Archive for February, 2010

VMware – Separate location for Snapshot

Posted: February 19, 2010 in VMware

All snapshots are created in the default virtual machine directory.
Even if the vmdk disk file is located on different datastore than the
virtual machine,
the delta files are created in the default virtual machine directory.

This article provides instructions to change the default location.

Changing the location of where the delta files are created is helpful
if you need to:

* Create a snapshot but do not have enough space on the VMFS volume
* Power on a virtual machine but there is not enough space to create a
swap file on the VMFS volume
To change the default location:

1. Power off the virtual machine.
2. Add the following line to the VMX configuration file for the virtual machine:
workingDir=""
For example:
workingDir="/vmfs/volumes/46f1225f-552b0069-e03b-00145e808070/vm-snapshots"
3. To reload virtual machine configuration, run the command:
# vimsh -ne "vmsvc/reload " (To Get ID Type vmware-cmd vmx file getid)
When you power on the virtual machine, snapshot files and VSWP files are
created in the new location.

Note: If you do not want to redirect the virtual machine’s swap file, add the
following line to the VMX configuration file, then reload the configuration:
sched.swap.dir=""

When you power on the virtual machine, the swap file is created in the
same directory as virtual machine.

Redhat – E-mail Alert on Root SSH Login

Posted: February 19, 2010 in Redhat

Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We recommend that you use an email address not hosted on the server your sending the alert from.

So lets get started!

1. Login to your server and su to root, I know the irony!

2. cd /root

3. pico .bashrc

4. Scroll to the end of the file then add the following:
echo ‘ALERT – Root Shell Access (YourserverName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d'(‘ -f2 | cut -d’)’ -f1`” you@yourdomain.com

Replace YourServerName with the handle for your actual server
Replace you@yourdomain.com with your actual email address

5. Crtl + X then Y

Now logout of SSH, close the connection and log back in! You should receive an email address of the root login alert a few minutes afterwards.

Note: This is a great tool for servers that have multiple admins or if you give someone SSH access for whatever reason, although you should give out the root password to as few people as humanly possible and be sure to change it often.

This will not magically alert you when a hacker runs the latest kernel exploit on your server and logs into SSH because they will create their own SSH/telnet connection. You should keep your system up to date, install a firewall and follow the latest security releases.


Redhat – SSH without password

Posted: February 19, 2010 in Redhat

SSH login without password
Your aim

You want to use Linux and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don’t want to enter any passwords, because you want to call ssh from a within a shell script.
How to do it

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:

a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory ‘/home/a/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):

a@A:~> ssh b@B mkdir -p .ssh
b@B’s password:

Finally append a’s new public key to b@B:.ssh/authorized_keys and enter b’s password one last time:

a@A:~> cat .ssh/id_rsa.pub | ssh b@B ‘cat >> .ssh/authorized_keys’
b@B’s password:

From now on you can log into B as b from A as a without password:

a@A:~> ssh b@B hostname
B


This Article will allow to automatic root login to GDM Desktop.
This is a big security issue and dont try this unless you really need it.

1) The main Tool I have used is gdmsetup.
2) Create an username ie mohammada
3) edit the password file and make the following change :
mohammada:x:0:0::/home/mohammada:/bin/bash [after x: made it 0:0]
4) Check the ownership of /home/mohammada folder .
5) it should be ownership with mohammada
6) type gdmsetup in GUI console and it will come up with a Graphical Screen.
* Go to Users TAB and check Include all user from /etc/passwd file
* Click on Security TAB and check Enable auto login and select user mohammada from dropdown box.
* close and you are done
7) reboot the pc and see it can go straight to GDM desktop without password .

Agin be careful using that as it allows root to login without password.