Custom Search

Ubuntu dhcp server setup

In computer networking, there are two types of ip address configurations, dynamic ip address and static ip address. A dynamic ip address means, a host in a network doesn't have a specific ip address. A dhcp client host will ask it's ip address from a dhcp server, which provides ip address for all hosts in it's network.




DHCP is dynamic host configuration protocol. In Ubuntu, dhcp server package is called dhcp3-server. To setup dhcp server, you need to install the dhcp3-server software package and configure dhcpd.conf file, which is the dhcp server configuration file. In this post, I'll show you how I setup my Ubuntu dhcp server.




Install Ubuntu dhcp3-server with apt-get




There are many ways to install software packages in Ubuntu. Most people use apt-get, a command line package management. So, I'll show you how to install dhcp3-server using apt-get too.




Here is an example of installing Ubuntu dhcp3-server using apt-get:




luzar@ubuntu:~$ sudo apt-get install dhcp3-server
[sudo] password for luzar:Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer
required: libdns32 libisc32
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed: dhcp3-server
0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded.
Need to get 318kB of archives.
After this operation, 774kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com hardy/main dhcp3-server
3.0.6.dfsg-1ubuntu9 [318kB]
Fetched 318kB in 3s (106kB/s)
Preconfiguring packages ...
Selecting previously deselected package dhcp3-server.
(Reading database ... 28920 files and directories currently installed.)
Unpacking dhcp3-server
(from .../dhcp3-server_3.0.6.dfsg-1ubuntu9_i386.deb) ...
Setting up dhcp3-server (3.0.6.dfsg-1ubuntu9) ...
Generating /etc/default/dhcp3-server...
* Starting DHCP server dhcpd3 [fail]
invoke-rc.d: initscript dhcp3-server, action "start" failed.
luzar@ubuntu:~$



The dhcp3-server installation is complete but fail to start the daemon. Don't worry, the dhcp3-server failed to start because we do not configure it yet. To configure the dhcp3-server, open /etc/dhcp3/dhcpd.conf file and read through a few times and you'll have a basic idea of how the configurations work.




We are going to edit the file, so make a copy of it first, as backup. Use cp command to copy the file:




luzar@ubuntu:~$ sudo cp /etc/dhcp3/dhcpd.conf
/etc/dhcp3/dhcpd.conf.bak

luzar@ubuntu:~$



Now you can edit /etc/dhcp3/dhcpd.conf to suit your network. Use any text editor you are comfortable with. Here is a tip before we begin editing. Do not remove unrelated configuration, just comment it. Maybe you'll need it later such as fixed ip host configuration. We'll use an existing configuration, change ip address regarding our network.




Here's an example of a simple dhcp configuration for a local network (in blue color):




luzar@ubuntu:~$ sudo less /etc/dhcp3/dhcpd.conf
#
# Sample configuration file for ISC dhcpd for Debian
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
#
# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
#


# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;


# option definitions common to all supported networks...
# Change example.org to your domain name
# Change ns1 and ns2 to your host name
option domain-name "example.org";
option domain-name-servers ubuntu.example.org;


# Set default and max lease time. Time is in second.
default-lease-time 600;
max-lease-time 7200;


# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;


# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;


# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.


#subnet 10.152.187.0 netmask 255.255.255.0 {
#}


# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {


# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}


# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.#subnet 10.254.239.32 netmask 255.255.255.224 {
# range dynamic-bootp 10.254.239.40 10.254.239.60;


# option broadcast-address 10.254.239.31;# option routers rtr-239-32-1.example.org;
#}


# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
# range 10.5.5.26 10.5.5.30;
# option domain-name-servers ns1.internal.example.org;
# option domain-name "internal.example.org";
# option routers 10.5.5.1;
# option broadcast-address 10.5.5.31;
# default-lease-time 600;
# max-lease-time 7200;
#}


# Here is my dhcp configuration for local network example
# I am not editing the example above instead I copy it here


subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.20 192.168.1.30;
option domain-name-servers 192.168.44.128;
option domain-name "ubuntu.example.org";
option routers 192.168.44.128;
option broadcast-address 192.168.44.254;
default-lease-time 600;
max-lease-time 7200;
}



# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information


# will still come from the host declaration.
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.


#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename "vmunix.passacaglia";
# server-name "toccata.fugue.com";
#}


# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.


#host fantasia {
# hardware ethernet 08:00:07:26:c0:a5;
# fixed-address fantasia.fugue.com;
#}


# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
#class "foo" {
# match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}


#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of "foo";
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of "foo";
# range 10.0.29.10 10.0.29.230;
# }
#}



Now we can restart the dhcp3-server again. You'll fail to start dhcp3-server if there's error in dhcp.conf file. You'll be prompt of what the error is. For example, here is an error I got when restarting my dhcp3-server:




luzar@ubuntu:~$ sudo /etc/init.d/dhcp3-server restart
dhcpd self-test failed. Please fix the config file.
The error was:
/etc/dhcp3/dhcpd.conf line 57: 2431504310 exceeds max (255) for precision.
range 199999999926


/etc/dhcp3/dhcpd.conf line 57: too few numbers.
range 199999999926 192.
Configuration file errors encountered -- exiting



So, I re-open dhcp.conf file and go to line 57 and fixed the error. You can also view /var/log/messages and /var/log/daemon.log to view error message. That's all that I need to do to configure dhcp in my local network.

Ubuntu search files using find command basic

Basic find command




There are several ways to search files in Ubuntu. Probably you may already come across my other post about searching file in Ubuntu using locate command. Here is another way of searching files in Ubuntu. This time we are using the GNU find command. The find command comes with many options. That makes find a very powerful command. However, new users may not be very comfortable with find. I mean most users prefer a simple command, a command with less options to remember.




Don't ever think like that if you want to be a true Linux user. You must take advantage of powerful Linux command otherwise you would never see Linux full potential.




The manual page is a great help. Always make yourself a habit to read manual page for every new command. You don't have to read it all the first time you open it. My tip is, read the synopsis so you know the command's syntax. Then scan through some options. Some manual do have examples. Here are some informations about find in manual page:





NAME
find - search for files in a directory hierarchy


SYNOPSIS
find [-H] [-L] [-P] [path...] [expression]


DESCRIPTION
This manual page documents the GNU version of find. GNU find searches
the directory tree rooted at each given file name by evaluating the
given expression from left to right, according to the rules of precedence
(see section OPERATORS), until the outcome is known (the left
hand side is false for and operations, true for or), at which point
find moves on to the next file name.


If you are using find in an environment where security is important
(for example if you are using it to search directories that are writable
by other users), you should read the "Security Considerations" chapter
of the findutils documentation, which is called Finding Files and comes
with findutils. That document also includes a lot more detail and
discussion than this manual page, so you may find it a more useful
source of information.


EXPRESSIONS
The expression is made up of options (which affect overall operation
rather than the processing of a specific file, and always return true),
tests (which return a true or false value), and actions (which have side
effects and return a true or false value), all separated by operators.
-and is assumed where the operator is omitted.
If the expression contains no actions other than -prune, -print
is performed on all files for which the expression is true.



The meaning of synopsis options:





  • -H means do not follow symbolic links, except while processing the command line arguments.

  • -L means follow symbolic links.

  • -P means never follow symbolic links.




Let's try some examples to search file in Ubuntu using find command.




Example 1:




luzar@ubuntu:~$ find -P /home -iname File.txt
/home/luzar/File.txt
luzar@ubuntu:~$



In the example above, I used find command to search in /home directory for a file named file.txt. See that I used -iname instead of -name because -iname is case insensitive.




This concludes the basic find command guide. We'll continue advanced find command in another post.

Ubuntu nsswitch.conf guide

Ubuntu nsswitch.conf is an important files regarding dns configuration. The nsswitch.conf is Name Service switch configuration file. Why does it important in dns configuration?




