/etc/nsswitch.conf is a Linux configuration file that specifies how the system should switch between different name service providers. The file can be used to configure which services should be used for hostname lookup, password lookups, and so on.

“/etc/nsswitch.conf” file is read by the Name Service Switch (NSS) library when the system starts up. The NSS library then uses the information in “/etc/nsswitch.conf” to determine which name service providers should be used for each type of lookup.

“/etc/nsswitch.conf” is a critical part of the Linux operating system, and any changes to the file can potentially cause serious problems. As such, it is important to understand how “/etc/nsswitch.conf” works before making any changes to the file.

You can view the content of the “/etc/nsswitch.conf” file using the following command.

cat /etc/nsswitch.conf 

Output:
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files systemd
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

Understand the use of /etc/nsswitch.conf with an example

Let’s understand the uses of /etc/nsswitch.conf with an example. In this file, you will find an entry like the below:

hosts:          files dns

The above entry tells the order to resolving any domain name. First, the system will check domain mapping in files (/etc/hosts), If a matching entry is found it will use it, else the system will check with the DNS servers.

Any domain resolve request will go to the DNS server, only if no matching entry is found in the /etc/hosts file.

The post What is the /etc/nsswitch.conf file in Linux appeared first on TecAdmin.

The syntax of JSON was derived from JavaScript but it itself is language independent. It is compatible with many programming languages; these languages include code that can be used to integrate JSON into the program; but unfortunately, we cannot work with JSON directly in Linux shell as it cannot interpret it. To work with JSON in the Linux shell we use a mixture of tools such as JQ and sed.

In this post, we will learn to use the JQ command to manipulate and work with JSON data in a Linux shell.

How to Install the JQ command

The JQ command is not available in some Linux distributions by default; It needs to be downloaded into the system before it can be used on the terminal; You can download the JQ command just like any other package on your system. On Ubuntu 20.04 use the below-given command to install the JQ utility:

sudo apt install jq 

Just replace apt with the package manager of your system if you are running a distribution other than Ubuntu.

If you are running a distribution like CentOS 8 which already has JQ by default then you will get an output similar to this:

sudo dnf install jq 

Syntax

Now we can start using the JQ command as it has been successfully installed on our system, but first, let’s take a look at the syntax of the JQ command:

jq [options]  [file...]

jq [options] --args  [strings...]

jq [options] --jsonargs  [JSON_TEXTS...]

The JQ command can be used in many different ways; It can be used directly on a JSON file and can also be combined with several other commands to interpret JSON data. The JQ command can be used with different filters such as the “.”, “|”, “,” or the “.[]” filter to organize JSON data.

The JQ command also takes different options as arguments such as the --tab, --stream, --indent n, --unbuffered, and the -L directory option. The syntax of the JQ command might seem complex at first but you will get familiar with it once you read the whole article.

How to Organize JSON data using JQ command

The simplest and frequently used feature of the JQ command filters. They are used to organize and prettify JSON data when printing it to standard output.

In this example, we have a JSON file named employee.json and we need to output the data to the standard output:

{"workers":{"name": "John Brooks","id": "003"}}

We can use the cat command to show the data:

cat employee.json

The data printed to the standard output using the cat command is unorganized and messy. We can organize this data by using the JQ command along with the ‘.’ filter:

jq '.' employee.json

Now the data has become a lot more organized, colorful, and easier to understand. This filter is especially needed when accessing data from APIs; The data stored in APIs can be very unorganized and confusing.

How to Access a Property using JQ command

The .field filter along with the JQ command can be used to access object properties in the shell.

If we only want to access and print a single property to the standard output then we can use the .field operator. E.g to access the worker’s property we can use this command:

jq '.workers' employee.json

We can also access the items present within the property by using the .field operator. To access the name item in the worker’s property we will use:

jq '.workers.name' employee.json

How to Access an Array Item using JQ command

We can also access and output the elements present within an array in a JSON file by using the .[] operator. For this example we are going to modify our JSON file so it looks like this:

[{"name": "John Brooks","id": "003"},{"name": "Randy Park","id": "053"},{"name": "Todd Gray","id": "009"}]

To output all the arrays present in the JSON file we will run the command given below:

jq '.[]' employee.json

To output only the second array we can modify the above-given command in the following way:

jq '.[1]' employee.json

Remember that the array starts at 0

We can also access the properties present within the array by using the .field operator. E.g if we want to access the name property in the third array then we will run the following command:

jq '.[2].name' employee.json

Similarly, to access all the name properties inside arrays we can execute this command:

jq '.[].name' employee.json 

Conclusion

The JQ command is used to transform JSON data into a more readable format and print it to the standard output on Linux. The JQ command is built around filters which are used to find and print only the required data from a JSON file.

