_home

bash-3.2$ rpm -qa|grep oracle

bash-3.2$ sqlplus
Error 6 initializing SQL*Plus
Message file sp1.msb not found
SP2-0750: You may need to set ORACLE_HOME to your Oracle software directory

bash-3.2$ export ORACLE_HOME=/usr/lib/oracle/
bash-3.2$ /usr/lib/oracle/ erer/pass@IP:1526/SPAPA1P

SQL*Plus: Release – Production on Sat Sep 22 04:33:02 2012

No Comments

Grub2: fix dual boot issue

Trying boot from livecd to fix the dual boot issue.
ubuntu@ubuntu:~$ sudo grub-install /dev/sda
/usr/sbin/grub-probe: error: cannot find a device for /boot/grub (is /dev mounted?).

set the /boot/grub path
root@ubuntu:~# mkdir /a; mount /dev/sda1 /a # sda1 is the root you installed linux
root@ubuntu:~# grub-install /dev/sda –boot-directory=/a/boot/grub
Installation finished. No error reported.


No Comments

System Management: Soft collection

Pulp vs Spacewalk

Puppet vs Chef vs Cfengine

No Comments