There are two important files in Ubuntu that directly deal with name server in mapping the host names and ip address. One is hosts file and the other is dns itself. This applied if you are not configuring NIS, of course. You can find these two files in nsswitch.conf configuration file. Open /etc/nsswitch.conf file using text editor or less command:




luzar@ubuntu:~$ sudo vi /etc/nsswitch.conf



Let's take a look at it more closely:





# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.


passwd: compat
group: compat
shadow: compat


hosts: files dns
networks: files


protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis~



Let's take a look at the line hosts which I already highlighted in blue. The hosts is pointing for files contain name server in the system when there is a request for it. As you can see, there are two files, files and dns. The files mention in hosts is a local file, which is the /etc/hosts file. The other file is dns, domain name server. The files will be check first and dns second. That means, /etc/hosts can override information in the dns configuration file.

Ubuntu dns server configuration

Ubuntu dns server configuration involves many files. I would like to remind you again, please make a backup for every files before you begin editing. Example below:




luzar@ubuntu:/etc/bind$ sudo cp named.conf.local named.conf.local.bak
luzar@ubuntu:/etc/bind$ sudo cp named.conf.options named.conf.options.bak



The first file we are going to edit is the named.conf.local file. Use your favorite editor to open named.conf.local file.




luzar@ubuntu:/etc/bind$ sudo vim /etc/bind/named.conf.local



Type the code below. Replace example.com. with your domain name.





zone "example.com" in {
allow-transfer { any; };
file "/etc/bind/db.example.com.";
type master;
};


// Set up reversed name resolution
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192";
};



Example of /etc/bind/db.example.com configuration.





;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA ubuntu.example.com. root.example.com. (
2008112202 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;

example.com IN MX mail.example.com.
@ IN NS ubuntu.example.com.
@ IN A 192.168.1.3
ubuntu IN A 192.168.1.3
web IN CNAME ubuntu.example.com.



Example of /etc/bind/db.192 configuration.





;
; Reverse lookup DNS Zone file
;
$TTL 604800
@ IN SOA ubuntu.example.com. root.example.com. (
2008112302 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
@ IN NS ubuntu.
3 IN CNAME ubuntu.example.com.



You have to set the ISP dns server ip address. Put it in /etc/bind/named.conf.options forwarders:





// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.


forwarders {
123.123.0.123;
123.123.1.1;
};



Example of /etc/resolv.conf configuration:

search example.comnameserver 192.168.1.3

Example of /etc/hosts configuration:





127.0.0.1 localhost
192.168.1.3 ubuntu.example.com ubuntu

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopbackfe00
::0 ip6-localnetff00
::0 ip6-mcastprefixff02
::1 ip6-allnodesff02
::2 ip6-allroutersff02
::3 ip6-allhosts



Restart bind9 service with the command below:




luzar@ubuntu:~$ sudo /etc/init.d/bind9 restart
* Stopping domain name service... bind [ OK ]
* Starting domain name service... bind [ OK ]

luzar@ubuntu:~$ tail /var/log/messages



Testing dns with dig domain name command:




luzar@ubuntu:/etc/bind$ dig example.com

; <<>> DiG 9.4.2-P2 <<>> example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34700
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1,
ADDITIONAL: 1

;; QUESTION SECTION:;example.com. IN A


;; ANSWER SECTION:
example.com. 604800 IN A 192.168.1.3


;; AUTHORITY SECTION:
example.com. 604800 IN NS ubuntu.example.com.


;; ADDITIONAL SECTION:
ubuntu.example.com. 604800 IN A 192.168.1.3


;; Query time: 0 msec
;; SERVER: 192.168.1.3#53(192.168.1.3)
;; WHEN: Sun Nov 23 04:23:18 2008
;; MSG SIZE rcvd: 82


luzar@ubuntu:/etc/bind$



Testing with dig ip address:




luzar@ubuntu:/etc/bind$ dig -x 192.168.1.3


; <<>> DiG 9.4.2-P2 <<>> -x 192.168.1.3
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35746
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1,
ADDITIONAL: 0


;; QUESTION SECTION:
;3.1.168.192.in-addr.arpa. IN PTR


;; ANSWER SECTION:
3.1.168.192.in-addr.arpa. 604800 IN CNAME ubuntu.example.com.


;; AUTHORITY SECTION:
example.com. 86400 IN SOA ubuntu.example.com.
root.example.com. 2008112202 604800 86400 2419200 86400


;; Query time: 0 msec
;; SERVER: 192.168.1.3#53(192.168.1.3)
;; WHEN: Sun Nov 23 04:32:09 2008
;; MSG SIZE rcvd: 115
luzar@ubuntu:/etc/bind$



If you have an error during configuration, please check error logs in:





  • /var/log/daemon.log.

  • /var/log/messages.




Here is an example of /var/log/daemon.log:




luzar@ubuntu:/etc/bind$ tail /var/log/daemon.log

Nov 24 10:23:05 ubuntu named[4554]: zone 28.172.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone 29.172.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone 30.172.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone 31.172.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone 168.192.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone 1.168.192.in-addr.arpa/IN:
loaded serial 2008112302
Nov 24 10:23:05 ubuntu named[4554]: zone 255.in-addr.arpa/IN:
loaded serial 1
Nov 24 10:23:05 ubuntu named[4554]: zone example.com/IN:
loaded serial 2008112202
Nov 24 10:23:05 ubuntu named[4554]: zone localhost/IN:
loaded serial 2
Nov 24 10:23:05 ubuntu named[4554]: running

Ubuntu named.conf

Ubuntu named.conf file is the master configuration file for DNS server. Its pronounced name-dee for name daemon, which is the dns service. It's location is in /etc/bind/named.conf. You can find named.conf file only after you install the bind9 software package.




Here is an example of a default Ubuntu /etc/bind/named.conf configuration file:





// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in
// include "/etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers

zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

include "/etc/bind/named.conf.local";



The named.conf is a very important file. Normally, you don't have to edit this file during dns configuration in Ubuntu. However, maybe you are going to open and view this file a few times to study it's configuration. It's a good idea to copy and make a backup of this file.




luzar@ubuntu:/etc/bind$ sudo cp named.conf named.conf.bak
[sudo] password for luzar:
luzar@ubuntu:/etc/bind$



As you can see, there are specific files in each zone in the named.conf configuration file above. Those are the database files for localhost and default dns configuration. We don't need to edit those files. You only need to edit two files mention at the top of named.conf which is /etc/bind/named.conf.local and /etc/bind/named.conf.options.

Ubuntu dns files

DNS is domain name system. In Ubuntu, DNS package is included in bind9 software package. The dns server is called named. Basically what dns do, it translates name to ip address. It also translates ip address to name, which is called reverse dns.




Setting up dns involves several other files in Ubuntu system, the directly involved bind9 configuration files package and related files not in bind package. Here are all files needed to set up dns server, in bind package and not in bind package.

DNS configuration files in bind package:




luzar@ubuntu:~$ cd /etc/bind/
luzar@ubuntu:/etc/bind$ ls -l
total 44-rw-r--r-- 1 root root 237 2008-04-09 15:42 db.0
-rw-r--r-- 1 root root 271 2008-04-09 15:42 db.127
-rw-r--r-- 1 root root 237 2008-04-09 15:42 db.255
-rw-r--r-- 1 root root 353 2008-04-09 15:42 db.empty
-rw-r--r-- 1 root root 270 2008-04-09 15:42 db.local
-rw-r--r-- 1 root root 2878 2008-04-09 15:42 db.root
-rw-r--r-- 1 root bind 907 2008-04-09 15:42 named.conf
-rw-r--r-- 1 root bind 165 2008-04-09 15:42 named.conf.local
-rw-r--r-- 1 root bind 695 2008-04-09 15:42 named.conf.options
-rw-r----- 1 bind bind 77 2008-10-20 10:56 rndc.key
-rw-r--r-- 1 root root 1317 2008-04-09 15:42 zones.rfc1918
luzar@ubuntu:/etc/bind$



Related files not in bind package:



  • /etc/resolv.conf
  • /etc/hosts

  • /etc/nsswitch.conf




Here are screenshots of the files:




/etc/named.conf




/etc/named.conf is the main dns server configuration file. Here is a default content screenshot:







/etc/resolv.conf




/etc/resolv.conf is dns resolver file. Here is a default content screenshot:







/etc/bind/named.conf.local




/etc/bind/named.conf.local is a zone configuration file for dns setup. Here is a default content screenshot:







/etc/bind/named.conf.options




/etc/bind/named.conf.options file contains generic options for bind bind name server. Here is a default content screenshot:







Bind databases files




/etc/bind/db.root







/etc/bind/db.local







/etc/bind/db.0







/etc/bind/db.255







/etc/bind/db.127







/etc/bind/db.empty




Ubuntu install dns server

Ubuntu uses named as its DNS or Internet domain name system server. Named is part of BIND 9 distribution from ISC. So, to install Ubuntu dns server, you must install bind software package. Luckily, there is no hassle installing software package in Ubuntu. There are more than one great package management system in Ubuntu that you can use.




