What is Digg?77 Comments
- kenplaysviola, on 07/23/2008, -0/+28Just to let you Debian/Ubuntu users know that Tip #4 (getting back root password) on the GRUB doesn't work by just adding a "1". It only works on Red Hat based systems. You Debian/Ubuntu users need to type out and append the word "single", or just use the standard RECOVERY MODE on your GRUB.
- sysop073, on 07/23/2008, -0/+21Wow, those were actually useful. Virtually every "linux tip" list I've ever seen is stuff like "press tab to complete a command!!!", but these are actually good tips
- SEJeff, on 07/23/2008, -0/+21Not too bad. TFA covers some jr Linux sysadmin tips. They are pretty good ones, but nothing earthshattering if you've been playing in the posix-land for awhile.
Here are a few improvements over what the author says:
This:
# cat /proc/cpuinfo | grep processor | wc -l .
Can become:
# grep -c processor /proc/cpuinfo
This:
# free -m | grep Mem | awk '{print $2}'
Can become:
# free -m | awk '/Mem/{print $2}'
---
Jeff Schroeder
http://www.digitalprognosis.com/blog - DaveCanada, on 07/23/2008, -0/+17Ok, I have to admit it, there were a few that I didn't know there.
- YodaJones, on 07/23/2008, -3/+20Some nice tips. Cool.
- arjie, on 07/23/2008, -0/+16You know how it goes, if you've allowed physical access all bets are off.
How you protect against it is you set a BIOS password (useless to anyone who can reach the motherboard), you make the GRUB timeout 0. - whereisian, on 07/23/2008, -1/+16I started using screen about a month ago and it's completely indispensable now.
I'ma have to try fuser. I've been using ps switches and grep, which is ugly. - dg10050, on 07/23/2008, -0/+15If someone has physical access to your system, you're ***** anyway.
They don't need your root password to take all of your files. - mrtrevin, on 07/23/2008, -0/+14Nice snarky writing and surprisingly useful tips.
- BinaryCortex, on 07/23/2008, -0/+12I think that was the best explanation of ssh port forwarding I have seen yet. It actually made sense.
- supradave, on 07/23/2008, -0/+12Ha ha ha ha ha ha ha ha. That was so original and funny.
- neFariou5, on 07/23/2008, -1/+13What a moronic troll thing to say.
- sariduvar, on 07/23/2008, -0/+12no, it's not. you need physical access to the machine to do that.
- jamie191817, on 07/23/2008, -1/+11dont mock , i only discovered that yesterday.
- HonoredMule, on 07/23/2008, -1/+10sudo apt-get install delusional-tendencies
- seqizz, on 07/23/2008, -1/+9is crysis created for Linux ?
or is there a version like doom3?
then why are you spamming here?
nobody has to hack reverse-engineering sh*t, thanks to wine developers to do that.. - EmperorPsiblade, on 07/23/2008, -1/+9Yeah, it's called getting Microsoft to stop being dicks and using DirectX.
Wouldn't have this problem if OpenGL was used instead. :| - Pacula, on 07/24/2008, -0/+8Oh puh-leaze - my cat can troll better than that.
- HonoredMule, on 07/23/2008, -0/+7So you get a lot of Linux administering done on Windows, do ya?
Impressive! I can only seem to get Windows administration done when only using Windows. - limoo, on 07/23/2008, -0/+7If they can reach the mobo, the can reach your hard drives. If you data isn't encrypted, they can read/write anything they want by connecting your hard drives to their own system.
Grub and BIOS passwords are just minor deterrents when your attacker has physical access.
BTW, this affects any OS. Just pull out the hard drives and connect it to another computer that can read that filesystem. - arjie, on 07/23/2008, -1/+7You missed the bit about 'more productive systems administrator'.
- jokr004, on 07/23/2008, -0/+7I've had some issues with fuser not seeing processes in the past... ps and grep are still my number one tools
- rowjimmy, on 07/23/2008, -1/+8Windows is a good trick - you pay $300 and it sucks!
- voodoosteve84, on 07/24/2008, -0/+6Dugg because I was curious as to what the hell a Linux admin actually does
- vade79, on 07/23/2008, -0/+6lsof, and you'll never go back to fuser.
