If you are running Linux, you have several alternatives to put second Ethernet interface for good use.
A step by step guide on setting up multiple SSH keys for password less login.
You can easily mount remote server file system or your own home directory using special sshfs and fuse tools.
FUSE – Filesystem in Userspace
FUSE is a Linux kernel module also available for FreeBSD, OpenSolaris and Mac OS X that allows non-privileged users to create their own file systems without the need to write any kernel code. This is achieved by running the file system code in user space, while the FUSE module only provides a “bridge” to the actual kernel interfaces. FUSE was officially merged into the mainstream Linux kernel tree in kernel version 2.6.14.
You need to use SSHFS to access to a remote filesystem through SSH or even you can use Gmail account to store files.
Following instructions are tested on CentOS, Fedora Core and RHEL 4/5 only. But instructions should work with any other Linux distro without a problem.
Step # 1: Download and Install FUSE
Visit fuse home page and download latest source code tar ball. Use wget command to download fuse package:
# wget http://superb-west.dl.sourceforge.net/sourceforge/fuse/fuse-2.6.5.tar.gz
Untar source code:
# tar -zxvf fuse-2.6.5.tar.gz
Compile and Install fuse:
# cd fuse-2.6.5
# make install
Step # 2: Configure Fuse shared libraries loading
You need to configure dynamic linker run time bindings using ldconfig command so that sshfs command can load shared libraries such as libfuse.so.2:
# vi /etc/ld.so.conf.d/fuse.conf
Append following path:
Step # 3: Install sshfs
Now fuse is loaded and ready to use. Now you need sshfs to access and mount file system using ssh. Visit sshfs home page and download latest source code tar ball. Use wget command to download fuse package:
# wget http://easynews.dl.sourceforge.net/sourceforge/fuse/sshfs-fuse-1.7.tar.gz
Untar source code:
# tar -zxvf sshfs-fuse-1.7.tar.gz
Compile and Install fuse:
# cd sshfs-fuse-1.7
# make install
Mounting your remote filesystem
Now you have working setup, all you need to do is mount a filesystem under Linux. First create a mount point:
# mkdir /mnt/remote
Now mount a remote server filesystem using sshfs command:
# sshfs firstname.lastname@example.org: /mnt/remote
- sshfs : SSHFS is a command name
- email@example.com: – vivek is ssh username and rock.nixcraft.in is my remote ssh server.
- /mnt/remote : a local mount point
When promoted supply vivek (ssh user) password. Make sure you replace username and hostname as per your requirements.
Now you can access your filesystem securely using Internet or your LAN/WAN:
# cd /mnt/remote
# cp -a /ftpdata . &
To unmount file system just type:
# fusermount -u /mnt/remote
# umount /mnt/remote
- Visit the official FUSE website
- Refer the man page of sshfs
ControlMaster is a new feature in OpenSSH v 4.x, that allows it to reuse an existing connection to a remote host when opening new connections to that host
“Using this feature you can increase performance as it result into the reduced connection times that the ControlMaster feature provides are particularly nice when you’re using tools that open multiple SSH connections to do work on a remote server…” Read more…
On a related note, here’s a short guide on reusing existing OpenSSH v4 connections written by steve.
Most of the time you login into remote server via ssh. If you start a shell script or command and you exit (abort remote connection), the process / command will get killed. Sometime job or command takes a long time. If you are not sure when the job will finish, then it is better to leave job running in background. But, if you log out of the system, the job will be stopped and terminated by your shell. What do you do to keep job running in the background when process gets SIGHUP?
BIND is the Berkeley Internet Name Domain, DNS server. It is wildly used on UNIX and Linux like oses. You can use following tools to troubleshoot bind related problems under UNIX or Linux oses.
