Download YouTube Videos on Linux
-
Download Software
# yum install youtube-dl
-
Download YouTube Videos
# youtube-dl http://www.youtube.com/watch?vxxxxxxx
Pidgin + The certificate for omega.contacts.msn.com could not be validated
If in pidgin you get a error
The certificate for omega.contacts.msn.com could not be validated. The certificate chain presented is invalid
On connection with msn…..
My guess is the old certificate in pidgins folder is outdated
This is what I did to fix it
cd $HOME/.purple/certificates/x509/tls_peers
rm omega.contacts.msn.com ows.messenger.msn.com rsi.hotmail.com
wget http://files.andreineculau.com/projects/pidgin/omega.contacts.msn.com.txt
mv omega.contacts.msn.com.txt omega.contacts.msn.com
Restart Pidgin and you should be good to go
NOTE: Can be fixed by deleting certificate from Pidgin menu Tools/Certificate.
ELSE
Also found this method while browsing
Solution
a. open https://omega.contacts.msn.com/
b. On the URL bar, click on the security lock (usually just in front of the URL). Click on the certificate information.
c. Go to the Detail tab and click the “Export” button. Save the file as “omega.contacts.msn.com” (without the quotes).
d. Copy and paste this file to $HOME/.purple/certificates/x509/tls_peers
Tata Phonone / Reliance Netconnect (wvdial)
Getting the required software
# yum install wvdial usb_modeswitch usb_modeswitch-data
Stopping network
# /etc/init.d/network stop
Plug in modem in usb outlet and check output
# tail -f /var/log/messages
kernel: usb 2-1.1: new full speed USB device using ehci_hcd and address 4
kernel: usb 2-1.1: New USB device found, idVendor=19d2, idProduct=fff5
kernel: usb 2-1.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
kernel: usb 2-1.1: Product: USB Storage
kernel: usb 2-1.1: Manufacturer: ZTE, Incorporated
kernel: usb 2-1.1: SerialNumber: 000000000002
kernel: Initializing USB Mass Storage driver…
kernel: scsi6 : usb-storage 2-1.1:1.0
kernel: usbcore: registered new interface driver usb-storage
kernel: USB Mass Storage support registered.
usb_modeswitch: switching 19d2:fff5 (ZTE, Incorporated: USB Storage)
kernel: usb 2-1.1: USB disconnect, address 4
kernel: usb 2-1.1: new full speed USB device using ehci_hcd and address 5
kernel: usb 2-1.1: New USB device found, idVendor=19d2, idProduct=fff1
kernel: usb 2-1.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
kernel: usb 2-1.1: Product: ZTE CDMA Tech
kernel: usb 2-1.1: Manufacturer: ZTE, Incorporated
kernel: scsi7 : usb-storage 2-1.1:1.5
kernel: usbcore: registered new interface driver usbserial
kernel: USB Serial support registered for generic
kernel: usbcore: registered new interface driver usbserial_generic
kernel: usbserial: USB Serial Driver core
kernel: USB Serial support registered for GSM modem (1-port)
kernel: option 2-1.1:1.0: GSM modem (1-port) converter detected
kernel: usb 2-1.1: GSM modem (1-port) converter now attached to ttyUSB0
kernel: option 2-1.1:1.1: GSM modem (1-port) converter detected
kernel: usb 2-1.1: GSM modem (1-port) converter now attached to ttyUSB1
kernel: option 2-1.1:1.2: GSM modem (1-port) converter detected
kernel: usb 2-1.1: GSM modem (1-port) converter now attached to ttyUSB2
kernel: option 2-1.1:1.3: GSM modem (1-port) converter detected
kernel: usb 2-1.1: GSM modem (1-port) converter now attached to ttyUSB3
kernel: option 2-1.1:1.4: GSM modem (1-port) converter detected
kernel: usb 2-1.1: GSM modem (1-port) converter now attached to ttyUSB4
kernel: usbcore: registered new interface driver option
kernel: option: v0.7.2:USB Driver for GSM modems
modem-manager: (ttyUSB1) opening serial device…
modem-manager: (ttyUSB0) opening serial device…
modem-manager: (ttyUSB4) opening serial device…
modem-manager: (ttyUSB2) opening serial device…
modem-manager: (ttyUSB3) opening serial device…
usb_modeswitch: switched to 19d2:fff1 (ZTE, Incorporated: ZTE CDMA Tech)
pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found
pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found
pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found
pcscd: winscard.c:309:SCardConnect() Reader E-Gate 0 0 Not Found
kernel: scsi 7:0:0:0: Direct-Access ZTE USB Storage FFF1 2.31 PQ: 0 ANSI: 2
kernel: sd 7:0:0:0: Attached scsi generic sg2 type 0
kernel: sd 7:0:0:0: [sdb] Attached SCSI removable disk
# wvdialconf
Editing `/etc/wvdial.conf’.