- supradave, on 07/23/2008, -0/+6Tip #5 is much simpler if you just put a ping on the end of the ssh command (and then slap it into the background if you know how. Digg comment systems prunes off some of the necessary strings).
Example:
ssh -f -n -g -L 5900:192.168.1.7:5900 -L 5903:192.168.1.6:5900 user@someserver.com ping -i 30 localhost - kenplaysviola, on 07/23/2008, -0/+6Not just the BIOS password, but you can also put a GRUB password.
- jfreeman, on 07/24/2008, -0/+5I like that this comes from ibm.com
- djuniah, on 07/23/2008, -0/+5i guess that its not a whole lot worse than the windows XP safe-mode administrator account, but still. It almost seems trivial to gain access to a machine when you have direct access.
- andrewcsfan, on 07/23/2008, -1/+6Something worth read in detail
- supradave, on 07/23/2008, -0/+4Here is the background string typed out in English. After localhost space greater than ampersand dash space less than ampersand dash space two greater than ampersand dash space ampersand. That'll shut off all input and output from the command, meaning that you have to have your ssh public key installed for convenience on the remote machine, and then puts it in the background.
Digg turns it into >&- &- &. - wattersm, on 07/23/2008, -0/+4For ssh connections you can turn on keep alive packets which should keep the connection open, it's a lot better than leaving stuff running in the background.
- vade79, on 07/23/2008, -0/+4shows what programs are accessing what in more a detailed format, with far more options and information. Generally speaking you can do what fuser does with lsof, and get a lot more information too.
- jrattner1, on 07/23/2008, -0/+4Now I wish I didn't do a clean install after forgetting my root passphrase...
- forkmantis, on 07/23/2008, -0/+4dugg for tip #3 mostly
- clith, on 07/24/2008, -0/+4Excellent article. Actually useful for experienced Linux folk.
- digitalarcanum, on 07/24/2008, -0/+4dugg, because there aren't enough of these articles on digg anymore, and it reminded me of the old days.
- supradave, on 07/23/2008, -0/+3If the BIOS password is set, it requires a trip to the office. The GRUB timeout is a simpler fix.
- LibrarianEtarip, on 07/23/2008, -0/+3Bios password takes about 5 minutes. Grub password requires booting off some other media like ad cdrom or flash drive.
- sysop073, on 07/23/2008, -0/+3I was just thinking that fuser would free me from lsof, but I've never tried it; why is lsof better?
- ChayD, on 07/23/2008, -1/+4Cool, I didn't know you could do that sharing thing with screen, that would save so much time having to go to my colleague's desk (where there isn't a spare chair) to go over a system related fix. *prints out and sticks on whiteboard*
- SEJeff, on 07/23/2008, -0/+3Not quite. If you do that, the system (by default) will boot with a read only root filesystem. Then you need to do the steps in this order:
mount -o,rw,remount /
passwd root
sync && sync
reboot
"init=/bin/bash" is generally a worst case scenario right before pulling out the livecd and chrooting in to change the password. It should generally be discouraged over single user mode if at all possible. Using the recovery mode or "single" instead of 1 is the preferred way.
---
Jeff Schroeder
http://www.digitalprognosis.com/blog - pweltz, on 07/23/2008, -0/+3you'd be surprised by some.... especially in the windows world I have to admit.
Honestly even after 10+ years I learnt some stuff from the article. You just can't know everything in this ever-changing field. - SEJeff, on 07/23/2008, -0/+3None of the other people who responded have ever configured grub. All you have to do is set a password on changing the settings in grub. Here is an article on how to actually do it.
http://www.redhat.com/docs/manuals/enterprise/RHEL ... - exscape, on 07/23/2008, -0/+3Another trick I use is to change init to bash, i.e. something like "kernel /... root=... init=/bin/bash".
- Origin415, on 07/23/2008, -1/+4Right, using ssh in Windows is a lot more productive.
- tramblings, on 07/24/2008, -1/+4Dugg and favorited for a day that I need these.
- shinkou, on 07/24/2008, -0/+3Dugg for the 3rd trick. Cool!
- cinch123, on 07/24/2008, -1/+3Interesting stuff! Thanks!
- Jubalint, on 07/24/2008, -0/+2Dugg for great explanation of SSH Tunneling. It's a incredibly useful tool that can be hard to clearly explain.
-
Show 51 - 79 of 79 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is