Before we begin the bind9 installation, we better run apt-get update to resynchronize the package index files from the sources. So here we go:




luzar@ubuntu:~$ sudo apt-get update
[sudo] password for luzar:
Get:1 http://security.ubuntu.com hardy-security Release.gpg [189B]
Ign http://security.ubuntu.com hardy-security/main Translation-en_US
Hit http://us.archive.ubuntu.com hardy Release.gpg.........
Fetched 964kB in 13s (69.6kB/s)Reading package lists...
Done



After running the update, we have to run the apt-get upgrade command to update software in our system to the latest update. See an example below:




luzar@ubuntu:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
.........
Setting up mysql-server (5.0.51a-3ubuntu5.4) ...
Setting up libxml2 (2.6.31.dfsg-2ubuntu1.3) ...
Processing triggers for libc6 ...
ldconfig deferred processing now taking place



After the upgrade is finished, we can run apt-get install to install bind9 software package. Here is how the real installation go:




luzar@ubuntu:~$ sudo apt-get install bind9
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libbind9-30 libdns35 libisc35 libisccc30 libisccfg30
Suggested packages: resolvconf
The following NEW packages will be installed: libdns35 libisc35
The following packages will be upgraded:
bind9 libbind9-30 libisccc30 libisccfg30
4 upgraded, 2 newly installed, 0 to remove and 5 not upgraded.
Need to get 978kB of archives.
After this operation, 1651kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://us.archive.ubuntu.com hardy-updates/main libisc35
1:9.4.2.dfsg.P2-2 [127kB]
Get:2 http://us.archive.ubuntu.com hardy-updates/main libdns35
1:9.4.2.dfsg.P2-2 [494kB]
Get:3 http://us.archive.ubuntu.com hardy-updates/main bind9
1:9.4.2.dfsg.P2-2 [268kB]
Get:4 http://us.archive.ubuntu.com hardy-updates/main libisccc30
1:9.4.2.dfsg.P2-2 [23.1kB]
Get:5 http://us.archive.ubuntu.com hardy-updates/main libisccfg30
1:9.4.2.dfsg.P2-2 [38.5kB]
Get:6 http://us.archive.ubuntu.com hardy-updates/main libbind9-30
1:9.4.2.dfsg.P2-2 [27.5kB]
Fetched 978kB in 15s (63.8kB/s)
Selecting previously deselected package libisc35.
(Reading database ...
18940 files and directories currently installed.)
Unpacking libisc35 (from .../libisc35_1%3a9.4.2.dfsg.P2-2_i386.deb)
...
Selecting previously deselected package libdns35.
Unpacking libdns35 (from .../libdns35_1%3a9.4.2.dfsg.P2-2_i386.deb)
...
Preparing to replace bind9 1:9.4.2-10
(using .../bind9_1%3a9.4.2.dfsg.P2-2_i386.deb
) ...
* Stopping domain name service... bind [ OK ]
Unpacking replacement bind9 ...
Preparing to replace libisccc30 1:9.4.2-10
(using .../libisccc30_1%3a9.4.2.dfsg.P2-2_i386.deb)
...
Unpacking replacement libisccc30 ...
Preparing to replace libisccfg30 1:9.4.2-10
(using .../libisccfg30_1%3a9.4.2.dfsg.P2-2_i386.deb)
...
Unpacking replacement libisccfg30
...
Preparing to replace libbind9-30 1:9.4.2-10
(using .../libbind9-30_1%3a9.4.2.dfsg.P2-2_i386.deb)
...
Unpacking replacement libbind9-30
...
Setting up libisc35 (1:9.4.2.dfsg.P2-2)
...
Setting up libdns35 (1:9.4.2.dfsg.P2-2)
...
Setting up libisccc30 (1:9.4.2.dfsg.P2-2)
...
Setting up libisccfg30 (1:9.4.2.dfsg.P2-2
) ...
Setting up libbind9-30 (1:9.4.2.dfsg.P2-2
) ...
Setting up bind9 (1:9.4.2.dfsg.P2-2
) ...
Installing new version of config file /etc/apparmor.d/usr.sbin.named
...
Reloading AppArmor profiles : done.
* Starting domain name service... bind [ OK ]
Processing triggers for libc6 ...
ldconfig deferred processing now taking place
luzar@ubuntu:~$



We have successfully installed bind9 package. Now, let's see what version we got:




luzar@ubuntu:~$ named -vBIND 9.4.2-P2
luzar@ubuntu:~$



So that's it. We already have bind9 package installed in our system. What to do next is to configure our dns server.

finger command in Ubuntu

Linux finger command prints user information in the system. You need to install finger package in order to use finger command because it's not installed by default. The finger command can be a threat to system security because attacker can gain information about the system. You can turn off the finger daemon or do not install it in the first place.




Why are we going to install it now? We need to know how the finger command works and see how it can danger our system. You can install finger using apt-get command as always:




luzar@ubuntu:~$ sudo apt-get install finger
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer
required:
libdns32 libisc32Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed: finger
0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded.
Need to get 18.0kB of archives.
After this operation, 77.8kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com hardy/main finger 0.17-11 [18.0kB]
Fetched 18.0kB in 0s (18.8kB/s)
Selecting previously deselected package finger.
(Reading database ... 18970 files and directories currently installed.)
Unpacking finger (from .../finger_0.17-11_i386.deb) ...
Setting up finger (0.17-11) ...
luzar@ubuntu:~$



Here is some information about finger command in manual page:





NAME

finger - user information lookup program

SYNOPSIS

finger [-lmsp] [user ...] [user@host ...]

DESCRIPTION

The finger displays information about the system users.



The finger command is a user information lookup program. What information can we see? We can check that later. The syntax can be as simple as finger user to look for local system and finger user@host for looking into remote system. That's powerful isn't it?




Let's see some finger command examples. Here is an example of finger command without any option or argument specified:




luzar@ubuntu:~$ finger
Login Name Tty Idle Login Time Office Office Phone
luzar luzar pts/0 Nov 22 03:01 (192.168.1.6)
root root *tty1 29 Nov 22 03:00luzar@ubuntu:~$



If no arguments are specified, finger will print an entry for each user currently logged into the system.




Let's say I want to check some information on user name james. I would write the command as:




luzar@ubuntu:~$ finger james
Login: james Name: James Labu
Directory: /home/james Shell: /bin/bash
Office: 133, 012345678 Home Phone: 098765432
On since Sat Nov 22 03:38 (EST) on tty2 15 seconds idle
(messages off)No mail.No Plan.
luzar@ubuntu:~$



I can also use -s to prints in different layout:




luzar@ubuntu:~$ finger -s james
Login Name Tty Idle Login Time Office Office Phone
james James Labu *tty2 17 Nov 22 03:38 133 012345678
luzar@ubuntu:~$



Everything we need to know about user information is there, login name, real name, home directory, shell used, office room and phone numbers, etc.