Scanning your serial ports for a modem.
Modem Port Scan: S0 S1 S2 S3
WvModem: Cannot get information for serial port.
ttyUSB0: ATQ0 V1 E1 — OK
ttyUSB0: ATQ0 V1 E1 Z — OK
ttyUSB0: ATQ0 V1 E1 S0=0 — OK
ttyUSB0: ATQ0 V1 E1 S0=0 &C1 — OK
ttyUSB0: ATQ0 V1 E1 S0=0 &C1 &D2 — OK
ttyUSB0: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 — OK
ttyUSB0: Modem Identifier: ATI — Manufacturer: QUALCOMM INCORPORATED
ttyUSB0: Speed 9600: AT — OK
ttyUSB0: Max speed is 9600; that should be safe.
ttyUSB0: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 — OK
WvModem: Cannot get information for serial port.
ttyUSB1: ATQ0 V1 E1 — failed with 2400 baud, next try: 9600 baud
ttyUSB1: ATQ0 V1 E1 — failed with 9600 baud, next try: 9600 baud
ttyUSB1: ATQ0 V1 E1 — and failed too at 115200, giving up.
WvModem: Cannot get information for serial port.
ttyUSB2: ATQ0 V1 E1 — failed with 2400 baud, next try: 9600 baud
ttyUSB2: ATQ0 V1 E1 — failed with 9600 baud, next try: 9600 baud
ttyUSB2: ATQ0 V1 E1 — and failed too at 115200, giving up.
WvModem: Cannot get information for serial port.
ttyUSB3: ATQ0 V1 E1 — failed with 2400 baud, next try: 9600 baud
ttyUSB3: ATQ0 V1 E1 — failed with 9600 baud, next try: 9600 baud
ttyUSB3: ATQ0 V1 E1 — and failed too at 115200, giving up.
WvModem: Cannot get information for serial port.
ttyUSB4: ATQ0 V1 E1 — failed with 2400 baud, next try: 9600 baud
ttyUSB4: ATQ0 V1 E1 — failed with 9600 baud, next try: 9600 baud
ttyUSB4: ATQ0 V1 E1 — and failed too at 115200, giving up.
Found a modem on /dev/ttyUSB0.
Modem configuration written to /etc/wvdial.conf.
ttyUSB0: Speed 9600; init “ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0”
# vi /etc/wvdial.conf
[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Modem Type = Analog Modem
ISDN = 0
Phone = #777
Modem = /dev/ttyUSB0
Username = # In case of tata Username =internet
Password = # In case of tata Password =internet
Baud = 9600
# wvdial
It should now connect
mp3 on fedora-13
yum install amarok amarok-extras-nonfree xine-lib-extras-freeworld libtunepimp-extras-freeworld phonon gstream -y
rpm -ivh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm
yum install gstreamer-plugins-bad gstreamer-ffmpeg gstreamer-plugins-ugly -y
kill `pidof pulseaudio`
alsamixer
Linux disk cache
Linux has a supposedly good memory management feature that will use up any “extra” RAM you have to cache stuff.
Accessed file’s content gets cached in RAM for fast access eventhough we might not need it later in RAM.
$ free -m
total used free shared buffers cached
Mem: 1504 1490 14 0 24 809
-/+ buffers/cache: 656 848
Swap: 0 0 0
In Linux, you can clear the cache of the memory by using
$ sync; echo 3 > /proc/sys/vm/drop_caches; echo 0 > /proc/sys/vm/drop_caches
or
$ sync; sysctl -w vm.drop_caches=3; sysctl -w vm.drop_caches=0
$ free -m
total used free shared buffers cached
Mem: 1504 650 854 0 1 67
-/+ buffers/cache: 581 923
Swap: 0 0 0
sync should be run because this is a non-destructive operation, and dirty objects are not freeable. So you run sync in order to make sure all cached objects are freed.