In this how-to guide, we have learned to use the JQ command to organize and filter JSON data.

The post JQ Command in Linux with Examples appeared first on TecAdmin.

With advancements in the technology world, hackers are becoming more sophisticated every day. Even your SSH connection is not secure if you are using the traditional or default installation settings. Therefore, it has become necessary to secure your SSH server from unwanted data breaches and malicious attacks by taking some crucial precautions.

In this article, we will introduce you to some important security practices which will help you in considerably increasing the level of SSH server security.

1. Use Strong Usernames and Passwords

If you are using an SSH exposed to the outside world then there are chances that you will face some login attempts from hackers. They use different advanced techniques to crack your SSH username and password. A strong password and username combination will help you in securing your server.

You can use a password generator to create a strong and random password. Also, do not use any common password sequence like asdf, 12345678, etc.

2. Avoid Using Port 22

Port 22 is a default port for SSH connections and every hacker trying to access your SSH server will first attack this port. Therefore changing the port will add an extra security layer to your SSH Connection and it will prevent automated attacks on the SSH server. Changing the port will also keep you off from hacking radars.

How to change the SSH port?

Follow the below steps to change the default 22 port:

1. Open your /etc/ssh/sshd_config file.
2. Add the following line to your file. Set any non standard port.

   Port 20125
   

3. Restart your SSHD service with the following command:

   sudo systemctl restart sshd 
   

Now the SSH server is listening on a new port.

3. Disable the Root Logins

Allowing direct login to root through SSH is one of the most common and dangerous security breaches. Hackers, with access to your root password, can damage your machine. Therefore it is recommended to disable root user login and use non-root user access instead for security purposes. You can use the ‘su-’ command to access the root privileges after disabling root logins.

How to disable the root user login?

Again you need to edit the sshd_config file or /etc/ssh/sshd_config file as all of your server settings are stored therein that file.

1. Login as a root and open the sshd_config file.
2. Look for #PermitRootLogin or PermitRootLogin yes in that file and change it to:

   PermitRootLogin no
   

3. Then add a user account that you’re gonna use to log in by writing ‘AllowUsers your_username’.
4. Save the changes.
5. Restart your SSHD without closing the current root session.

   sudo systemctl restart sshd 
   

6. Then open a new terminal and check whether you can log in as the new user you added or not.
7. After that, you can close the root session.
8. You can now login as the user you added to have all the root privileges or you can use the ‘su’ command.

4. Use SSH Keys Instead of Passwords

You will use a strong password to secure your server but in some cases, passwords can be cracked or brute-forced. Therefore using an SSH Key login will add an extra layer to your server security.

In SSH key login, you create two keys one public and one private. The private key is associated with your main machine and the public key is installed on the server that you want to access remotely. You can make a connection between the source and destination server with the SSH key pair without using passwords. Once the SSH key pair is configured, you can disable the password login.

Use another tutorial to configure Key-based SSH on Linux.

How does SSH key login work?

Once you initiate a connection request, the server will create an encrypted message by using the public key stored on it. This message will be transmitted to your primary device and the private key will unencrypt the message. Once the message is unencrypted, the primary device will send a confirmation message to the remote server to establish the connection.

5. Disable Empty Passwords

Linux allows users to create empty passwords and allowing empty password login to the server will expose your server to vulnerable cyber attacks. So make sure you disable empty passwords.

How to disable Empty Passwords?

1. Open the sshd_config file.
2. Find PermitEmptyPasswords and replace the ‘no’ value with ‘yes’.

PermitEmptyPasswords  no

3. Restart the sshd.

This will disable Empty Password login to your server.

Conclusion

Cyber attacks are increasing at an alarming rate and it is a strong security practice to add security layers to your IT environment no matter you are working on a virtual machine or building a server. Implementing the above practices will robust your working environment and it will help you in preventing potential cyberthreats.

The post How To Secure SSH Server appeared first on TecAdmin.

It also provides you option to create SSH tunnel to provide access to resource within the trusted internal network. With the help of SSH tunnel you can access resources available on other ports, which is not directly accessible from your system. Once you forwarded your localhost port to the port listening on remote network, you can directly access the the remote service by accessing configured port with localhost.

