 |
| From 16th December'08 |
Its my first post in the flickr site... I am trying to learn photography... & its one of them. I shot it on the way to Rahimabad near Narshingdi. The way is too much nice & pleasant for photo shooting I think. On the way one could get river, natural environment & the taste of village life or rural life...
AUM BHOOR BHUWAH SWAHA,
TAT SAVITUR VARENYAM
BHARGO DEVASAYA DHEEMAHI
DHIYO YO NAHA PRACHODAYAT.
Gayatri Mantra (the mother of the vedas), the foremost mantra in hinduism and hindu beliefs, inspires wisdom. Its meaning is that "May the Almighty God illuminate our intellect to lead us along the righteous path". The mantra is also a prayer to the "giver of light and life" - the sun (savitur).
Oh God! Thou art the Giver of Life,
Remover of pain and sorrow,
The Bestower of happiness,
Oh! Creator of the Universe,
May we receive thy supreme sin-destroying light,
May Thou guide our intellect in the right direction.
Aum = Brahma ;
bhoor = embodiment of vital spiritual energy(pran) ;
bhuwah = destroyer of sufferings ;
swaha = embodiment of happiness ;
tat = that ;
savitur = bright like sun ;
varenyam = best choicest ;
bhargo = destroyer of sins ;
devasya = divine ;
these first nine words describe the glory of God
dheemahi = may imbibe ; pertains to meditation
dhiyo = intellect ;
yo = who ;
naha = our ;
prachodayat = may inspire!
"dhiyo yo na prachodayat" is a prayer to God
Hence the Gayatri is unique in that it embodies the three concepts of stotra (singing the praise and glory of God), dhyaana (meditation) and praarthana (prayer).
Change SSH listening port
By default, SSH listens for connections on port 22. For security reason person can change the port for listening. Then other person connecting from the network have to specify the port number otherwise connection will be refused.
Open the /etc/ssh/sshd_config file and look for the line that says:
Port 22
Change the port number and restart the SSH service:
/etc/init.d/ssh restart
Suppose new port number is 222. Then only those person can connect to my PC who knows my new PORT number. Then person have to specify the port number while connecting via SSH
mishu@mishu:~$ ssh [email protected]
ssh: connect to host 192.168.6.9 port 22: Connection refused // as I made change in the listening port.
mishu@mishu:~$ ssh -p 222 [email protected]
[email protected]'s password: // when particular port number is given then it gives the password prompt.
Allow only SSH protocol 2
There are two versions of the SSH protocol. Using SSH protocol 2 only is much more secure.
Edit /etc/ssh/sshd_config and look for the line that says:
Protocol 2,1
Change the line so it says only protocol 2.
SSH with graphical interface
If any one is willing to access the remote PC with graphical interface then user have to use a switch -Y.
command is like this
picklu@picklu:~$ ssh -Y mishu@mishu
Allow only specific users to log in via SSH
User should not permit root logins via SSH, because this is a big and unnecessary security risk. Configure SSH server so that root user is not allowed to log in. Find the line that says:
PermitRootLogin yes
Change yes to no and restart the service. You can then log in with any other defined user and switch to user root if you want to become a superuser.
If you would like to have a list of users who are the only ones able to log in via SSH, it can also be specified in the sshd_config file. For example, let's say I want to allow users mishu, and rumee to log in via SSH. At the end of sshd_config file I would add a line like this:
AllowUsers mishu rumee
Using DSA/RSA public key authentication
Instead of using login names and passwords for SSH authentication, user can use DSA/RSA public keys for authentication. Note that user can have both login names and DSA/RSA public key authentication enabled at the same time. User need a pair of DSA/RSA keys -- one public and one private. User keep the private key on your machine and copy the public key to the server or other machine where s/he wants to login. When user wants to log in to an SSH session, the server checks the keys, and if they match, you are dropped into the shell. If the keys don't match, you are disconnected.
In this example the private machine (from which I will connect to the server/other machine) is station1 and the server machine is server1. Procedure is following:
First I need to create a pair of keys on my private machine.
picklu@picklu:~$ ssh-keygen -t rsa
There will be prompted for a pass-phrase for your private key, but it can be blank because this is not a recommended method. A key pair is generated: private key is located in ~/.ssh/id_rsa and your public key is located in .ssh/id_rsa.pub.
Next, copy the contents of ~/.ssh/id_rsa.pub to server1 into the ~/.ssh/authorized_keys file.