Now let's see another example with useful options. This time it's how to finger remote host. Use the format as in the example below:




luzar@ubuntu:~$ finger james@ubuntu



If you want to remove finger command from Ubuntu system, use the command in example below:




luzar@ubuntu:~$ sudo apt-get remove finger
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer
required: libdns32 libisc32Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED: finger
0 upgraded, 0 newly installed, 1 to remove and 2 not upgraded.
After this operation, 77.8kB disk space will be freed.
Do you want to continue [Y/n]? y
(Reading database ... 19000 files and directories currently installed.)
Removing finger ...
luzar@ubuntu:~$ sudo apt-get update



You can run apt-get update after that. Now test finger command again to if it's still running in our system.




luzar@ubuntu:~$ finger
-bash: /usr/bin/finger: No such file or directory
luzar@ubuntu:~$



That's it, no more finger daemon running.

Command line web browser in Linux

Lynx is a command line web browser used in many platform other than Linux. Current versions of Lynx run on Unix, VMS, Windows 95/NT, 386DOS and OS/2 EMX. It also support other protocol other than http such as Gopher, FTP, WAIS, and NNTP servers.


In the beginning, Lynx was developed by University of Kansas to distribute campus information. Later, Lynx has been added a feature to browse the Internet by a student named Lou Montulli, and it was released in March 1993.


Here is an example of using Lynx to open a website in the Internet:


luzar@ubuntu:~$ lynx http://linuxservertutorials.blogspot.com

Here is a screenshot of Lynx opened a website in the Internet:



Use Lynx to open Google search engine:


luzar@ubuntu:~$ lynx -accept_all_cookies http://www.google.com

This is a Google search engine screenshot when open with Lynx:


Ubuntu lynx installation guide

Lynx is a web browser in command line terminal. That means, even in the Ubuntu command line terminal, you can still surf internet and view websites. Lynx is not installed by default during Ubuntu installation. You need to manually install lynx using apt-get install or aptitude install.




Here is an example of lynx installation using apt-get install lynx command:




luzar@ubuntu:~$ sudo apt-get install lynx

[sudo] password for luzar:

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following NEW packages will be installed:

lynx

0 upgraded, 1 newly installed, 0 to remove and 9 not upgraded.

Need to get 1168kB of archives.

After this operation, 4997kB of additional disk space will be used.

Get:1 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:2 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:3 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:4 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:5 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:6 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Get:7 http://us.archive.ubuntu.com hardy/main lynx 2.8.6-2ubuntu2 [1168kB]

Fetched 143kB in 30min22s (79B/s)

Selecting previously deselected package lynx.

(Reading database ... 28836 files and directories currently installed.)

Unpacking lynx (from .../lynx_2.8.6-2ubuntu2_i386.deb) ...

Setting up lynx (2.8.6-2ubuntu2) ...

luzar@ubuntu:~$




That's all. Now we've got Lynx installed in our system.

ubuntu nmap installation guide

You can check whether nmap has been installed in your system using apt-get command or check installed database using aptitude command. Enter nmap in the command line terminal, and if you get answer like an example below, that means nmap hasn't been installed in your system.



luzar@ubuntu:~$ nmap
The program 'nmap' is currently not installed.
You can install it by typing:
sudo apt-get install nmap
-bash: nmap: command not found


You can follow Ubuntu advice, install nmap using apt-get install nmap or using your favorite package management. Below is an example of apt-get install nmap command:



luzar@ubuntu:~$ sudo apt-get install nmap
[sudo] password for luzar:Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed: nmap
0 upgraded, 1 newly installed, 0 to remove and 9 not upgraded.
Need to get 1013kB of archives.
After this operation, 3506kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com hardy/main nmap 4.53-3 [1013kB]
Get:2 http://us.archive.ubuntu.com hardy/main nmap 4.53-3 [1013kB]
Get:3 http://us.archive.ubuntu.com hardy/main nmap 4.53-3 [1013kB]
Get:4 http://us.archive.ubuntu.com hardy/main nmap 4.53-3 [1013kB]
Get:5 http://us.archive.ubuntu.com hardy/main nmap 4.53-3 [1013kB]
Fetched 129kB in 18min56s (114B/s)
Selecting previously deselected package nmap.
(Reading database ... 28764 files and directories currently installed.)
Unpacking nmap (from .../archives/nmap_4.53-3_i386.deb) ...
Setting up nmap (4.53-3) ...


The nmap package has been successfully installed in your system. If you enter nmap command again, you'll get a long list of help like an example below:



luzar@ubuntu:~$ nmap
Nmap 4.53 ( http://insecure.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL : Input from list of hosts/networks
-iR : Choose random targets
--exclude : Exclude hosts/networks
--excludefile : Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-PN: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-PO [protocol list]: IP Protocol Ping
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers : Specify custom DNS servers
--system-dns: Use OS's DNS resolver


That's good. The nmap is already in our system. Now, try scan your own server to see whether it really works:



luzar@ubuntu:~$ nmap -v -A 10.21.35.160
Starting Nmap 4.53 ( http://insecure.org ) at 2008-11-18 22:35 EST
Initiating Ping Scan at 22:35Scanning 192.168.1.6 [1 port]
Completed Ping Scan at 22:35, 0.03s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 22:35
Completed Parallel DNS resolution of 1 host. at 22:35, 0.00s elapsed
Initiating Connect Scan at 22:35
Scanning a3-musang.hitam.com (192.168.1.6) [1714 ports]
Discovered open port 22/tcp on 192.168.1.6
Discovered open port 443/tcp on 192.168.1.6
Discovered open port 80/tcp on 192.168.1.6
...
...
...
Service Info: OS: Windows

Read data files from: /usr/share/nmap
Service detection performed.
Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 249.926 seconds
luzar@ubuntu:~$

Ubuntu hosts.allow

Ubuntu hosts.allow file is the primary configuration file for TCP Wrapper. We can use hosts.allow file to filter access to our system and to secured a service. Setting up hosts.allow and hosts.deny files like protecting your system with a simple firewall. The complete manual for hosts.allow (and hosts.deny)file can be found in hosts_access manual. The manual contains all information you need to configure the hosts.allow file.



Here is a default Ubuntu hosts.allow file:




luzar@ubuntu:~$ cat /etc/hosts.allow
# /etc/hosts.allow: list of hosts that are allowed to access the system.
# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: LOCAL @some_netgroup
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#


Example of Ubuntu hosts.allow configurations:




Mostly Closed



ALL: LOCAL @some_netgroup
ALL: .foobar.edu EXCEPT terminalserver.foobar.edu



Booby trap


in.tftpd: LOCAL, .my.domain



That's all.

How to install tcp wrappers in Ubuntu

This is a guide on how to install tcp wrappers in Ubuntu. Tcp wrapper is a host access control in Ubuntu, or Linux in general and other Unix-based system. You can say it is a simple firewall if you want.



Tcp wrapper used tcpd daemon to run the service. The fast way to install a daemon in Ubuntu is by using software package management aptitude. Aptitude is a high-level package management developed for Debian Linux. The upgrade steps are similar to apt-get command. You can see my previous post, Ubuntu aptitude upgrade for aptitude update and upgrade command.



Here is a step by step example of how to install tcp wrappers in Ubuntu using aptitude:




luzar@ubuntu:~$ sudo aptitude install tcpd
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
The following packages have been automatically kept back:
libbind9-30 libisc32 libisccc30 libisccfg30
The following packages have been kept back:
bind9 bind9-host dnsutils linux-image-server linux-server
0 packages upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
Need to get 0B of archives. After unpacking 0B will be used.
Writing extended state information... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
luzar@ubuntu:~$


That's it.

Ubuntu aptitude upgrade

Beside apt package management, Ubuntu has another package management called aptitude. Aptitude is a high-level interface to the package manager originally from Debian. It has two interface, the visual interface and a command line interface. Here, is a guide of aptitude command line interface run in Ubuntu server command line terminal.