The Tunnel provides you port forwarding from both sides. The first option shows you option to forward your local port to remote network to access there resources. You can also reverse the process and access resources of your local system from remote machine.

Local Port Forwarding with PuTTY

You can configure local SSH tunneling using the following steps:

1. Start the PuTTY application on your desktop. In the Session windows, enter the hostname or IP address and port number of the destination SSH server. Make sure the connection type is set to SSH.

   

   Add hostname of the SSH server you want to access remotely.

2. In the left sidebar under the Category options. Navigate to the Connection >> SSH >> Tunnels.

   

3. Select Local to define the type of SSH port forward.
4. In the Source port field, enter the port number to use on your local system. (For example Source port: 5050)
5. Next, In the Destination field, enter the destination address followed by the port number. (For example Destination: 127.0.0.1:5432).
6. Verify the details you added and press Add button. You can add multiple entries here.
7. All done. Connect the SSH session to make the tunnel. The tunnel will work until the SSH session is active

Remote Port Forwarding with PuTTY

The Remote forwarding allows a remote system to access resources from your local machine. Remote forwarding represents an inversion of the local forwarding process as described above.

1. Start the PuTTY application on your desktop. In the Session windows, enter the hostname or IP address and port number of the destination SSH server. Make sure the connection type is set to SSH.

   Add hostname of the SSH server you want to access remotely.

   

2. In the left sidebar under the Category options. Navigate to the Connection >> SSH >> Tunnels.

   

3. Select Remote to define the type of SSH port forward.
4. In the Source port field, enter the port number to use on your local system. (For example Source port: 8080)
5. Next, In the Destination field, enter the destination address followed by the port number. (For example Destination: 192.168.0.101:65001).
6. Verify the details you added and press Add button. You can add multiple entries here.
7. All done. Connect the SSH session to make the tunnel. The tunnel will work until the SSH session is active

Conclusion

This tutorial helped you to setup local and remote SSH tunnel via the Putty application on Windows server. Which allows to your access services running on remote system or network via SSH network, where you don’t have directly access via port.

The post How to Set Up SSH Tunnel with PuTTY appeared first on TecAdmin.

Take a look at these 10 tips & tricks to scale-up your Linux game:

1. Removing Larger Files

Because of poor administrative skills files can get “heavy”, sometimes as large as 250 GB! In that case, rm utility is not of much use due to the massive amount of data involved.

Therefore, removing a single log file of that size using rm utility should be avoided. You should rather opt for an easier solution:

 > /path-to-file/huge_file.log

You would be required to change file names and the path that matches your case. As a result, the empty output will be generated for that particular file.

2. Copying in Multiple Directories

In general, when you want to copy a file, you use cp command which looks like this:

cp /path-to-file/my_file.txt /path-to-new-dir

Right? What if you want to copy that into multiple directories? You usually go for something like this:

cp /home/user/my_file.txt /home/user/1
cp /home/user/my_file.txt /home/user/2
cp /home/user/my_file.txt /home/user/3

Writing these commands over and over again is not only time consuming but frustrating as well. What if we tell you that you can still execute this process in a single-line command? Don’t believe us? Try this:

echo /home/user/1/ /home/user/2/ /home/user/3/ | xargs -n 1 cp -v /home/user/my_file.txt

Voila! Your job is done.

3. Minimizing Keystrokes

The more you press keys on your keyboard, the longer it will take to get things done. If you are aware of certain time-saving commands, you can increase your work efficiency by manifolds.

In order to execute your last command, you should make use of the UNIX bash shell.

Instead of typing the whole command again, just use Ctrl+R and change a few lines if you want to. That will save you a lot of time and speed-up your work.

4. Searching Files Made Easy

This may seem easier than you think. Following is an example of the command used for searching files:

find /home/user -type f

Once you run this command, it will locate all files in /home/user. This is a powerful command but you may want to refine your search and make it more directed.

For instance, let’s suppose you want to include an option to search files greater than 10 MB. You can do this by:

find . -type f -size 10M

Be careful not to use the root directory, failing which can cause high I/O on the system.

5. Turning Off Your System

Did you know you can use certain commands to turn off your system at a specific time? You may or may not be physically present to shut down your computer but you can choose when to. Configure the shutdown time using this command:

sudo shutdown 21:00

Your system will shut down exactly at 21:00! Instead of hours, you can also choose minutes.
For example:

sudo shutdown +15

Your computer will automatically turn off after 15 minutes.

6. Using the Right Command

With several command lines at your disposal, it’s extremely difficult to recall them when needed. Not only do you need to have the right command in mind, but also execute it effectively.

