Disabling Password-based Authentication in Unix

To disable Password-based authentication in Unix, modify the file /etc/ssh/sshd_config to use the following parameters:

PermitRootLogin no
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no

This will require that the user ssh'ing to the server use ssh keys rather than a password to login.

Running VirtualBox in Headless Mode

You can list all virtual machines that you have configured with:
# VBoxManage list vms
"TestVm" {4176c387-a851-4cca-8b2e-d6246c04c388}

To start a Virtual Machine in headless mode using VirtualBox:
# VBoxManage startvm TestVm --type headless

To Power off a Virtual Machine that is running in VirtualBox:
# VBoxManage controlvm TestVm poweroff

Setting JAVA_HOME and ANT_HOME in RHEL

How do you get a newer version of Ant to work on on RedHat?

Simply setting ANT_HOME and JAVA_HOME aren’t enough!

Need to add alternatives for applications in RHEL.

set java

sudo alternatives --install /usr/bin/java java /opt/jdk1.8.0_101_x86_64/bin/java

set javac

sudo alternatives --install /usr/bin/javac javac /opt/jdk1.8.0_101_x86_64/bin/javac

set ant

sudo alternatives --install /usr/bin/ant ant /opt/apache-ant-1.9.7_x86_64/bin/ant

And lastly... rename or modify /etc/ant.conf because by default the ant.conf file is sourced by ant scripts which automatically re-exports ANT_HOME using an older version of ANT.

You can tell this is the case when, for example:

bash-4.1$ ant -version

Apache Ant version 1.7.1 compiled on July 2 2010

And 

bash-4.1$ ant --noconfig -version

Apache Ant(TM) version 1.9.7 compiled on April 9 2016

Now your JAVA_HOME, java -version should match and your ANT_HOME and ant -version should match!

If this doesn't report back the version you expected, confirm they are set as priority in the alternatives:

sudo alternatives --config java

sudo alternatives --config javac

sudo alternatives --config ant

Linux Network Traffic Monitoring Tools

Recently, I was in need of a new Linux Network Traffic Monitoring Tool and after some poking around, I found some great options:

tcptrack 

tcptrack is a great small utility with a spartan interface.
It displays the status of tcp connections, showing columns for the client, server, state, Idle Time and Speed. The list updates automatically as new connections come and go and the results can be sorted by rates or by bytes. 

 

Get tcp track sudo apt-get install tcptrack

slurm

slurm provides a nice colored graph for upload/download, as well as some other good overall status information.

Slurm.jpeg

Get slurm sudo apt-get install slurm

User Control in Unix

To add a new group

 groupadd <group name>

To add an existing user to a group

usermod -a -G <group name> <username> 

To view a user's group assignment

 id <username> 

To view a list of allgroups 

groups 

To create a user and add a group

useradd -g <group name> <username> 

Filtering Swift Array of Objects by Property

The filter option allows you to filter through an array in Swift, returning only entries that match the filter specifications. The following example shows an array of Friend objects who have the attribute age. We create a filter that returns an array of friends whose age is less than 40.

var friends = [Friend(age: 50), Friend(age: 42), Friend(age: 22), Friend(age: 30)]
var filteredFriends = friends.filter({
    $0.age < 40
})
 
for friend in friends {
    println(friend.age!)
}

SSH Login Using Public Key Authentication

The following process allows a user to login from a client machine to a remote machine (which we will hereby refer to as server) without using a password, but rather with public key authentication.

1 - Create the RSA Key Pair

The first step is to create the key pair on the client machine. This is the machine that you are going to be using to connect to the remote servers. In a terminal on the client machine, enter the following command:

ssh-keygen -t rsa

2 - Store the Keys and the Passphrase

Once you have entered the key gen command, you will be prompted with a few more questions:

Enter file in which to save the key (/home/<your_username>/.ssh/id_rsa):
You can press enter here, saving the file to the specified user home directory.

Enter passphrase (empty for no passphrase):
It is your choice as to whether or not you want to include a passphrase. The benefit is that there is the added security in the situation where the private key is compromised. The person who obtained the private key would also need the passphrase in order to utilize the private key. However, this also means that you, as the legitimate user will also require the passphrase in order to utilize the key, unless you use ssh-agent to store the password.

The entire key generation process appears as follows:

ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/
<your_username>/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/<your_username>/.ssh/id_rsa.
Your public key has been saved in /home/<your_username>/.ssh/id_rsa.pub.

The key fingerprint and random art image is then displayed.

The public key is now located in /home/<your_username>/.ssh/id_rsa.pub The private key, which serves as your identification, is now located in /home/<your_username>/.ssh/id_rsa

3 - Copy the Public Key to the Target Server

Once the key pair is generated, we need to place the public key on the server that we want to be connecting to from the client system that we generated the keys on.

You can copy the public key that was generated on the client system to the remote server using ssh with the following command. (Make sure the place the username with your username on the server, and the IP address with the server's IP address. 

cat ~/.ssh/id_rsa.pub | ssh <your_username>@111.222.3.4 "mkdir -p ~/.ssh && cat >>  ~/.ssh/authorized_keys"

Alternatively, you can copy the public key into the server's authorized_keys file with the ssh-copy-id command. Again, make sure to replace the example username and IP address.

ssh-copy-id <your_username>@111.222.3.4

Both of these options will copy the public key from the client machine to the server's authorized_keys file. You should now be able to ssh from the client system to the server using the public key authentication mechanism. If you did not require a passphrase in your key generation, then you will now be able to login to the server from the client without using a password.

Additional information regarding using Public Key Authentication with OpenSSH is available on the Ubuntu website: https://help.ubuntu.com/community/SSH/OpenSSH/Keys

Around The Clock

Today, Around The Clock is now available on the Mac App Store! It's nothing fancy, but I'm happy with how it turned out and the amount that I learned going through the process of developing and releasing a Swift application.

Feel free to check it out and let me know what you think!

Read More

The Search for Northeast Airlines Flight 792

On November 30th, 1954, Northeast Airlines Flight 792 took off from Laconia, NH for its destination, Berlin, NH less than 100 miles away. Northeast Airlines Flight 792 never completed its 35 minute flight to Berlin. Heavy snow and wind threw the plane off-course causing it to steer directly into the massive Mount Success. The plane was too low, and the pilot couldn't recover. The plane barreled into the forest south of the summit.

Incredibly, all seven passengers of Flight 792 survived the crash, however two died while waiting to be rescued. It wasn't until December 2nd, 1954 that rescuers were able to locate and come to the aid of the five remaining survivors.

Source: http://www.summitpost.org/mount-success/18...