Me in IT UNIX/Linux Consultancy is based in Breukelen, The Netherlands and specialized in UNIX and Linux consultancy. Experience with Red Hat Enterprise Linux (Red Hat Certified Architect), Fedora Project, CentOS, OpenBSD and related released Open Source products makes Me in IT UNIX/Linux Consultancy a great partner in implementing, maintaining and upgrading your environment.

Open Source software is an important aspect of any Linux distribution. Me in IT UNIX/Linux Consultancy tries to use Open Source software where possible and tries to share experiences actively. In the articles section you will find many UNIX/Linux adventures shared for others to benefit.

Intergrating Google maps into a drupal website

It might just be me that does not fully understand how to use the Google Maps module for Drupal, so let me guide you on how to setup this module within your Drupal website.

First step: Download and install the two modules GMap and Location. After the files are installed, activate the modules "Gmap", "Gmap location" and "Location".

Second step: Go to the Google Maps API signup page and obtain a key. This key is the approximately 85 characters long.

Third step: Paste that key into the setting of Gmap, located at /admin/settings/gmap.

Fourth step: This might be optional, but was required for me; Enable the "GMap filter" in your filters, located at /admin/settings/filters

Fifth step: Create content with the gmap tag. Here is one example for which the code looks like this: (replace "WORD" by "gmap", sorry, drupal translates really well!)

[WORD|id=map1|center=52.094642,5.119704|zoom=5|width=100%|markers=52.094642,5.119704]

Javascript is required to view this map.

What you see is the neighborhood where I live, Utrecht. I used Webgeer media's website to guide me a bit.

Using Keychain for SSH logins

I would like to make a short intro to Keychain, this utility makes handling SSH keys easier and also saves you having to type in your passphrase every time you SSH to a remote machine using public key authentication.

Most Linux distributions and BSD variants already have Keychain packaged or easily installable in some way. I will leave installing keychain as an exercise to the reader. Also, I recommend following Mr Robert's fine guide on using SSH keys before starting to setup Keychain.

Once you have your SSH keys configured and Keychain installed then using keychain is quite easy. The following steps are required :

  • Initial Test
  • Modify your shell startup scripts to automatically start Keychain

Initial Test

So, our first step is to manually step through the process of feeding Keychain our SSH keys :

[email protected]:~$ keychain ~/.ssh/id_rsa

KeyChain 2.6.6; http://www.gentoo.org/proj/en/keychain/ Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL

* Initializing /home/keychain/.keychain/silverado-sh file...
* Initializing /home/keychain/.keychain/silverado-csh file...
* Initializing /home/keychain/.keychain/silverado-fish file...
* Starting ssh-agent
* Adding 1 ssh key(s)...
Enter passphrase for /home/keychain/.ssh/id_rsa:
Identity added: /home/keychain/.ssh/id_rsa (/home/keychain/.ssh/id_rsa)

[email protected]:~$

When it asks for your passphrase, enter the passphrase you used during key creation. Once this is successfully completed you need to setup the shell environment. As you can see, Keychain creates many files that contain the required environment variables to make the ssh-agent information accessible across logins and shell instances. You will need to source the appropriate file, depending on your shell. I am using Bash, so I will use the silverado-sh file. Another point is that the file name contains your hostname so if your host name is "mymachine" then the file will be mymachine-sh in the ~/.keychain directory.

The method by which we will acquire the variables stored in the silverado-sh (or whatever it is called on your system) will be by sourcing the files. Like so :

[email protected]:~$ source ~/.keychain/silverado-sh

and then to verify the variables are there :

[email protected]:~$ env | grep SSH_A
SSH_AGENT_PID=24627
SSH_AUTH_SOCK=/tmp/ssh-EUqFg24626/agent.24626
[email protected]:~$

Now try and log into a machine that uses your public key for authentication, you should not be prompted for your passphrase.

Automatically Starting Keychain and Sourcing Files

Now we don't feel like doing that every time so we can put that in our shell initialisation file, in my case ~/.bashrc. Insert the following, replacing "silverado-sh" with your own Keychain environment file :

keychain ~/.ssh/id_rsa
source ~/.keychain/silverado-sh

Tada! Finished. But for the full Keychain treatment I refer you to the Gentoo Documentation.

Very Simple but Secure Database Backup

I am using the very fine DBMail as a MySQL email backup, more on this in other articles. Please note that this is my first article, so please be gentle. But for now, I wanted to share how I backup this email store and hence a database. I have written a script that :

  • Dumps the relevant database.
  • Compresses the dump file.
  • Encrypts the database using Gnu Privacy Guard (but any method will do).
  • Uploads the database to a remote location using SFTP.

The prerequisites for using the script "as is" are :

  • MySQL dump user with sufficient privileges to dump the required database.
  • ~/.my.cnf configured for user having sufficient privileges to backup the DB. For example:

[client]
user = dbuser
password = dbpass
database = dbmail

  • Working GPG installation.
  • Remote backup host running an sftp server.
  • Local copy of sftp OpenSSH client.
  • Keychain for password-less login to remote server. More on keychain in a future article.