Doing echo 3 is clearing pagecache, dentries and inodes but you could choose echo 1 to free pagecache only or echo 2 to free dentries and inodes.
redhat/centos build kernel rpm
Preparing System
$ yum install gcc make bison ncurses-devel rpm-build
Downloading the kernel source linux-2.6.30.10.tar.gz from http://kernel.org
$ nohup wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.30.10.tar.gz &
After you have done it, extract to /usr/src
$ tar zxvf linux-2.6.30.10.tar.gz -C /usr/src
enter to /usr/src
create a symlink to source code called linux, do this:
$ cd /usr/src
$ ln -sf linux-2.6.30.10 linux
drwxr-xr-x 3 root root 4096 Jul 16 14:09 kernels
lrwxrwxrwx 1 root root 12 Jul 16 16:18 linux -> linux-2.6.31
drwxr-xr-x 23 root root 4096 Sep 10 2009 linux-2.6.31
drwxr-xr-x 7 root root 4096 Jul 16 14:11 redhat
Copying the stock config into the dir
$ cd /usr/src/linux
$ cp /boot/config-`uname -r` .config
Compiling the kernel
$ cd /usr/src/linux
$ make clean
$ make menuconfig
If you want to add a custom tag that will identify the new kernel (if you want or skip this) , to accomplish this, do that:
I did not enter anything here and skipped this step
* On initial screen, go to General setup —>
* Select Local version – append to kernel release
┌─────────────── Local version – append to kernel release ────────────────┐
│ Please enter a string value. Use the key to move from the input |
│ field to the buttons below it. │
│ ┌─────────────────────────────────────────────────────────────────────┐
│ │ │
│ └─────────────────────────────────────────────────────────────────────┘
With this done, the resulting kernel.rpm will have the tag identifying it.
It is time to customize the kernel configuration to fit with your hardware.
After this quit menuconfig and start the compilation.
While you get out the configuration, you will be asked to save the changes. Answer Yes.
Run make rpm
$ make rpm
The compilation will start, good time to grab a coffee cause this is going to be long
WROTE:…….
/usr/src/redhat/SRPMS/kernel-2.6.30.10-1.src.rpm
/usr/src/redhat/RPMS/x86_64/kernel-2.6.30.10-1.x86_64.rpm
Take a backup of /boot dir for safety
$ tar czvf boot.tgz /boot/ /etc/grub.conf
Installing the new kernel rpm
$ rpm -ivh rpm -ivh /usr/src/redhat/RPMS/x86_64/kernel-2.6.30.10-1.x86_64.rpm
Preparing… ########################################### [100%]
1:kernel ########################################### [100%]
Confirming that alls ok
$ ls /boot
config-2.6.18-128.el5 grub message System.map-2.6.18-128.el5 vmlinux-2.6.30.10.bz2 vmlinuz-2.6.30.10
config-2.6.30.10 initrd-2.6.18-128.el5.img lost+found symvers-2.6.18-128.el5.gz System.map-2.6.30.10 vmlinuz-2.6.18-128.el5
Hmmm no initrd-2.6.30.10.img
To create the dependencies for the modules:
$ depmod 2.6.30.10
Create a new initrd with mkinitrd
$ mkinitrd -v /boot/initrd-2.6.30.10.img 2.6.30.10
Creating initramfs
Looking for deps of module ehci-hcd
Looking for deps of module ohci-hcd
Looking for deps of module uhci-hcd
Looking for deps of module ext3: jbd
Looking for deps of module jbd
Found root device hda2 for LABEL=/
Looking for driver for device hda2
Looking for deps of module ide:m-disk
Looking for driver for device hda3
Looking for deps of module ide:m-disk
Looking for deps of module ips: scsi_mod
Looking for deps of module scsi_mod
Looking for deps of module sd_mod: scsi_mod
Looking for deps of module ata_piix: scsi_mod libata
Looking for deps of module libata: scsi_mod
Looking for deps of module ide-disk
Looking for deps of module dm-mem-cache
No module dm-mem-cache found for kernel 2.6.30.10, aborting.
