Linux: How to remove directory / folder background color in terminal ?

Hello Everyone,

I moved to Ubuntu Linux recently from Arch Linux. I observed that my battery ( Lenovo Thinkpad E Series 3rd Gen) health getting low by using Arch Linux and there were some posts on that issue.

Though Arch Linux is great, I dont want to loose my $1000 laptop battery as I invested extra bucks especially for battery with extra capacity.

Any way, as I am using dual boot with Windows and Linux, I do have NTFS partitions.

As per color scheme of the terminal, if you list the items in the NTFS mount in terminal, they all come up with an ugly look as below

 so as you can see it, its completely not good.

So upon searching I came across below solution via Stackoverflow

If you are using zsh then open file ~/.zshrc, if bash then ~/.bashrc and paste following code at the end, save and exit from the file. Once exited, execute exec $SHELL  command, and it equal to source ~/.zshrc or source ~/.bashrc

eval "$(dircolors -p | \
   sed 's/ 4[0-9];/ 01;/; s/;4[0-9];/;01;/g; s/;4[0-9] /;01 /' | \
   dircolors /dev/stdin)"

So after applying the changes, my terminal output is clear as below

Hope it helps you.

Thank you.

How to launch Sublime text editor from terminal in Macbook ?

As you all know, Sublime is one of the famous and lite weight text editor and can be used for application development for almost every programming language available today.
For VS Code to launch editor from terminal, you can use code from terminal.
But for Sublime there is no direct method. To achieve this in sublime we can achieve it in 2 methods I believe. Lets see one by one

Using Soft Link

After creating soft link just type sublime in your terminal and sublime open.

  
ln -s "/Applications/Sublime Text.app/Contents/SharedSupport/bin/subl" /usr/local/bin/sublime

Using alias

Add alias like below in your .bashrc or ~/.bash_profile files

subl='/Applications/Sublime\ Text.app/Contents/SharedSupport/bin/subl'

then do load the changes with source

source ~/.bashrc

Hope this helps.
Thanks
Raja

SSH configuration: sshd_config file

In SSH Server , we do have two types of configuration files. They are sshd_config and ssh_config.

Here sshd_config is all about server side configuration. The behavior of SSH server written at this file.

In this article I am writing a simple article with few best practices over sshd_config.

Note: For edit that you are doing to sshd_config , you must restart sshd service. Please review my last article about ssh restart.


1. Allow login only with root and deny all other.

This is actually simple. In the terminal type as a root user as menioned below

# touch /etc/nologin

That's it. Then restart sshd service. Now try with normal user and you wont be allowed to login.

2.SSH Protocol switching.

SSH have two versions as Version-1 , Version-2
Version-1 have only feature that user based authentication.Due to this we can only know who is getting login into server but we cant see from which machine or host he is doing this and this machine may be authorized or unauthorized. Due to this its not safe to use Version 1 in real time.

Version-2 overcomes this problem with Version-1 with host-based authentication process and along with user-based authentication process.

First It will take the host Identity and then only it will allow user to login.

You can set your version of SSH with

Protocol 2

in sshd_config file at line line number 21.

3. Disabling direct root login

So first login should be normal user login and then only he can switch into a root user if he know the root password. This is one of the best practice. and to do that open sshd_config file with

# vi /etc/ssh/sshd_config

Find or write a line as

PermitRootLogin no

then save & close, then restart sshd service.

4.Allow only specific users.

Assume we have 100 users in network and you dont want them to login through ssh. You can simply allow particular users to login and deny all other.

Open your configuration file

# vi /etc/ssh/sshd_config

Then write a line as

AllowUsers user1 user2 user3

user1,user2,user3 are usernames.

save ,close. restart sshd service.

5. Deny only specific users.

Same case as above but you want only part of them to deny and allow all others.

# vi /etc/ssh/sshd_config

DenyUsers user1 user2 user3

6.Disconnect Idle ssh sessions after a timeout.

Open your sshd_config file and write the lines as below and it will disconnect the sessions after time out. In the example it is 300 Sec i.e 5 Min.

# vi /etc/ssh/sshd_config

then add

ClientAliveInterval 300

ClinetAliveCountMax 0

save,close & restart sshd service.

7.Display Banner information to all who are trying to connect.