What you are looking for is this:

#apropos

Just replace “description” with the actual command description that you are searching for.

Take a look at this example:

• dir (1) – list directory contents
• ls (1) – list directory contents

With this trick, you don’t need to recall the required command at all. You just need to search for one!

7. Executing Multiple Commands

Quite often you have to wait for the previous command to run successfully in order to run the next one. This again consumes a lot of your precious time.

There’s an efficient way to do it. You can use a single command to execute multiple ones and your waiting time is over!

The command looks like this:

command_1; command_2; command_3

This separator is a lifesaver when it comes to finishing your job within a stipulated time.

8. Multiple Commands: When First One Fails

In the previous section, we talked about how to use a single command for running several commands. But what should you do in case the first command does not run successfully? You want to run the subsequent command only if the previous one was successful.

For this use “||” separator like shown below:

command_1 || command_2

After this, command 2 will run only after the command 1 when you use the above single-line command.

9. Creating Directory Trees

You generally use the mkdir command to create new directories in Linux.

The usual command for creating directories goes like this:

mkdir new_folder 

How about creating 7 sub folders within the new folder? Repeating the above command 7 times is not an ideal solution. You can instead use this command:

mkdir -p new_folder/{folder_1, folder_2, folder_3, folder_4, folder_5, folder_6, folder_7} 

With the help of the above command, you can easily create 7 subfolders without having to run mkdir multiple times.

10. Moving to End or Starting of Line

You have typed a lengthy command but realize that you need to move to the beginning of it in order to make some changes.

What do you do? Strike that left arrow key several times until you reach the starting of command?
There is a better way.

Apart from using End and Home keys, you can opt for Ctrl+E to reach the end and Ctrl+A to reach the beginning.

Inference

Mastering these tips and tricks will make your transition to Linux hassle-free.

The aforementioned commands are quite easy for everyone to comprehend even if they are not Linux experts. That’s the beauty of it!

These useful tricks can work wonders for your efficiency. Wish you all the best for your Linux journey!

The post 10 Amazing Tips & Tricks to Work with Linux appeared first on TecAdmin.

Shell is a command interpreter or a program that reads and interprets commands issued to it by the user.
The shell performs basic commands such as running programs, inputting text, and printing output. It is also responsible for handling errors and other situations that require user intervention. A shell can be used to automate existing tasks or to create new ones entirely.

The shell provides a common interface to a number of tools in the system. For example, if the shell needs to perform an action that requires a system command, it will search for the command and then execute it on behalf of the user.

What are the different types of shells?

A non-login shell or a login shell is used in this example, which employs the Bash shell. Shells execute pre-configured scripts to establish their environments.

The shell plays an important role in the Linux operating system architecture. It receives input from users and sends instructions to the kernel, and it receives output from the kernel and returns it to the user.

A shell executes a predetermined set of scripts to configure its environment. The Bash shell, for example, is used.

What is a Login Shell in Unix/Linux System?

When a user successfully logs in to a Linux system via terminal, SSH, or switches to a user with the “su -” command, a Login shell is created.

When a login shell starts, it executes a set of pre-configured scripts to set up the environment. You may run this command on the terminal to discover which shell you are using.

echo $0 

If the result is “-bash” or “-su”, you are on the login shell. Be certain that it has a hyphen (-) as a prefix.

The following scripts are executed by the Login Shell:

1. Login shell invokes /etc/profile
2. /etc/profile invokes scripts in /etc/profile.d/*.sh
3. Then executes users ~/.bash_profile
4. ~/.bash_profile invokes users ~/.bashrc
5. ~/.bashrc invokes /etc/bashrc

What is a Non-Login Shell in Unix/Linux System?

A non-login shell is started by a login shell. For example, a shell that you start from another shell or from a program is a non-login shell.

A shell that is not used to log in to the system executes the following script to set the shell environment.

1. Non login shell first executes ~/.bashrc
2. Then ~/.bashrc executes /etc/bashrc
3. /etc/bashrc calls the scripts in /etc/profile.d

Checking whether a shell is a login or non-login shell

To find whether the current shell is a login shell or a non-login shell simply run the below command. See the results and find the difference between them.

echo $0 

Login shell output will be -bash or -su.

Non logins shell output will be bash or su

Conclusion

A Bash shell can be either a login shell or a non-login shell. Both types of shells are invoked with different environment settings. You can easily identify whether a shell is a login shell or a non-login shell with the echo $0 command.