Opps errors …… Need to fix this
$ echo “DMRAID=no” > /etc/sysconfig/mkinitrd/noraid
$ chmod 755 /etc/sysconfig/mkinitrd/noraid
$ mkinitrd -v /boot/initrd-2.6.30.10.img 2.6.30.10
Creating initramfs
Looking for deps of module ehci-hcd
Looking for deps of module ohci-hcd
Looking for deps of module uhci-hcd
Looking for deps of module ext3: jbd
Looking for deps of module jbd
Found root device hda2 for LABEL=/
Looking for driver for device hda2
Looking for deps of module ide:m-disk
Looking for driver for device hda3
Looking for deps of module ide:m-disk
Looking for deps of module ips: scsi_mod
Looking for deps of module scsi_mod
Looking for deps of module sd_mod: scsi_mod
Looking for deps of module ata_piix: scsi_mod libata
Looking for deps of module libata: scsi_mod
Looking for deps of module ide-disk
Using modules: /lib/modules/2.6.30.10/kernel/drivers/usb/host/ehci-hcd.ko /lib/modules/2.6.30.10/kernel/drivers/usb/host/ohci-hcd.ko /lib/modules/2.6.30.10/kernel/drivers/usb/host/uhci-hcd.ko /lib/modules/2.6.30.10/kernel/fs/jbd/jbd.ko /lib/modules/2.6.30.10/kernel/fs/ext3/ext3.ko /lib/modules/2.6.30.10/kernel/drivers/scsi/scsi_mod.ko /lib/modules/2.6.30.10/kernel/drivers/scsi/sd_mod.ko /lib/modules/2.6.30.10/kernel/drivers/scsi/ips.ko /lib/modules/2.6.30.10/kernel/drivers/ata/libata.ko /lib/modules/2.6.30.10/kernel/drivers/ata/ata_piix.ko
/sbin/nash -> /tmp/initrd.w19233/bin/nash
/sbin/insmod.static -> /tmp/initrd.w19233/bin/insmod
copy from `/lib/modules/2.6.30.10/kernel/drivers/usb/host/ehci-hcd.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/ehci-hcd.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/usb/host/ohci-hcd.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/ohci-hcd.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/usb/host/uhci-hcd.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/uhci-hcd.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/fs/jbd/jbd.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/jbd.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/fs/ext3/ext3.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/ext3.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/scsi/scsi_mod.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/scsi_mod.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/scsi/sd_mod.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/sd_mod.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/scsi/ips.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/ips.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/ata/libata.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/libata.ko’ [elf64-x86-64]
copy from `/lib/modules/2.6.30.10/kernel/drivers/ata/ata_piix.ko’ [elf64-x86-64] to `/tmp/initrd.w19233/lib/ata_piix.ko’ [elf64-x86-64]
Adding module ehci-hcd
Adding module ohci-hcd
Adding module uhci-hcd
Adding module jbd
Adding module ext3
Adding module scsi_mod
Adding module sd_mod
Adding module ips
Adding module libata
Adding module ata_piix
Checking …….
$ ls /boot/initrd-2.6.30.10.img
initrd-2.6.30.10.img
Editing grub
Final phase, it remains only edit the grub.conf to use the new kernel.
Add the lines in and change default to boot with new kernel
title CentOS (2.6.30.10)
root (hd0,0)
kernel /vmlinuz-2.6.30.10 ro root=LABEL=/ rhgb quiet noacpi irqpoll acpi=off
initrd /initrd-2.6.30.10.img
Reboot. and check
$ reboot
After reboot
$ uname -a
Linux localhost.localdomain 2.6.30.10 #1 SMP Sat Jul 17 13:25:46 IST 2010 x86_64 x86_64 x86_64 GNU/Linux
KVM on centos5
Disable Selinux
Make sure that SELinux is disabled. Open /etc/selinux/config…
$ vi /etc/selinux/config
… set SELINUX to disabled:
$ reboot
or
Run
$ setenforce 0
[edit] Installing KVM
check if your CPU supports hardware virtualization
$ egrep ‘(vmx|svm)’ –color=always /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm
install KVM and virtinst
$ yum install zlib-devel alsa-lib-devel SDL-devel gnutls-devel dev86 texi2html glibc-devel kvm qemu\
libvirt python-virtinst virt-manager libvirt libvirt-python python-virtinst qemu
$ yum install kvm qemu libvirt python-virtinst
$ yum install virt-manager libvirt libvirt-python python-virtinst
In case rpmforge repo is recquired for qemu
$ rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
[edit] Service Starting
Then start the libvirt daemon:
$ /etc/init.d/libvirtd start
To check if KVM has successfully been installed, run
$ virsh -c qemu:///system list
Id Name State
———————————-
Next we need to set up a network bridge on our server so that our virtual machines can be accessed from other hosts as if they were physical systems in the network.