If the file ~/.ssh/authorized_keys already exists, append the contents of the file ~/.ssh/id_rsa.pub to the file ~/.ssh/authorized_keys on server1 by following command.
cat id_rsa.pub >> .ssh/authorized_keys
The only thing left to do is to set the correct permissions of ~/.ssh/authorized_keys file on server1:
~$ chmod 600 ~/.ssh/authorized_keys
Now, configure the sshd_conf file to use the DSA/RSA keys authentication. Make sure you have the following three lines uncommented:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
Restart the service. If everything configured correctly, user should now be able to SSH to the server without any interaction.
If you would like to use DSA/RSA authentication only, make sure you uncomment and change the PasswordAuthentication line in sshd_config from yes to no:
PasswordAuthentication no
If anyone tries to connect to your SSH service and doesn't have a public key on the server, he will be rejected without even seeing the login prompt with this error:
Permission denied (publickey).
N. B. If .ssh or its parent directory is group writable then this will not work.
Create a custom SSH banner
If you would like any user who connects to your SSH service to see a specific message, you can create a custom SSH banner. Simply create a text file (in my example in /etc/ssh-banner.txt) and put any kind of text message in it; for example:
*****************************************************************
*This is a private SSH service. You are not supposed to be here.*
*Please leave immediately. *
*****************************************************************
When done editing, save the file. In the sshd_conf file, find a line that says:
#Banner /etc/issue.net
Uncomment the line and change the path to your custom SSH banner text file.
In computing, a shebang (also called a hashbang, hashpling, or pound bang) refers to the characters "#!" when they are the first two characters in a script file. Unix-like operating systems take the presence of these two characters as an indication that the file is indeed a script, and attempt to execute that script using the interpreter specified by the rest of the first line in the file. For instance, Bourne shell scripts always start with the first line:
#!/bin/sh
More precisely, a shebang line consists of a number sign and an exclamation point character ("#!"), followed by the (full) path to the interpreter program that will provide the interpretation. The shebang is looked for and used when a script is invoked directly (as with a regular executable), and largely to the end of making scripts look and act similarly to regular executables, to the operating system and to the user.
Some typical interpreters for shebang lines:
#!/bin/bash — Execute using the Bourne-again shell#!/bin/bash -c '/bin/bash' — Execute using bash in the /bin/ directory, and calls bash inside the /bin/#!/bin/csh — Execute using csh, the C shell#!/bin/ksh — Execute using the Korn shell
Sometimes its better to use rsync then scp command for copying file from remote machine where bandwidth is one of the issue. You can specify the bandwidth usage in the rsync but this facility is not available in scp.
command format:
rsync [OPTION]... --bwlimit=XX [USER@]HOST:SRC DEST
-v, –verbose increase verbosity
-a, –archive archive mode; same as -rlptgoD (no -H, -A)
-u, –update skip files that are newer on the receiver
-r, –recursive recurse into directories
-e ssh = specify the remote shell to use
--bwlimit=KBPS limit I/O bandwidth; KBytes per second
e.g.: rsync -av --bwlimit=XX -e ssh user@host:/path_of_the_SRC_file /path_where_it_will_stored
Some times you will find error like
ld.so.1: rsync: fatal: libgcc_s.so.1: open failed: No such file or directory
i.e. no libgcc found on /usr/local/lib and rsync always look for libgcc_s.so.1 on /usr/local/lib
Then simply make a soft link
ln -s /usr/sfw/lib/libgcc_s.so.1 /usr/local/lib/libgcc_s.so.1 [on Sun host only]
There are two kinds of port forwarding: local and remote forwarding. They are also called outgoing and incoming tunnels, respectively. Local port forwarding forwards traffic coming to a local port to a specified remote port.
For example, if you issue the command
ssh2 -L 1234:localhost:23 username@host
all traffic coming to port 1234 on the client will be forwarded to port 23 on the server (host). Note that localhost will be resolved by the sshdserver after the connection is established. In this case localhost therefore refers to the server (host) itself.
Remote port forwarding does the opposite: it forwards traffic coming to a remote port to a specified local port.
For example, if you issue the command
ssh2 -R 1234:localhost:23 username@host
all traffic which comes to port 1234 on the server (host) will be forwarded to port 23 on the client (localhost).