In simple terms, when we log in to a Unix-like system with a user, the first shell is the login shell.

The post What is the difference between Login and Non-Login Shell? appeared first on TecAdmin.

Instructions

In this tutorial, you will understand how to configure passwordless sudo account on a Linux machine. After completing this tutorial, you can run super user commands (allowed) without entering a password.

• Edit sudoers file using visudo command or use below command.

  sudo nano /etc/sudoers
  

• Update entry for your user account with NOPASSWD: option as showing below:

  username  ALL=(ALL:ALL) NOPASSWD: ALL
  

  Change username with your user account and save file.

Test

All done, to test run any superuser command with sudo. The command syntax will be like:

sudo your_command_here

See the below screenshot before and after enabling the password-less sudo privileges for an account. The user needs to provide password before but after making changes the user can restart the apache service with sudo without entering the password.

The post How to Enable Passwordless Sudo for User in Linux appeared first on TecAdmin.

Step 1 – Install Fail2ban on CentOS 8

First of all, install epel-release package to configure EPEL yum repository on your CentOS 8 system. After that, install the Fail2ban rpm package using the following commands.

sudo dnf install epel-release
sudo dnf install fail2ban

Step 2 – Configure Fail2ban

Fail2ban keeps configuration files under /etc/fail2ban directory. but we need to create a copy of this file as jail.local.

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vi /etc/fail2ban/jail.local 

Now we need to make necessary changes in jail.local file to create ban rules. Edit this file in your favorite editor and make changes in [DEFAULT] section.

[DEFAULT]

# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
# will not ban a host which matches an address in this list. Several addresses
# can be defined using space (and/or comma) separator.
ignoreip = 127.0.0.1/8 192.168.1.0/24

# "bantime" is the number of seconds that a host is banned.
bantime = 60m

# A host is banned if it has generated "maxretry" during the last "findtime" seconds. as per below
# settings, 2 minutes
findtime = 5m

# "maxretry" is the number of failures before a host get banned.
maxretry = 5

Step 3 – Protect SSH/SFTP

After completing default configuration, go down in the same file jail.local and update [ssh-iptables] section as below.

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=22, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com, sendername="Fail2Ban"]
logpath  = /var/log/secure
maxretry = 3

Step 4 – Protect FTP

Let’s protect your FTP (vsFTPd) server, Find the below entry of [vsftpd-iptables] section and make changes as below. If you are not using vsFTPd, you can skip this section.

[vsftpd-iptables]

enabled  = true
filter   = vsftpd
action   = iptables[name=VSFTPD, port=21, protocol=tcp]
           sendmail-whois[name=VSFTPD, dest=you@example.com]
logpath  = /var/log/vsftpd.log
maxretry = 5
bantime  = 1800

Step 5 – Restart Service and Test

After making all the changes save your file and restart Fail2ban service using the following command.

sudo systemctl start fail2ban.service
sudo systemctl enable fail2ban.service

For testing purposes, I have tried SSH with the wrong credentials from a different machine. After three wrong attempts, Fail2ban blocked that IP via iptables with reject ICMP. You can see the rules in iptables after blocking the IP address as below. For SSH only systems, make sure to have SSH access from another IP before making these tests.

The post How to Install and Configure Fail2ban on CentOS 8 appeared first on TecAdmin.

As you know, In Linux everything is treated as a file. A folder is also known as directory file denoted by ‘d‘ in the permission section. The below command will set the owner to www-data and group-owner to ubuntu for all files and directories and subdirectories.

sudo chown -R www-data:ubuntu /var/www/html

Use the chmod command to change the permissions for all files, directories, and subdirectories.

sudo chmod -R 755 /var/www/html

Note – The permission 755 is good to set for directories but not on files. This set the execute bit on files which is not recommended for any production environments excluded some specific cases. We recommend setting permissions separately for files and directories.

Set permissions on files:

sudo find /var/www/html -type f -exec chmod 644 {} \;

Set permissions on directories:

sudo find /var/www/html -type d -exec chmod 755 {} \;

All done.

The post how to change permissions of folder and subfolders in Linux appeared first on TecAdmin.

echo $XDG_CURRENT_DESKTOP

In addition, you can also identify the Desktop by checking the currently running processes. Like the following command will show you the processes running for XFCE or KDE or GNOME desktops.

ps -e | grep -E -i "xfce|kde|gnome"

You will see the results like below. As per the below result, the GNOME desktop is being used on this system.

The post How to Detect the Desktop Environment in Linux Command Line appeared first on TecAdmin.