$ yum install bridge-utils
… and configure a bridge. Delete the system startup links for NetworkManager and create system startup links for network:
$ chkconfig –del NetworkManager
$ chkconfig –levels 235 network on
[edit] Networking
Then create the file /etc/sysconfig/network-scripts/ifcfg-br0 (please use the BOOTPROTO, DNS1 (plus any other DNS settings, if any), GATEWAY, IPADDR, NETMASK and SEARCH values from the /etc/sysconfig/network-scripts/ifcfg-eth0 file):
$ vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
DNS1=192.168.2.234
GATEWAY=192.168.2.234
IPADDR=192.168.40.112
NETMASK=255.255.0.0
ONBOOT=yes
Modify /etc/sysconfig/network-scripts/ifcfg-eth0 by keeping these lines and hashing everything else
DEVICE=eth0
HWADDR=00:1E:C9:B5:0D:51
ONBOOT=yes
BRIDGE=br0
Then reboot the system:
$ reboot
[edit] Starting Hosts
Use graphical installation and run “Creating guests with virt-manager”
$ virt-manager &
Open the File -> Open Connection. The dialog box below appears. . Select a hypervisor and click the Connect button
OR
$ virt-install –accelerate –hvm –connect qemu:///system –network bridge:br0 –name rhel5support –ram=512 –file=/xen/rhel5support.img –file-size=6 –vnc –cdrom=/dev/cdrom
Using virt-install with KVM to create a Red Hat Enterprise Linux 5 guest using cdrom –hvm (full virt)
$ virt-install –name fedora11 –ram 512 –file=/var/lib/libvirt/images/fedora11.img –file-size=3 –vnc –cdrom=/var/lib/libvirt/images/fedora11.iso
Using virt-install to create a fedora 11 guest
[edit] Info
the xml files are loacted at
$ cd /etc/libvirt/qemu/
Starting the virt machines
$ virsh create kvm2.xml
List domains
$ virsh -c qemu:///system list
Id Name State
———————————-
1 kvm2 running
2 kvm1 running
Connect to kvm
$ virsh console kvm1
[edit] Managing Virtual Machines from the command line with `virsh`
Virtual machines can be managed on the command line with the virsh utility. The virsh utility is built around the libvirt management API and has a number of advantages over the traditional Xen xm tool:
virsh has a stable set of commands whose syntax & semantics will be preserved across updates to Xen.
virsh can be used as an unprivileged user for read-only operations (eg listing domains, getting info, etc)
virsh will (in future) be able to manage QEMU, VMWare, etc machines in additional to Xen, since libvirt is hypervisor agnostic.
To start a new virtual machine from an XML vm definition:
$ virsh create
To list the virtual machines currently running, use:
$ virsh list
To gracefully power off a guest use:
$ virsh shutdown
To save a snapshot of the machine to a file of your choosing:
$ virsh save
To restore a previously saved snapshot:
$ virsh restore
To export the XML config associated with a virtual machine:
$ virsh dumpxml <virtual machine (name | id | uuid)
For a complete list of commands available for use with virsh run:
$ virsh help
Or consult the manual page virsh(1)
File Password Protection
A > How do I password protect / encrypt a file within Linux using OpenSSL ?
The file we will encrypt will be the file secretfile.txt.As you can see it is just a plain text file.
Encrypt File
Use the openssl comand to encrypt your file and then test the new file is fully encrypted.
$ openssl aes-256-cbc -salt -in secretfile.txt -out secretfile.txt.aes
enter aes-256-cbc encryption password:
Verifying – enter aes-256-cbc encryption password:
$ cat secretfile.txt.aes
binary data
Decrypt File
Decrypt the file and then confirm the decypted file is readable.
$ openssl aes-256-cbc -d -salt -in secretfile.txt.aes -out secretfile.txt
enter aes-256-cbc decryption password:
$ cat secretfile.txt
This is a secret file that we do not want anyone to read.
B > How do I password protect / encrypt a file within Linux using Mcrypt ?
Encrypt File
Use the mcrypt comand to encrypt your file and then test the new file is fully encrypted.
$ mcrypt secretfile.txt
Output:
Enter the passphrase (maximum of 512 characters)
Please use a combination of upper and lower case letters and numbers.
Enter passphrase:
Enter passphrase:
A new file is created with the extension .nc
$ ls secretfile.txt.nc
Decrypt File
Decrypt the file and then confirm the decypted file is readable.