Task: Port 53 open and listing requests
By default BIND listen DNS queries on port 53. So make sure port 53 is open and listing user requests. by running any one of the following tests. See if you can telnet to port 53 from remote computer:
$ telnet remote-server-ip 53
telnet ns1.nixcraft.org domain
Trying 192.168.0.5... Connected to ns1.nixcraft.org. Escape character is '^]'.
If you cannot connect make sure firewall is not blocking your requests. Next use netstat command to list open and listing port 53 on server itself:
$ netstat -tulpn | grep :53
# netstat -atve
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp 0 0 ns1.nixcraft.org:domain *:* LISTEN named 10386 tcp 0 0 rhx.test.com:domain *:* LISTEN named 10384 tcp 0 0 *:ssh *:* LISTEN root 1785 tcp 0 0 rhx.test.com:rndc *:* LISTEN named 10388 tcp 0 0 rhx.test.com:smtp *:* LISTEN root 1873 tcp 0 0 ns1.nixcraft.org:ssh w2k.nixcraft.org:1057 ESTABLISHED root 10501 tcp 0 0 rhx.test.com:32773 rhx.test.com:domain TIME_WAIT root 0 tcp 0 0 ns1.nixcraft.org:32775 ns1.nixcraft.org:domain TIME_WAIT root 0 tcp 0 0 rhx.test.com:32774 rhx.test.com:domain TIME_WAIT root 0
Make sure iptables firewall is not blocking request on server:
# iptables -L -n
# iptables -L -n | less
Make sure named is running:
# /etc/init.d/named status
If not start named:
# chkconfig named on
# service named start
Task: Use log files
You can use log files after starting/restarting bind to see error messages:
# tail â€“f /var/log/message
Nov 17 16:50:25 rhx named: listening on IPv4 interface lo, 127.0.0.1#53 Nov 17 16:50:25 rhx named: listening on IPv4 interface eth0, 192.168.0.5#53 Nov 17 16:50:25 rhx named: command channel listening on 127.0.0.1#953 Nov 17 16:50:25 rhx named: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700 Nov 17 16:50:25 rhx named: nixcraft.org.rev:1: no TTL specified; using SOA MINTTL instead Nov 17 16:50:25 rhx named: zone 0.168.192.in-addr.arpa/IN: loaded serial 12 Nov 17 16:50:25 rhx named: zone localhost/IN: loaded serial 42 Nov 17 16:50:25 rhx named: zone nixcraft.org/IN: loaded serial 12 Nov 17 16:50:25 rhx named: running
Task: Check zone file for errors
You can check zone file syntax and /etc/named.conf file using following utilities. named-checkconf command is named (BIND) configuration file syntax checking tool.
# named-checkconf /etc/named.conf
/etc/named.conf:32: missing ';' before 'zone'
Plesse note that if named-checkconf did not find any errors it will not display in output on screen.
Check zone file syntax for errors. named-checkzone is zone file validity checking tool. named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a zone. This makes named checkzone useful for checking zone files before configuring them into a name server.
# named-checkzone localhost /var/named/localhost.zone
#named-checkzone nixcraft.org /var/named/nixcraft.org.zone
zone nixcraft.org/IN: loaded serial 12 OK
Task: Testing BIND/DNS with utilities
You can use host and dig utilties to test your bind configuration.
- host: host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa.
- dig: dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
List IP address associated with host names:
# host nixcraft.org
# host www
www.nixcraft.org has address 192.168.0.6
Perform a zone transfer for zone name using -l option:
# host -l nixcraft.org
nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400 nixcraft.org name server ns1.nixcraft.org. nixcraft.org mail is handled by 10 mail.nixcraft.org. nixcraft.org has address 192.168.0.5 gw.nixcraft.org has address 192.168.0.254 mail.nixcraft.org has address 192.168.0.7 ns1.nixcraft.org has address 192.168.0.5 w2k.nixcraft.org has address 192.168.0.1 www.nixcraft.org has address 192.168.0.6 nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400
# dig mail.nixcraft.org
# dig 192.168.0.5