CentOS – nixCraft

How To Patch and Protect Linux Kernel Stack Clash Vulnerability CVE-2017-1000364 [ 19/June/2017 ]

June 20, 2017June 20, 2017in CentOS, Debian / Ubuntu, Linux, RedHat and Friends, Security, Suse last updated June 20, 2017

A very serious security problem has been found in the Linux kernel called “The Stack Clash.” It can be exploited by attackers to corrupt memory and execute arbitrary code. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative/root account privileges. How do I fix this problem on Linux?

How to prevent sed -i command overwriting my symlinks on Linux or Unix

June 13, 2017June 13, 2017in BASH Shell, CentOS, Debian / Ubuntu, FreeBSD, Linux, Mac OS X, RedHat and Friends, Suse, Troubleshooting, UNIX last updated June 13, 2017

I recently ran a command ‘sed -i 's/CONFIG_1/CONFIG_OPT_2/g' /etc/nginx/sites-enabled/*.conf‘ on a Debian Linux server. However, the sed command destroyed the link and created a regular file in place of the link file. How can I prevent my ‘sed -i’ command from destroying symlinks on Linux or Unix-like system?

How to prevent unprivileged users from viewing dmesg command output on Linux

June 10, 2017June 13, 2017in CentOS, Debian / Ubuntu, Linux, RedHat and Friends, Security, Suse last updated June 13, 2017

I want to restrict both normal users and root user inside LXD container “hypervisor” from viewing and using dmesg command output. How do I prevent non-root (unprivileged) Linux users from viewing the Linux kernel’s log buffer?

How to allow root login from one IP address with ssh public keys only

June 10, 2017in CentOS, Debian / Ubuntu, FreeBSD, Linux, Openbsd, RedHat and Friends, Suse, UNIX last updated June 10, 2017

I am using MacOS on the desktop and Ubuntu Linux on the server. I disabled root login over ssh and enabled ssh based public key login. However, I recently added second Ubuntu server. I need to sync file between two using rsync command. Is there any way that I can log from the second server into my first server with root user from second server IP address only ([email protected] }# ssh [email protected]) without reducing OpenSSH server security option?

How to configure Nginx SSL/TLS passthrough with TCP load balancing

June 6, 2017June 7, 2017in CentOS, Debian / Ubuntu, Linux, Nginx, RedHat and Friends, UNIX last updated June 7, 2017

How do I configure SSL/TLS pass through on Nginx load balancer running on Linux or Unix-like system? How do I load balance TCP traffic and setup SSL Passthrough to pass SSL traffic received at the load balancer onto the backend web servers?

How to extract multiple tar ball (*.tar.gz) files in directory on Linux or Unix

May 30, 2017May 30, 2017in BASH Shell, CentOS, Debian / Ubuntu, FreeBSD, Linux, RedHat and Friends, Suse, UNIX last updated May 30, 2017

I have tried tar -xvf *.tar.gz command, but getting an error that read as:
tar (child): *.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
How can I extract multiple *.tar.gz files in directory using Linux or Unix-shell prompt?

How to upload ssh public key to as authorized_key using Ansible

May 29, 2017in CentOS, Debian / Ubuntu, FreeBSD, Linux, Mac OS X, Suse, UNIX last updated May 29, 2017

How do I use Ansible to upload ssh public key to as authorized_key to multiple Linux or Unix servers saved in an inventory file?