It is important to realize that if you have three hosts, client, sshdserver, and appserver, and you forward the traffic coming to the client's port x to the appserver's port y, only the connection between the client and sshdserver will be secured. See Figure Forwarding to a third host. The command you use would be something like the following:
ssh2 -L x:appserver:y username@sshdserver
GnomeBaker Features
Create data CDs.
Blank RW disks.
Burn DVDs.
Copy data CDs.
Copy audio CDs.
Support multisession burning.
Record to and burn from existing CD ISO images.
Can burn via SCSI and ATAPI on Linux kernels 2.4 and 2.6. Basically if cdrecord works, then GnomeBaker will work.
Drag and drop to create data CDs (including drag and drop to/from the Nautilus file manager).
Create audio CDs from existing WAV, MP3, FLAC, and Ogg files.
Integrate with GConf for storage of application settings.
Install GnomeBaker in Ubuntu
sudo aptitude install gnomebaker
This will complete the installation.
telnet IP_address port_number
Then you can see the following message if everything is OK.
Trying IP_address...
Connected to IP_address.
Escape character is '^]'
If we press the Escape character then we will get a promt screen to execute command in that box.
press Ctrl+d to exit.
To change a user shell
chsh -s /bin/bash
you are login with user picklu and now a you want to run a GUI package with user mishu and the GUI fails. There are two ways to solve this issue:
1. cd /home/picklu
cp .Xauthority /home/mishu
OR
2. xhost +x
export DISPLAY=:0.0
then run the package. Then you can get the GUI interface of the installer.
If user is willing to work with sudo command without password then some change is needes in /etc/sudoers file.
# User privilege specification
root ALL=(ALL) ALL
picklu ALL=(ALL) NOPASSWD:ALL //this line is added for picklu user
For printing from ubuntu we need the following packages. Usually it is given in latest ubuntu.
cupsys foomatic-filters-ppds smbclient
After installing them by apt-get install we need some configuration change.
If this /etc/cups/supsd.conf exists then need to change the following line
Listen
And put entry Allow all in the following section of the /etc/cups/cupsd.conf file
Restrict access to the server
Restrict access to the Admin page
Restrict access to the configuration file
Now restart your cups server by executing /etc/init.d/cups start
Open your browser and type
http://localhost or IP :631
You will now find a web utility and provide the correct info there and you are done.
N.B. During configuration you must select the option “Windows printer by samba”
To see which port is listening... in Solaris.
netstat -f inet -an|grep LISTEN
For installing .deb package we need to use dpkg. which is a tool to install, build, remove and manage packages. dpkg itself is controlled entirely via command line parameters. For example -i use to install .deb file.
Command for installing any package ist
cd /to that directory where the package is
sudo dpkg -i package_name.deb
My vivo laptop (VGN-FZ41E) was having problem in sound only in the jack (head phone). Built in speaker sound was fine but in the jack there is no sound. Thats why I need to install alsa in my ubuntu 8.04.
Dependencies:
libncurses5 libncurses5-dev
gettext ja-trans
Required Src:
alsa-lib-1.0.xx alsa-utils-1.0.xx alsa-driver-1.0.xx
Installation Instruction:
First compile alsa-lib
Then alsa-utils
And lastly alsa-driver
thats and finally run alsaconf to install the drive.
Then it may be needed to make reboot the box. After that if this occurs again then may be needed to run alsaconf again.
***One thing I also add a line (options snd-hda-intel model=vaio) at the last of /etc/modprobe.d/alsa-base file.***
While compiling in ubuntu there may be error telling
checking for gcc... gcc
checking for C compiler default output file name... configure: error: C compiler cannot create executables
See `config.log' for more details.
The solution is installing the libc6-dev
#apt-get install libc6-dev
Sometimes it is nessecary to copy somethings directly from another host without logging in then the folllowing command is very usefull...
$ scp:
It some time important to see the number line in vi editor. Then for current session setting the need to write the following command
:set nu
For permanent setting up the number line we need to write following command
echo "set nu" >> .vimrc
Basically ntpdate command synchronize the clock with specified ntp server. To synchronize the clock with ntp server all the time when you start your machine do the followings.
First Create a file named setdate with any editor and write the following line in the file
#!/bin/bash
case "$1" in
start)
ntpdate sol(ntp server)
;;
stop)
;;
esac
exit 0
copy the file(setdate) by the following command to the location /etc/init.d/
# cp setdate /etc/init.d/setdate
# chmod 751 /etc/init.d/setdate
Now create startup scripts to sync the time during system boot.