Now make a file with information you want to display , assume I have information made at location /etc/issue. Now I can display the information of at /etc/issue to all by making as below

Open file

# vi /etc/ssh/sshd_config

then add

Banner /etc/issue

save,close and restart sshd service.

8.Port Number change

This is also one of the best security practice. Default SSH port is 22 and attackers first choice will be 22. So we have to change it to something else.

Open configuration file

# vi /etc/ssh/sshd_config

then write a line as

Port 2222

save,close. Now as per configuration file ,ssh default port is 2222 but unless we made changes in IPTables it wont work for remote connections.

# vi /etc/sysconfig/iptables

Then modify the line which have port 22 ,else remove it and add the new line as below.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT

then save and close the file and restart iptables with

# service iptables restart

9. Allow only particular IP

This is awesome thing , who ever the attacker he cant do anything unless he is doing from authorized machine network address.

This we can do in 3-ways and we can assume it as 3-level security arrangement.

Method-1 : IPTables , assume you want only 192.168.1.2/24 network only to access your ssh service. Then open your IPtables at server end and type as mentioned below before commit,

-A INPUT -s 192.168.1.2/24 -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT

then save,close and restart IPTables with

# service iptables restart

Method 2 : From sshd_config.

Edit configuration file and write as mentioned below.

# vi /etc/ssh/sshd_config

then add line as

ListenAddress 192.168.1.2/24

save,close & restart sshd service.

Method 3: TCPWrappers

If you mentioned IP in at /etc/hosts.allow then for that IP , mentioned service will be allowed and if you mention the same in /etc/hosts.deny then for that IP , mentioned service will be deny.

For example look at below case.

# vi /etc/hosts.allow

then add

sshd : 192.168.1.2/24

save ,close. No need restart. Now only the mentioned IP will be allowed for ssh access.

Now /etc/hosts.deny

# vi /etc/hosts.deny

sshd : 192.168.1.2/24

save,close. Now from this IP all ssh request will be denied.

I will write an article about TCPWrappers soon.


TCPWrappers loading order as first /etc/hosts.allow file and then /etc/hosts.deny file. So make sure about the flow and understand it.

12. Deny Empty password login.

This is not a good habit, login with empty password so do as below in your config file

# vi /etc/ssh/sshd_config

add as

PermitEmptyPasswords no

save,close and restart sshd service.


If you are having any other Information about sshd_config configuration, Please add in comments area and I will add it in main post.

Help helps you.

Take picture from terminal

Create Bootable Linux ISO from DD command

I have tried many times to create a Bootable USB linux from ISO but failed almost 20 times. After a lot of googling I have found as this is the proper command

dd if=/path/to/ISO.iso of=/dev/sda bs=4M;sync

Thats it. Note: at of=/dev/sda dont give anything after your device. for example If your USB mounted as /dev/sdb1 then at of you should give as of=/dev/sdb only.

CentOS - IP Setting - Static IP- Command Line

Commands required to set a static IP in CentOS  are

. In Terminal , turn into root user and type as

vi /etc/sysconfig/network-scripts/ifcfg-eth0

There Place the content as

There as you can see the parameter. Set similar in your PC.Then save & close it with <Shift> + <:> +<w> + <q> .

Then In terminal type as

vi /etc/sysconfig/network

There give your Gateway as shown

You can disable/Enable network from there.

Then check your Gateway updated or not with

route -n

Then after that restart your network with

service network restart

Thats it. Now you can connect to your CentOS to Internet.
Points to remember : Nothing much !! all you have to execute the commands as root user.

Lets Play with Netstat

Hello Readers !!

Today I am here with few commands that you can use in your Ubuntu System to know about Network Related information.

The command I can simply say netstat: http://linux.die.net/man/8/netstat

Man - page you surely going to need for reference. Just open a terminal with CTRL+ALT+T (If Ubuntu) and then changed to root user with

either

sudo -i

or su  -root

Then start now!!

1. How many ports you have in your System ? 

                            # netstat -a 

     2.  How may ports are listening now ?

                             # netstat -l

     3. What is the routing of your network ?

                            # netstat -r

      4. If a program/service access some port number , what is it ?

                         # netstat -ap | grep ftp

       Hope that helps. For more information use that man-page.