First run the aptitude update command to find updates from Ubuntu support server. Here is an example of aptitude update command:




luzar@ubuntu:~$ sudo aptitude update
[sudo] password for luzar:
Get:1 http://security.ubuntu.com hardy-security Release.gpg [189B]
Ign http://security.ubuntu.com hardy-security/main Translation-en_US
Ign http://security.ubuntu.com hardy-security/restricted Translation-en_US
Ign http://security.ubuntu.com hardy-security/universe Translation-en_US
Ign http://security.ubuntu.com hardy-security/multiverse Translation-en_US
Get:2 http://security.ubuntu.com hardy-security Release [58.5kB]Hit http://us.archive.ubuntu.com hardy Release.gpg.........
Fetched 960kB in 17s (56.3kB/s)Reading package lists... Done
luzar@ubuntu:~$


After finish the aptitude command, run aptitude upgrade command to install updated software. Here is an aptitude upgrade command example:




luzar@ubuntu:~$ sudo aptitude upgrade
W: The "upgrade" command is deprecated; use "safe-upgrade" instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
The following packages have been automatically kept back:
libbind9-30 libisc32 libisccc30 libisccfg30
The following packages have been kept back:
bind9 bind9-host dnsutils linux-image-server linux-server
0 packages upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
Need to get 0B of archives. After unpacking 0B will be used.
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
luzar@ubuntu:~$

Ubuntu tcp wrappers

TCP wrappers can be considered as a simple firewall for Ubuntu system. It is a host access control system and also can be used to secured a service. The tcp wrappers contains two files named hosts.allow and hosts.deny.


Here are some basic information about tcp wrappers and how to configure hosts.allow and hosts.deny files:





  • Access control pattern based on client (host name/address, user name),

  • Access control pattern based on server (process name, host name/address)

  • Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file.

  • Access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file.

  • Otherwise, access will be granted.




Here is the format:


daemon_list : client_list [ : shell command]




  • daemon_list is a list of one or more daemon process names (argv[0] values) or server port numbers or wildcards.

  • client_list is a list of one or more host names, host addresses, patterns or wildcards that will be matched against the client host name or address.

  • shell command is optional

  • List elements should be separated by blanks and/or commas.



Wildcards


Here are lists of wildcards support by tcp wrappers:



ALL The universal wildcard, always matches.
LOCAL Matches any host whose name does not contain a dot character.
UNKNOWN Matches any user whose name is unknown, and matches any host whose name
or address are unknown.
KNOWN Matches any user whose name is known, and matches any host whose name
and address are known.
PARANOID Matches any host whose name does not match its address.


Shell commands


Shell command should be perform background otherwise you have to wait until the command finished.




Shell commands should not rely on the PATH setting of the inetd.
Instead, they should use absolute path names, or they should begin with
an explicit PATH=whatever statement.


SERVER ENDPOINT PATTERNS


In order to distinguish clients by the network address that they connect to, use patterns of the form:



process_name@host_pattern : client_list ...



Patterns like these can be used when the machine has different internet addresses with different internet hostnames.



CLIENT USERNAME LOOKUP


Client username information, when available, is logged together with the client host name, and can be used to match patterns like:



daemon_list : ... user_pattern@host_pattern ...



The daemon wrappers can be configured at compile time to perform rule-driven username lookups (default) or to always interrogate the client host. In the case of rule-driven username lookups, the above rule would cause username lookup only when both the daemon_list and the host_pattern match.



Selective username lookups can alleviate the last problem. For example, a rule like:



daemon_list : @pcnetgroup ALL@ALL



would match members of the pc netgroup without doing username lookups, but would perform username lookups with all other systems.



DETECTING ADDRESS SPOOFING ATTACKS


The IDENT (RFC931 etc.)service can be used to detect such and other host address spoofing attacks.



Before accepting a client request, the wrappers can use the IDENT service to find out that the client did not send the request at all. When the client host provides IDENT service, a negative IDENT lookup result (the client matches UNKNOWN@host) is strong evidence of a host spoofing attack.

Ubuntu hosts file

The Ubuntu hosts file is a static table lookup for host names. As the name suggests, it contains host names and ip addresses. By default, Ubuntu creates hosts file in /etc directory with localhost name and loop back ip address in its content.


Below is an example of a hosts file with modified content. A default hosts file only contains the first line ip address 127.0.0.1 which resolves the localhost.




127.0.0.1       localhost
192.168.1.3     ubuntu.musang.com       ubuntu
# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

If you setup your Ubuntu system as a local network server, then you need to store other server or hosts in /etc/hosts file. Here is a format of hosts file from host manual page:



This manual page describes the format of the /etc/hosts file.  This file is a
simple text file that associates IP addresses with hostnames, one line per IP
address. For each host a single line should be present with the following information:
IP_address canonical_hostname [aliases...]

Fields of the entry are separated by any number of blanks and/or tab characters.
Text  from a "#" character until the end of the line is a comment, and is ignored.
Host names may contain only alphanumeric characters, minus signs ("-"), and
periods  (".").  They must begin with an alphabetic character and end with an
alphanumeric character. Optional aliases provide for name changes, alternate
spellings, shorter hostnames, or generic hostnames (for example, localhost).

Ubuntu ifconfig eth0

This is guide on how to use ifconfig to manage the first Ethernet card called eth0 in Ubuntu server. Ifconfig is used to configure the kernel-resident network interfaces. You can see my previous post on how to setup Ubuntu ifconfig static ip for more information.

The ethernet card is called eth in Ubuntu. Eth0 is Ethernet card 1, Eth1 is Ethernet card 2, Eth2 is Ethernet card 3, and so on.

In this article, I am going to show how I normally use ifconfig command to manage eth0 with ifconfig command.

Example 1 - Use ifconfig to bring up ethernet card:

luzar@ubuntu:~$ sudo ifconfig eth0 192.168.1.5 up 

The example above shows how to bring up the first ethernet card, eth0.

Example 2 - Use ifconfig to bring down ethernet card:

luzar@ubuntu:~$ sudo ifconfig eth0 192.168.1.5 down 

The example above shows how to bring down the first ethernet card, eth0.

Ubuntu ifconfig static ip

Setup Ubuntu static ip address with ifconfig command. Here is a part of ifconfig information from the manual page:


NAME
ifconfig - configure a network interface
SYNOPSIS
ifconfig [-v] [-a] [-s] [interface]
ifconfig [-v] interface [aftype] options | address ...
DESCRIPTION
Ifconfig is used to configure the kernel-resident network interfaces.
It is used at boot time to set up interfaces as necessary. After that,it
is usually only needed when debugging or when system tuning is
needed.

The ifconfig command is used to manipulate ip address in Ubuntu. We can setup a new ip address for a network card or change ip address and netmask of existing card. From the synopsis above, we can simply use ifconfig command format as:


ifconfig (interface) (ip address)

Here are some ifconfig command examples for you:


Example 01 - Using ifconfig command with no option.






luzar@ubuntu:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:d2:1d:9b
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed2:1d9b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58 errors:0 dropped:0 overruns:0 frame:0
TX packets:65 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6339 (6.1 KB)
TX bytes:8656 (8.4 KB)
Interrupt:16 Base address:0x2000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B)
TX bytes:0 (0.0 B)
luzar@ubuntu:~$


Example 02 - Using ifconfig command to setup ip address for a second Ethernet card in Ubuntu system.



luzar@ubuntu:~$ ifconfig eth1 192.168.44.128 netmask 255.255.255.0
broadcast 192.168.44.255 up


The ifconfig command above should be in one line.


Example 03 - Using ifconfig command to change ip address for existing Ethernet card in Ubuntu system.



luzar@ubuntu:~$ ifconfig eth0 192.168.1.3




luzar@ubuntu:~$ ifconfig eth0 netmask 255.255.255.0 




Restart network service:



Ubuntu ssh keys

Ubuntu ssh key is referred to the RSA key fingerprint released by ssh server for a client. It's also known as a host key used to identify a client identity.

When a client first time request for ssh, the server will send its public key. If the client trust the server and accepted the public key, it will stored in the server as an identity of that client.