Note that this script stems from a quick and dirty script that I wrote for myself so use what is in this article more as a guideline :-) They script itself will require some modification in your environment. And, without further ado, here is the script :

#!/bin/sh
# Author : Fred Clausen <[email protected]>

database="dbmail"
gpg_user="Friedrich"
local_dir="/data/tmp"
remote_host="remote-host.example.com"
remote_user="fred"
remote_dir="/var/tmp"

source $HOME/.keychain/$HOSTNAME-sh
cur_name="$local_dir/$database-`date +%a`.sql.gz"
batch="`mktemp`"

if [ -f ${cur_name}.gpg ]; then
        rm -f ${cur_name}.gpg
fi

mysqldump --databases $database | gzip > $cur_name
if [ $? != 0 ]; then
        echo "Error dumping data"
        exit 1
fi

gpg -r $gpg_user -e $cur_name

cat > $batch <<END
cd $remote_dir
put ${cur_name}.gpg
END

sftp -b $batch $remote_user@$remote_host

rm $batch

You will obviously need to modify the variables at the top to values suitable for your environment. Also, see how this script recycles file names to keep a week's worth of backups.

Good luck!

Use bash (or sh) to hang a machine

Here is a simple trick, stolen from a mailinglist archive.

Be aware; this command hangs your box! Unless you have ulimited yourself.

:(){ :|:& };:

Now, it that the absolute minimum to hang a box? I guess so, but if you know similar shell fork-bombs, let me know.

Things war is good for

Here is an nice image (shamelessly stolen from a website with weird graphs) that represents what war is good for. Some highlights:

Using tar and ssh to efficiently copy files preserving permissions

Have you had situations where disk-space is sparse, so making full tars (although compressed) is impossible? Here is an ssh trick that could help you copy over files without using too much diskspace.

This trick will tar a directory from a computer, but the file that it would normally create, is standard out, so it is redirected back to the script on the computer you are working on. The computer you are working on extracts the information directly, so there is no location where (redundant) files are stored.

ssh [email protected] "tar czpf - /some/important/data" | tar xzpf - -C /new/root/directory

You are now directly copying data from the "machine-where-precious-data-is" to the machine you are working on, using the benefits of tar (preserving permissions, links, etc) but not being hindered by the difficulties of tar. (making these possibly large files and so on.)
I used this trick to copy users directories from one machine to the other.

An alternative command, reverse and not crossing filesystem boundries:

tar cpf - /some/important/data | ssh [email protected] "tar xpf - -C /some/directory/"

NFS server on OpenBSD, client on Mac OS X

Here is a small reciepe on how to setup an OpenBSD (I used 4.2) NFS server and have a Mac OS X (I used 10.5.1) client connect to it.

First setup the OpenBSD server to server /mnt/sd0a over NFS:

# echo "portmap=YES" >> /etc/rc.conf.local
# echo "nfs_server=YES" >> /etc/rc.conf.local
# echo "/mnt/sd0a -network=192.168.1 -mask=255.255.255.0" >> /etc/exports
# portmap
# nfsd -tun 4
# mountd

Now test the share on you Apple:

# mount_nfs -P 192.168.1.254:/mnt/sd0a /private/tmp/test/
# df -h /private/tmp/test
# umount /private/tmp/test

Now because apple used automount by default (check /etc/auto_master on your Apple) you can find the OpenBSD NFS server in the finder:
A screenshot of the finder showing the shared mountpoint.

Screencast: Installing OpenBSD 4.2

A screenshot of the OpenBSD installer.

Another screencast of how to install OpenBSD 4.2 in parallels on an Apple.

Explained is how this installer can be used, how sets can be downloaded and end up with a small working OpenBSD installation. This video is targeted for audience that does not know how to install OpenBSD. If you have some experience with installing OpenBSD, don't waste your time by watching this video.

Using ssh keys

I discovered that I have quite a few ssh articles on my website, but none of them include how to simply setup SSH-keys. It's so simple and so convenient, lets have a closer look.

First, on your workstation, create ssh-keys using ssh-keygen. I use OpenBSD for this example, the output might slightly differ when using another operating system.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Created directory '/home/username/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 [email protected]

(The username, hostname and fingerprint have been obfuscated in this example.)

For the record:

  • /home/username/.ssh/id_rsa is your private key. Keep it secure
  • /home/username/.ssh/id_rsa.pub is your public key. Distribute is to all machines your want to connect to.

Be sure to use a good passphrase, together with the private key it is the key to your locked world of machines you will connect to. Also; safe the keys to a secure location, like your USB-stick, or a CD-rom. Loosing the private key or its passphrase means you'd have to do this all over again.

Now you need to put the contents of your ~/.ssh/id_rsa.pub file into ~/.ssh/authorized_keys on every machine you will want to connect to. Specifically; append your public key to the authorized_keys file, as there might be other public keys in there already. Use this ssh distribute script for it or do it manually.

From now on you can start using your ssh-key, but ssh will constantly prompt you for a passphrase. Annoying, so read on.

You can use an ssh-agent to manage your keys and enter your passphrase just once, as you add your private key to the agent. An article exists that describes these ssh-agent tricks.

That's it, good luck using your ssh-keys.

Serial connection from an apple

Here is a very simple trick to use serial connection on your apple, a usb port, a usb-serial converter and a serial cable.

  1. Install all drivers for that usb-serial converter.
  2. Open a terminal. (Find it with spotlight or in the finder.)
  3. Type: screen $device $speed. Where device is some /dev/tty.... device and speed something like 9600, 19200, etc.

See how great screen is?!

About Consultancy Articles Contact




References Red Hat Certified Architect By Robert de Bock Robert de Bock
Curriculum Vitae By Fred Clausen +31 6 14 39 58 72
By Nelson Manning [email protected]
Syndicate content