# update-rc.d setdate defaults
Also run tzselect to define time change(super user/normal user), Change timezone in /etc/timezone file and put the following line in /etc/bash.bashrc file, user's .bashrc' and .bash_profile file which user you want to get syncronized
TZ='Asia/Dhaka'; export TZ;
Reboot your machine to get effects.
Download: First download the source of the apache from its original site "http://archive.apache.org/dist/httpd/". Here all versions are archived choose which version you want to install.
Extract: If that file is in .tar.gz format. In Solaris you have to first unzip that file
$ tar xvzf httpd-NN.tar
$ cd httpd-NN
NN is the version number of apache
Configure: ./configure --prefix=/usr/local/apache2 --enable-so --enable-mods-shared=all --enable-ssl --enable-proxy=shared
--prefix=/usr/local/apache2 in this location apache will be installed.
--enable-so Enable DSO capability provided by mod_so. (modularizing the apache)
--enable-mods-shared=all all modules are shared.
--enable-ssl Enable support for SSL/TLS provided by mod_ssl.
--enable-proxy=shared The proxy module will be build as DSO module.
In my case while configuring the apache I fall in the problem about gcc compiler. I have to add the path of the gcc compiler (/usr/sfw/bin) in my .profile file which determines my environment.
In ubuntu 9.04 I need to install g++, zlib1b, zlib1b-dev & libssl-dev for error free compilation.
Compile: $ make
Normally make command will not execute in the shell we have to find the file executes the make command that path (/usr/ccs/bin) should be added in the .profile file also.
Install: switch to root user & then make install
Customize: # vi PREFIX/conf/httpd.conf
after that checking the syntax of the httpd.conf file is necessary.
To me main thing in the apache is configuring the httpd.conf file.
for checking we have to execute the following command
$ PREFIX/apache/bin/httpd -t
Test:
starting the apache become the root user (as apache is listening in the 80 port) & then run the following command
# PREFIX/apache/bin/apachectl -k start
For checking whether apache is running or not netstat -f inet -an | grep 80 or netstat -an|grep -i lis|grep 80 (in ubuntu) & noticed that *.80 is LISTEN
after that in the browser write http://localhost/ then we can see the index file from htdocs
folder or which is default file written in the configuration file of the apache.
# PREFIX/apache/bin/apachectl -k stop //stopping the apache.
To change the hostname on a Solaris system:
1. Change the hostname in /etc/nodename.Replace the information in this file; commenting out the previous value will cause problems during a reboot.
2. Change the hostname in /etc/hostname.network_interface (e.g., /etc/hostname.hme0). Replace the information in this file; commenting out the previous value will cause problems during a reboot.
3. Change the hostname in /etc/hosts
4. Change the hostname in /etc/inet/ipnodes (Solaris 10 or later)
After that reboot the BOX then new host name will take effect.
chmod command is used to the change a file's permissions. Only the user who
owns the file can change the permissions of a file (the root user can also do it).
chmod [-R] operation files
chmod 777add rwx permission for owner,group&others [numeric method]
chmod u+rwx g-wadd rwx permission to owner& remove w of group of file [symbolic]
chmod -R a-x /tmp turn off x permissions,for all users,for all files in the /tmp.
kill sends a signal to processes, causing them to terminate
or otherwise
act upon receiving the signal in some way.
kill -1 PID reboot the process
kill -9 PID terminate the process
kill allstop all the daemon of that process
pkillterminate the respective process daemon
id prints information about the given user
id picklu //print information about user(including uid, gid, groups, etc)
whoami //prints the user name associated with the current effective user ID.
groups //prints the names of the primary and any supplementary groups for each
fingers //displays information about the system users
who //show who is logged on
who -a show all users log on to the system in different terminal.
su allows one user to temporarily become another user
su become root user
su - become root user with all the all the environment
su -change to supplied user
df df' reports the amount of disk space used and available on file systems.
options df -hT /home
-h print sizes in human readable format (e.g., 1K 234M 2G)
-T print file system type
du Summarize disk usage of each FILE, recursively for directories
i.e.estimate file space usage.
options du -sh /home
s display only a total for each argument
head output the first part of files [usually first 10 lines]
we can use option such as we want to watch first 15 lines
head -15
tail output the last part of files[usually last 10 lines]
we also can use same options as in head
cat concatenate files and print on the standard output [top - bottom]
tac concatenate and print files in reverse [bottom – top]
nl display the content of file with line number