Here is an example of first time ssh login attempt by a client:

aura@ubuntu:~$ ssh -l luzar 192.168.1.3
The authenticity of host '192.168.1.3 (192.168.1.3)' can't be established.
RSA key fingerprint is 8f:8f:a9:8a:47:58:3c:a8:2c:ce:6f:1d:45:dc:86:c9.
Are you sure you want to continue connecting (yes/no)?


If a client reject the public key, ssh will be terminated:



Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
aura@ubuntu:~$


So user need to accept the ssh server public key to connect into the server. When the user accepted the public key, it'll be stored in the user's home directory, in a hidden file named .ssh/known_hosts. The next time the same user ask to connect using ssh, the server will look for the user .ssh/known_hosts file and compare the fingerprint. Here is an example of user ssh private key stored in the .ssh/known_hosts file:



Ubuntu show installed packages tips

There are many methods used to show installed packages in Ubuntu server. However, you just need two methods to of showing installed packages. The first method is to print installed packages on the screen using the software package management utility, dpkg.



Here are some examples of Ubuntu show installed packages using dpkg command:



dpkg example 1 - List all installed pakages:




luzar@ubuntu:~$ dpkg -l | less


Below is the result of the above command. You can view next screen by pressing spacebar key or scroll down by line using arrow key.




Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-================================================================-==============
ii adduser 3.105ubuntu1 add and remove users and groups
ii apache2 2.2.8-1ubuntu0.3 Next generation, scalable, extendable web se
ii apache2-mpm-prefork 2.2.8-1ubuntu0.3 Traditional model for Apache HTTPD
ii apache2-utils 2.2.8-1ubuntu0.3 utility programs for webservers
ii apache2.2-common 2.2.8-1ubuntu0.3 Next generation, scalable, extendable web se
ii apparmor 2.1+1075-0ubuntu9.1 User-space parser utility for AppArmor
ii apparmor-utils 2.1+1075-0ubuntu9.1 Utilities for controlling AppArmor
ii apt 0.7.9ubuntu17.1 Advanced front-end for dpkg
ii apt-utils 0.7.9ubuntu17.1 APT utility programs
ii aptitude 0.4.9-2ubuntu5 terminal-based package manager
ii at 3.1.10ubuntu4 Delayed job execution and batch processing
ii base-files 4.0.1ubuntu5.8.04.2 Debian base system miscellaneous files
ii base-passwd 3.5.16 Debian base system master password and group
ii bash 3.2-0ubuntu18 The GNU Bourne Again SHell
ii bash-completion 20060301-3ubuntu3 programmable completion for the bash shell
ii belocs-locales-bin 2.4-2.2ubuntu7 tools for compiling locale data files
ii bind9 1:9.4.2-10 Internet Domain Name Server
ii bind9-doc 1:9.4.2.dfsg.P2-2 Documentation for BIND
ii bind9-host 1:9.4.2-10 Version of 'host' bundled with BIND 9.X
ii bsdmainutils 6.1.10ubuntu2 collection of more utilities from FreeBSD
ii bsdutils 1:2.13.1-5ubuntu2 Basic utilities from 4.4BSD-Lite
ii busybox-initramfs 1:1.1.3-5ubuntu12 Standalone shell setup for initramfs
:


dpkg example 2 - List installed pakages by name:




luzar@ubuntu:~$ dpkg -l | grep apache
ii apache2 2.2.8-1ubuntu0.3 Next generation, scalable, extendable web server
ii apache2-mpm-prefork 2.2.8-1ubuntu0.3 Traditional model for Apache HTTPD
ii apache2-utils 2.2.8-1ubuntu0.3 utility programs for webservers
ii apache2.2-common 2.2.8-1ubuntu0.3 Next generation, scalable, extendable web server
ii libapache2-mod-php5 5.2.4-2ubuntu5.3 server-side, HTML-embedded scripting language
luzar@ubuntu:~$


The other method is to search installed packages using aptitude package management utility. The aptitude can search for keywords contain in software package description. This is pretty helpful in a situation where you can't remember the exact package name.



Here is an example of aptitude command using search option:




luzar@ubuntu:~$ aptitude search \apache
i apache2 - Next generation, scalable, extendable web server
v apache2-dev -
p apache2-doc - documentation for apache2
v apache2-mpm -
p apache2-mpm-event - Event driven model for Apache HTTPD
p apache2-mpm-itk - multiuser MPM for Apache 2.2
p apache2-mpm-perchild - Transitional package - please remove
i apache2-mpm-prefork - Traditional model for Apache HTTPD
p apache2-mpm-worker - High speed threaded model for Apache HTTPD
p apache2-prefork-dev - development headers for apache2
p apache2-src - Apache source code
p apache2-threaded-dev - development headers for apache2
i apache2-utils - utility programs for webservers
i apache2.2-common - Next generation, scalable, extendable web server
p apachetop - Realtime Apache monitoring tool


The aptitude search command is going to print a long list of results. It's best if you use aptitude search pipe less option so you scroll by page or by line.




luzar@ubuntu:~$ aptitude search \apache | less


The aptitude show option can be used to show information about a package:




luzar@ubuntu:~$ aptitude show apache2-src
Package: apache2-src
State: not installed
Version: 2.2.8-1ubuntu0.3
Priority: extra
Section: devel
Maintainer: Ubuntu Core Developers
Uncompressed Size: 6349k
Description: Apache source code
This package includes the complete and patched source code for the Apache HTTPD.
It is useful for other packages to build-depend on in order to build
custom MPMs.
Homepage: http://httpd.apache.org/

Ubuntu route del command guide

Ubuntu route del command is used to delete a route from Ubuntu routing table. Here is a route del step by step guide:


First, print current routing table with route command to check which route to be removed.


luzar@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.44.0 * 255.255.255.0 U 0 0 0 eth0
10.21.35.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.44.2 0.0.0.0 UG 100 0 0 eth0
luzar@ubuntu:~$

Next, let's delete the network route in blue. Below is an example of Ubuntu route del command used to remove a route from network:



luzar@ubuntu:~$ sudo route del -net 10.21.35.0 netmask 255.255.255.0
dev eth0

luzar@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default mygateway1.ar7 0.0.0.0 UG 100 0 0 eth0luzar@ubuntu:~$

Ubuntu route add default gw

Ubuntu route add command guide on how to create a default gateway:

root@ubuntu:~# route add default gw 10.21.35.161
root@ubuntu:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.44.0 * 255.255.255.0 U 0 0 0 eth0
10.21.35.0 * 255.255.255.0 U 0 0 0 eth0
default domain.stats.go 0.0.0.0 UG 0 0 0 eth0
default 192.168.44.2 0.0.0.0 UG 100 0 0 eth0
root@ubuntu:~#


You must add the new route before creating the default gateway.

Ubuntu openssh package installation

Ubuntu openssh package has 2 versions, the openssh-server and openssh-client. The openssh-server contains ssh, scp and sftp services. The ssh is a secure shell service. The scp is a secure copy service and the sftp is a secure ftp client service. These three services will be available when you install the openssh package. They are controlled by one daemon which is called sshd server.

Here is an example of Ubuntu openssh-server package installation using apt-get:


luzar@ubuntu:~$ sudo apt-get install openssh-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
openssh-server is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
luzar@ubuntu:~$


The example above shows that openssh-server already installed in my system. That's what the apt-get install do. It'll read the package state in the system, check whether it has been installed and update, and then compare it with the latest version available in Ubuntu support.

The openssh-client contains rlogin, rsh, and rcp services. The rlogin is a remote login service. The rsh is a remote shell service and the rcp is a remote copy service.

Here is an example of Ubuntu openssh-client package installation using apt-get:


luzar@ubuntu:~$ sudo apt-get install openssh-client
Reading package lists... Done
Building dependency tree
Reading state information... Done
openssh-client is already the newest version.
openssh-client set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
luzar@ubuntu:~$

Ubuntu update command line

Here is a guide for Ubuntu update in command line. There are two two commands you need to run. The first command is sudo apt-get update command to scan for available packages to update from Ubuntu support. If the update found a security patch or software packages update, then you need to run the next command which is sudo apt-get upgrade to install the updates. You must have Internet connection to run the command.