$ mcrypt -d secretfile.txt.nc
Output:
Enter passphrase:
File secretfile.txt.nc was decrypted.
C > How do I password protect / encrypt a file within Linux using GPG ?
Encrypt File
Use the gpg comand to encrypt your file and then test the new file is fully encrypted.
$ gpg -c secretfile.txt
Output:
Enter passphrase:
Repeat passphrase:
This will create a secretfile.txt.gpg file.
Decrypt File
Decrypt the file and then confirm the decypted file is readable.
$ gpg secretfile.txt.gpg
Decrypt file and write output to file
$ gpg secretfile.txt.gpg -o somefile.txt
Easier method is to create a file using vim with the -x flag
vim -x
Building modules for rhel5 kernel
Build modules for kernel instead of building the whole kernel
Download the kernel rpm
$ rpm -ivh kernel-2.6.18-x.x.x.el5.src.rpm
$ cd /usr/src/redhat/SPECS/
$ rpmbuild -bp kernel-2.6.spec
will take some time but less than rebuilding the entire kernel hopefully
$ cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.x86_64
$ cp /boot/config-2.6.18-x.x.x.el5 .config
$ make menuconfig
Here for examplepurpose i’m taking xfs and reiserfs module hopefully it works with whatever you chose
* For xfs/reiserfs make sure to chose xfs and reiserfs as the module
$ make fs/xfs/xfs.ko
In case of error run
$ make SUBDIRS=fs/xfs/ modules
and rerun
$ make fs/xfs/xfs.ko
$ mkdir -p /lib/modules/`uname -r`/kernel/fs/xfs
Copy the module into the /lib/modules/`uname -r`/kernel/fs/xfs
$ cp fs/xfs/xfs.ko /lib/modules/`uname -r`/kernel/fs/xfs
$ make fs/reiserfs/reiserfs.ko
In case of error run
$ make SUBDIRS=fs/reiserfs/ modules
and rerun
$ make fs/reiserfs/reiserfs.ko
$ mkdir -p /lib/modules/`uname -r`/kernel/fs/reiserfs
Copy the module into the /lib/modules/`uname -r`/kernel/fs/reiserfs
$ cp fs/reiserfs/reiserfs.ko /lib/modules/`uname -r`/kernel/fs/reiserfs
Change permissions
$ chmod 744 /lib/modules/`uname -r`/kernel/fs/reiserfs/reiserfs.ko
$ chmod 744 /lib/modules/`uname -r`/kernel/fs/xfs/xfs.ko
insmod the required module
$ insmod /lib/modules/`uname -r`/kernel/fs/reiserfs/reiserfs.ko
$ insmod /lib/modules/`uname -r`/kernel/fs/xfs/xfs.ko
Make entry into /etc/modules.conf
$ echo “install reiserfs /sbin/insmod /lib/modules/2.6.18-x.x.x.el5/kernel/fs/reiserfs/reiserfs.ko ” >> /etc/modules.conf
$ echo “install xfs /sbin/insmod /lib/modules/2.6.18-x.x.x.el5/kernel/fs/xfs/xfs.ko ” >> /etc/modules.conf
$ modprobe reiserfs
$ modprobe xfs
$ depmod -a
Should be done hopefully
Open SSL help
General OpenSSL Commands
These commands allow you to generate CSRs, Certificates, Private Keys and do other miscellaneous tasks.
* Generate a new private key and Certificate Signing Request
# openssl req -out CSR.csr -pubkey -new -keyout privateKey.key
* Generate a self-signed certificate
# openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout privateKey.key -out certificate.crt
* Generate a certificate signing request (CSR) for an existing private key
# openssl req -out CSR.csr -key privateKey.key -new
* Generate a certificate signing request based on an existing certificate
# openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key
* Remove a passphrase from a private key
# openssl rsa -in privateKey.pem -out newPrivateKey.pem
Checking Using OpenSSL
If you need to check the information within a Certificate, CSR or Private Key, use these commands. You can also check CSRs and check certificates using our online tools.
* Check a Certificate Signing Request (CSR)
# openssl req -text -noout -verify -in CSR.csr
* Check a private key
# openssl rsa -in privateKey.key -check
* Check a certificate
# openssl x509 -in certificate.crt -text -noout
* Check a PKCS#12 file (.pfx or .p12)
# openssl pkcs12 -info -in keyStore.p12
Debugging Using OpenSSL
If you are receiving an error that the private doesn’t match the certificate or that a certificate that you installed to a site is not trusted, try one of these commands. If you are trying to verify that an SSL certificate is installed correctly, be sure to check out the SSL Checker.