Here are example of Ubuntu update in command line:




luzar@ubuntu:~$ sudo apt-get update
Hit http://us.archive.ubuntu.com hardy Release.gpg
Get:1 http://security.ubuntu.com hardy-security Release.
gpg [189B]Ign http://security.ubuntu.com hardy-security/main Translation-en_US
Ign http://security.ubuntu.com hardy-security/restricted Translation-en_US
Ign http://security.ubuntu.com hardy-security/universe Translation-en_US
Ign http://security.ubuntu.com hardy-security/multiverse Translation-en_US
Get:2 http://security.ubuntu.com hardy-security Release [58.5kB]
Get:3 http://security.ubuntu.com hardy-security/main Packages [67.9kB]
Ign http://us.archive.ubuntu.com hardy/main Translation-en_US
Get:4 http://security.ubuntu.com hardy-security/restricted Packages [7159B]
Ign http://us.archive.ubuntu.com hardy/restricted Translation-en_US
Get:5 http://security.ubuntu.com hardy-security/main Sources [15.2kB]
Ign http://us.archive.ubuntu.com hardy/universe Translation-en_US
Get:6 http://security.ubuntu.com hardy-security/restricted Sources [1092B]
Ign http://us.archive.ubuntu.com hardy/multiverse Translation-en_US
Get:7 http://security.ubuntu.com hardy-security/universe Packages [41.2kB]
Get:8 http://us.archive.ubuntu.com hardy-updates Release.gpg [189B]
Get:9 http://security.ubuntu.com hardy-security/universe Sources [7068B]
Ign http://us.archive.ubuntu.com hardy-updates/main Translation-en_US
Ign http://us.archive.ubuntu.com hardy-updates/restricted Translation-en_US
Ign http://us.archive.ubuntu.com hardy-updates/universe Translation-en_US
Ign http://us.archive.ubuntu.com hardy-updates/multiverse Translation-en_US
Hit http://us.archive.ubuntu.com hardy Release
Get:10 http://us.archive.ubuntu.com hardy-updates Release [58.5kB]
Get:11 http://security.ubuntu.com hardy-security/multiverse Packages [8637B]
Get:12 http://security.ubuntu.com hardy-security/multiverse Sources [14B]
Hit http://us.archive.ubuntu.com hardy/main Packages
Hit http://us.archive.ubuntu.com hardy/restricted Packages
Hit http://us.archive.ubuntu.com hardy/main Sources
Hit http://us.archive.ubuntu.com hardy/restricted Sources
Hit http://us.archive.ubuntu.com hardy/universe Packages
Hit http://us.archive.ubuntu.com hardy/universe Sources
Hit http://us.archive.ubuntu.com hardy/multiverse Packages
Hit http://us.archive.ubuntu.com hardy/multiverse Sources
Get:13 http://us.archive.ubuntu.com hardy-updates/main Packages [378kB]Get:14 http://us.archive.ubuntu.com hardy-updates/restricted Packages [7103B]Get:15 http://us.archive.ubuntu.com hardy-updates/main Sources [98.7kB]Get:16 http://us.archive.ubuntu.com hardy-updates/restricted Sources [1092B]Get:17 http://us.archive.ubuntu.com hardy-updates/universe Packages [141kB]Get:18 http://us.archive.ubuntu.com hardy-updates/universe Sources [32.6kB]Get:19 http://us.archive.ubuntu.com hardy-updates/multiverse Packages [23.8kB]Get:20 http://us.archive.ubuntu.com hardy-updates/multiverse Sources [4020B]
Fetched 953kB in 34s (27.9kB/s)Reading package lists... Done
luzar@ubuntu:~$


Running the apt-get upgrade command:


luzar@ubuntu:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
bind9 bind9-host dnsutils libbind9-30 libisc32 libisccc30 libisccfg30
linux-image-server linux-server
The following packages will be upgraded:
apt apt-utils bind9-doc cpp-4.2 eject gcc-4.2-base initramfs-tools
iproute libapache2-mod-php5 libc6 libc6-i686 libdbus-1-3 libgcc1
libldap-2.4-2 liblwres30 libpcre3 libstdc++6 libxml2
linux-image-2.6.24-19-server pciutils php5-common php5-mysql
postfix procps python2.5 python2.5-minimal sudo tzdata ufw
update-manager-core xkb-data
31 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
Need to get 40.7MB of archives.After this operation, 24.6kB of additional disk space will be used.Do you want to continue [Y/n]? Y
Get:1 http://us.archive.ubuntu.com hardy-updates/main
gcc-4.2-base 4.2.4-1ubuntu3 [100kB]
Get:2 http://us.archive.ubuntu.com hardy-updates/main libgcc1 1:4.2.4-1ubuntu3 [23.3kB]
Get:3 http://us.archive.ubuntu.com hardy-updates/main cpp-4.2 4.2.4-1ubuntu3 [2486kB]
Get:4 http://us.archive.ubuntu.com hardy-updates/main libstdc++6 4.2.4-1ubuntu3 [332kB]
Get:5 http://us.archive.ubuntu.com hardy-updates/main libc6 2.7-10ubuntu4 [4307kB]12% [5 libc6 2299022/4307kB 53%] 201kB/s 2min56

Ubuntu terminal not responding tips

Have you ever seen this problem when using Ubuntu terminal? You run a command, then it just hang there, not responding. You press Enter, Esc, Ctrl+c, Ctrl+z, type anything but it won't respond. Well, I always have because I work in terminal a lot.

Don't worry. You do remember that Linux is multiuser and multitasking operating system, do you? So, we don't have to restart our Ubuntu system. Here is what I do:

1) Open other terminal and run ps command. Use grep command to grab the not responding terminal. We need the PID (process id) of the hanged command.


luzar@ubuntu:~$ ps aux | grep tty1
root 4356 0.0 0.2 2568 1212 tty1 Ss 13:04 0:00 /bin/login --
root 4362 0.0 0.3 4144 1808 tty1 S+ 13:05 0:00 -bashluzar
4619 0.0 0.1 3004 756 pts/0 R+ 14:05 0:00 grep tty1


2) Use the kill command to terminate the not responding process.


luzar@ubuntu:~$ sudo kill 4362
[sudo] password for luzar:
luzar@ubuntu:~$ ps aux | grep tty1
root 4624 0.0 0.1 1716 516 tty1 Ss+ 14:05 0:00 /sbin/getty 38400 tty1
luzar 4626 0.0 0.1 3004 756 pts/0 R+ 14:05 0:00 grep tty1


3) If it's still there, you can force terminate with kill -9 option or just kill the login terminal.


luzar@ubuntu:~$ sudo kill -9 4628
luzar@ubuntu:~$ ps aux | grep tty1
root 4632 0.0 0.0 1716 512 tty1 Ss+ 14:06 0:00 /sbin/getty 38400 tty1
luzar 4634 0.0 0.1 3004 752 pts/0 R+ 14:06 0:00 grep tty1


Here is what happened in the not responding terminal when we were using the kill command:

Ubuntu search files using locate command

Ubuntu locate files tutorial is a guide on how to use locate command to find files in the system.


This is a part of locate manual page:



NAME
locate - find files by name
SYNOPSIS
locate [OPTION]... PATTERN...DESCRIPTION

locate reads one or more databases prepared by updatedb(8) and writes filenames
matching at least one of the PATTERNs to standard output, one per line.


Here is an example of how to use locate command to find file in Ubuntu system:




luzar@ubuntu:~$ sudo locate mkdir
[sudo] password for luzar:
locate: can not open `/var/lib/mlocate/mlocate.db': No such file or directory
luzar@ubuntu:~$


Oppss...what's wrong? Well, that's a usual warning we'll get on the first time we use locate command. So we need to update mlocate database first. Use command updatedb to update mlocate.db like an example below:




luzar@ubuntu:~$ sudo updatedb


It'll take some times for updatedb command to finished update mlocate database. When it finished, try the locate command again.




luzar@ubuntu:~$ sudo locate mkdir

/bin/mkdir
/usr/lib/klibc/bin/mkdir
/usr/lib/perl/5.8.8/auto/POSIX/mkdir.al
/usr/share/man/man1/mkdir.1.gz
luzar@ubuntu:~$


The command success this time. So what locate without any option does, it prints all matching mkdir it can find in the mlocate database. However, since locate command search files in the database, it can't tell if the files still exist. It also can't find new files that haven't been update into the database.



Ubuntu locate files using -c option example:



luzar@ubuntu:~$ locate -c mkdir
4
luzar@ubuntu:~$ locate -c adduser
43
luzar@ubuntu:~$

The locate -c option prints result numbers instead of file names. The result numbers are the matching pattern locate has counted. Below is another example of locate -c but this time we use it with --basename option.



luzar@ubuntu:~$ locate --basename -c adduser
29


Now with another option:



luzar@ubuntu:~$ locate --wholename -c adduser
43

See the result different? The --basename match only the base name against the specified patterns. While the --wholename does the opposite.



Ubuntu locate files using -i option example:



luzar@ubuntu:~$ locate -i \file.txt
/home/luzar/File.txt
/home/luzar/New_File.txt
/usr/share/doc/dovecot-common/wiki/AuthDatabase.PasswdFile.txt
luzar@ubuntu:~$


The locate -i option will find matching pattern ignoring case distinctions. Note that I used Linux glob character \ to find the matching characters.



That's it for now. Below is my final notes of locate command for you:



luzar@ubuntu:~$ ls -l
total 32-rw-r--r-- 1 luzar luzar 0 2008-10-21 22:16 File.txt
drwxr-xr-x 3 luzar luzar 4096 2008-10-23 05:00 folder
-rw-r--r-- 1 luzar luzar 268 2008-10-23 05:43 interfaces.bac
luzar@ubuntu:~$ mv interfaces.bac Interfaces.txt


I changed the file interfaces.bac to Interfaces.txt. There's no more interfaces.bac in the folder. Now, let's check with locate command to find the file.



luzar@ubuntu:~$ locate -i \interfaces
/etc/network/interfaces
/home/luzar/interfaces.bac
/usr/lib/ppr/interfaces
/usr/lib/ppr/interfaces/foomatic-rip
/usr/lib/ppr/interfaces/ppromatic


See that the interfaces.bac still in the database? Where is interfaces.txt?




luzar@ubuntu:~$ locate -i \interfaces.txt
luzar@ubuntu:~$


No Interfaces.txt file. Why? I forgot to update mlocate database. Now, again:




luzar@ubuntu:~$ sudo updatedb
[sudo] password for luzar:
luzar@ubuntu:~$ locate -i interfaces
/etc/network/interfaces
/home/luzar/Interfaces.txt
/usr/lib/ppr/interfaces
/usr/lib/ppr/interfaces/foomatic-rip
/usr/lib/ppr/interfaces/ppromatic
luzar@ubuntu:~$


There it is. My final tip, update the mlocate database frequently.

Ubuntu ssh connection refused

Ubuntu ssh connection refused can be caused by several factors. This is a guide for Ubuntu ssh connection refused troubleshooting.

1) Check whether ssh is installed in your system using dpkg tool.


luzar@ubuntu:~$ dpkg -l | grep ssh
ii openssh-blacklist 0.1-1ubuntu0.8.04.1 list of blacklisted OpenSSH RSA and DSA keys
ii openssh-client 1:4.7p1-8ubuntu1.2 secure shell client, an rlogin/rsh/rcp repla
ii openssh-server 1:4.7p1-8ubuntu1.2 secure shell server, an rshd replacement
luzar@ubuntu:~$


2) Check ssh daemon is running in your server with ps command.


luzar@ubuntu:~$ ps aux | grep sshd
root 4191 0.0 0.1 5316 1016 ? Ss Nov05 0:00 /usr/sbin/sshd
root 4608 0.0 0.7 11356 3728 ? Ss Nov05 0:00 sshd: luzar [priv]
luzar 4610 0.0 0.3 11512 2036 ? S Nov05 0:02 sshd: luzar@pts/0
luzar 14146 0.0 0.1 3008 776 pts/0 S+ 04:14 0:00 grep sshd
luzar@ubuntu:~$


3) Make sure firewall is not blocking ssh. This is a default Ubuntu iptables with no rules configured.


luzar@ubuntu:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)target prot opt source destination
Chain FORWARD (policy ACCEPT)target prot opt source destination
Chain OUTPUT (policy ACCEPT)target prot opt source destination
luzar@ubuntu:~$


4) Use netstat command to check that ssh is listening on port 22.


luzar@ubuntu:~$ sudo netstat -nap | grep :22
[sudo] password for luzar:
tcp6 0 0 :::22 :::* LISTEN 4191/sshd
tcp6 0 52 192.168.44.128:22 192.168.44.1:1219 ESTABLISHED 4608/sshd:luzar [p
luzar@ubuntu:~$

Ubuntu server mount usb drive

Ubuntu server automatically detect usb drive when you plug it in the usb port. Here is an example of how Ubuntu detected my usb drive or thumb drive when I plugged it:



Ubuntu automatically assign the usb drive as sdb. If your Ubuntu doesn't detect the usb drive, pull it out and try connect it again.

Before mount the usb drive, normally I would create a new directory called usb in /mnt to be a destination place for the mounted usb drive.

luzar@ubuntu:~$ sudo mkdir /mnt/usb

You can mount it in /mnt if you want, it doesn't matter. I created a special directory for usb drive because sometimes I need to mount several file systems and devices, so I need a mount point for each of them.

The mount syntax is mount device destination. Don't forget the sudo command. Here is an example of Ubuntu server mount usb drive:

luzar@ubuntu:~$ sudo mount /dev/sdb1 /mnt/usb/
luzar@ubuntu:~$ ls /mnt/usb/
logo.png usbthumbdrive.bmp
luzar@ubuntu:~$

That's it.

Ubuntu mysql reset root password

Perhaps you provided the wrong password? Don't worry, you can reset Ubuntu mysql root password, here's how to do it:

If mysql is running, then you have to stop it first. If you not sure, we can check Ubuntu running services with ps command to check mysql service is there or not.


luzar@ubuntu:~$ ps aux | grep mysqld
root 4078 0.0 0.1 1772 524 ? S 05:19 0:00 /bin/sh /usr/bin/mysqld_safe
mysql 4120 0.0 3.1 127088 16312 ? Sl 05:19 0:02 /usr/sbin/mysqld --basedir
root 4122 0.0 0.1 1700 556 ? S 05:19 0:00 logger -p daemon.err -t
luzar 4885 0.0 0.1 3004 752 pts/0 R+ 09:50 0:00 grep mysqld


If you see mysql service like in the example above, then you need to stop it. All you need from the ps command above is the process id. Look closely at mysql service, and write down that number. Then you can issue the command below:


luzar@ubuntu:~$ sudo kill 4120
luzar@ubuntu:~$ ps aux | grep mysqld
luzar 4891 0.0 0.1 3004 752 pts/0 R+ 09:50 0:00 grep mysqld
luzar@ubuntu:~$


We can use the same ps command as before to check that mysql really died. So there is no more mysql service.

There are two ways to reset mysql root password. The first way is by putting a script of mysql command to reset root password in a file. Then run mysqld_safe command with the file.

The second way is by running mysql directly from the shell.

Here is a step by step example of resetting mysql root password with a file:

1) Create a text file in your home directory named mysql-passwd with the content below:


UPDATE mysql.user SET Password=PASSWORD('Password') WHERE User='root';
FLUSH PRIVILEGES;


2) Now you can start mysql with the mysql password file to reset Ubuntu mysql root password. Follow the syntax below but change the password name to yours.


luzar@ubuntu:~$ mysqld_safe --init-file=/home/me/mysql-passwd &


3)After the mysql server successfully started, delete the root password file you in your home directory.

4)You can now login mysql using your new password.