* Check an MD5 hash of the public key to ensure that it matches with what is in a CSR or private key
# openssl x509 -noout -modulus -in certificate.crt | openssl md5openssl rsa -noout -modulus -in privateKey.key | openssl md5openssl req -noout -modulus -in CSR.csr | openssl md5
* Check an SSL connection. All the certificates (including Intermediates) should be displayed
# openssl s_client -connect http://www.paypal.com:443
Converting Using OpenSSL
These commands allow you to convert certificates and keys to different formats to make them compatible with specific types of servers or software. For example, you can convert a normal PEM file that would work with Apache to a PFX (PKCS#12) file and use it with Tomcat or IIS. Use our SSL Converter to convert certificates without messing with OpenSSL.
* Convert a DER file (.crt .cer .der) to PEM
# openssl x509 -inform der -in certificate.cer -out certificate.pem
* Convert a PEM file to DER
# openssl x509 -outform der -in certificate.pem -out certificate.der
* Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
# openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
You can add -nocerts to only output the private key or add -nokeys to only output the certificates.
* Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
# openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
* To test SSL connections to a mail server, use the openssl command with the s_client parameter:
# openssl s_client -connect smtp.myhost.com:25 -starttls smtp
This essentially opens a telnet-like connection to smtp.myhost.com on port 25 using the STARTTLS extension. This is an interactive session, so you can send commands to the remote SMTP server as well as view the certificate used, view the details of the SSL session, and more. To test SMTP over SSL, don’t use the -starttls option:
# openssl s_client -connect smtp.myhost.com:465
* The above can also be used to connect to any service that uses SSL, such as HTTPS (port 443), POP3 over SSL (port 995), and so forth.
* The openssl command can also be used to create digests of a file, which can be used to verify that a file has not been tampered with:
# echo “test file”> foo.txt
# openssl dgst -md5 foo.txt
MD5(foo.txt)= b05403312f66bdc8ccc597fedf6cd5fe
# openssl dgst -sha1 foo.txt
SHA1(foo.txt)= 0181d93fff60b818g3f92e470ea97a2aff4ca56a
* To view the other message digests that can be used, look at the output of openssl list-message-digest-commands.
* You can also use openssl to encrypt files. To view the list of available ciphers, use openssl list-cipher-commands. Once you’ve chosen a cipher to use, you can encrypt the file using the following commands:
# openssl enc -aes-256-cbc -salt -in foo.txt -out foo.enc
enter aes-256-cbc encryption password:
Verifying – enter aes-256-cbc encryption password:
# file foo.enc
foo.enc: data
# cat foo.enc
Salted__yvi{!e????i”Yt?;(Ѱ e%
# openssl enc -d -aes-256-cbc -in foo.enc
enter aes-256-cbc decryption password:
test file
In the above example, the file foo.txt was encrypted using 256-bit AES in CBC mode, the encrypted copy being saved as the file foo.enc. Looking at the contents of the file provide gibberish. Decrypting the file is done using the -d option; however, keep in mind that not only do you need to remember the password, you also need to know the cipher used.
As you can see, OpenSSL provides more than just a library for other applications to use, and the openssl command-line binary is a powerful program in its own right, allowing for many uses.
-
Recent
- Set Time Zone + Fedora 18
- Fedora 17 + Tata Photon (Huawei)
- Fedora 17: Install OpenSSH Server
- Change the default keyring password
- Error: Could not stat() command file ‘/usr/local/nagios/var/rw/nagios.cmd’!
- Gnone 3.X adding personal launcher
- Gnome 3.x Change Panel
- KDE remove autostart programs
- GPS on Linux
- Debian Squeeze change root password
- Download YouTube Videos on Linux
- Pidgin + The certificate for omega.contacts.msn.com could not be validated
-
Links
-
Archives
- April 2013 (1)
- September 2012 (2)
- August 2012 (2)
- July 2012 (2)
- November 2011 (1)
- July 2011 (1)
- April 2011 (1)
- January 2011 (1)
- November 2010 (1)
- September 2010 (2)
- July 2010 (3)
- March 2010 (1)
-
Categories
-
RSS
Entries RSS
Comments RSS