Tag Archives: ubuntu

Allowing SSH Key Based Logins from Another System

I have a Digital Ocean server that I SSH into from my laptop for mainly development purposes. But I also want to do scheduled downloads of the server backups from a server at home. So I need to SSH from a new machine to my server with no user prompt. Easy, but it always prompts me for a pass phrase and I have multiple keys in use on my home server.

While you could just copy your private keys from Client1 to Client2 in order to do this, it’s not a great thing to be doing security-wise. So let’s just not do that.

What you need to do is create a new key pair on Client2 (actually my home server) with,

ssh-keygen

When prompted, make sure you tell it to use a new key file if you have existing keys. If you don’t do that it’ll overwrite your old ones and you’ll be testing your recovery process. When prompted for a pass phrase, just leave it blank and hit Enter. While a pass phrase would be more secure, I want to use this SSH connection to automatically connect as part of a crontab job. So no one will be able to enter a pass phrase anyway.

So now we have a fresh keypair on Client2, say in a file called id_rsa_2. We need to get the public key id_rsa_2.pub to our remote server so it’ll trust us when we connect. We do that with a simple copy and append command,

cat ~/.ssh/id_rsa_2.pub | ssh <your-user>@<your-server> “cat >> ~/.ssh/authorized_keys”

When you run that command you’ll be prompted for your password as normal as we’re in the process of loading up the keys.

Now we have a new key pair and have copied the public key to the remote server so it trusts us when we connect. But if Client2 has multiple key pairs in use (i.e. we had to use id_rsa_2 as otherwise we would have overwritten existing keys), how does SSH on Client2 know which keys to use? By default it’ll always use the first key pair and not our new one.

The simple solution is to create a config file in Client2 called ~/.ssh/config and define a Host and which keys to use.

Host <your-server>
IdentityFile ~/.ssh/id_rsa_2

Now you should be able to SSH from your second machine to your remote server with new keys and by using the keys, not have to enter a password.

Permissions Problems with git pull

I’ve started working on Doc5 from a laptop in the last few months and have begun the pull/push process to get my Bitbucket repo and desktop machine all in sync. But when trying to get these sorted I found permissions problems on one of the local repos. When I tried to do a pull I had about eight files that either couldn’t be unlinked or couldn’t be created.

If I looked at the permissions on the files I was the owner, www-data (Apache in Ubuntu) was the group and the permissions where 644 on the files and 755 on the directories in my project folder. So that all seemed fine.

But what you need to watch for is the extra permissions that a process needs in order to unlink. What git is doing is taking these files away and then replacing them in the folder. i.e. it’s not just a modification through a write action to the file. Continue reading Permissions Problems with git pull

Apport Disk Full Error Using apt-get

If you’re a Ubuntu user who finds themselves with an ugly message like this one day when running a apt-get update,

No apport report written because the error message indicates a disk full error

you may have thought you’ve run out of disk space and run the command,

df -h

but then found you had plenty of space free. Well maybe you do have plenty of bytes free but what about inodes? They’re effectively a limitation of the number of files you can have in a filesystem. Continue reading Apport Disk Full Error Using apt-get

Missing Network Interfaces in Ubuntu Under VMware ESXi

Every now and again I clone a VM and add it to another host. ESXi prompts you for a new UID when you start the VM and I always remove the virtual network card(s) from the machine and re-add them later. I do this to make sure I don’t have two machines with the same MAC addresses on the network. But if you do this with Ubuntu, the new NIC(s) don’t get picked up by the OS. This is almost certainly not specific to VMware or their ESXi product, it’s just the environment I’m using.

This problem seems to be caused by a lack of automatic hardware probing at boot, probably for a good reason but I’m no Linux kernel guru so won’t make a judgement there. The root of the issue is located in the file /etc/udev/rules.d/70-persistent-net.rules where you’ll see the old interfaces still listed alongside the new ones. Simply remove the old NIC(s) and ensure the new ones have the MAC addresses you expect and the correct ethx labels. Give the system a reboot and you should be happy.

Steps to resolve a missing network interface in Ubuntu 10.04 Lucid Lynx (and possibly earlier):

  1. sudo nano /etc/udev/rules.d/70-persistent-net.rules
  2. Delete the lines with the old interfaces after comparing with your VMs newly assigned MAC addresses.
  3. Confirm the interface names are what you expect at the end of each line.
  4. Ctrl-X to save and exit.
  5. sudo shutdown -r now
  6. Run ifconfig to confirm the interfaces are up with the correct IPs.
  7. If the interfaces are up, check your /etc/network/interfaces config to adjust IP settings as required.

Installing VMware Server 2.0.2 in Ubuntu 10.04

After updating my trusty old server to Ubuntu Lucid Lynx 10.04 the installation of VMware Server 2.0.1 started giving problems. Resinstalling VMware didn’t help as I was repeatedly getting compilation problems in vmmon and vmnet modules. Luckily I stumbled across the following process from one of the VMware forum pages which pointed to a great work-around from the radu cotescu site.

So I take no credit for this but simply repeat it here so that the search gods may recognise it’s usefulness and +1 it’s importance.

Start by downloading VMware Server 2.0.2 from the official VMware site. If you haven’t already got a few licenses, get one now. (They’re free so you might as well get a few) I’m going to assume the downloaded file is in your home directory.

You also need to update the header files for your current kernel so that the configuration scripts from VMware can build the appropriate modules.

sudo apt-get install linux-headers-`uname -r` build-essential

Now just run the following commands.

cd /usr/local/src
sudo wget [http://codebin.cotescu.com/vmware/vmware-server-2.0.x-kernel-2.6.3x-install.sh]
sudo tar xvzf raducotescu-vmware-server-linux-2.6.3x-kernel-592e882.tar.gz
cd raducotescu-vmware-server-linux-2.6.3x-kernel-592e882/
sudo cp /home/<your_username>/VMware-server-2.0.2-203138.i386.tar.gz .
sudo tar xvzf VMware-server-2.0.2-203138.i386.tar.gz
sudo chmod +x vmware-server-2.0.x-kernel-2.6.3x-install.sh
./vmware-server-2.0.x-kernel-2.6.3x-install.sh

If you have a previous installation of VMware Server, you’ll be prompted that it’ll be removed as part of the install. Don’t worry, any guest VMs you had should still be there afterwards. The script will run through the usual prompts and you’ll see references to the patched files from Radu Cotescu. After a few minutes you should have a working install of VMware Server 2.0.2 on your Ubuntu 10.04 server.

Running WordPress & PHP Behind ISA Proxy

Some things work well on their own but when mixed make your life hard. Things like Linux and PHP work very well. Microsoft ISA proxy also does a good job in a corporate MS environment. But making the two work together in a controlled environment can be an exercise in frustration.

In this post I’ll pass on the methods I found to get PHP and your Linux boxes talking out through a corporate ISA proxy server. You can then bring in RSS feeds, updates and other things in WordPress and use apt-get to update Ubuntu. Continue reading Running WordPress & PHP Behind ISA Proxy

MySQL Replication on Ubuntu with DRBD

I’ve been looking around for some easy and open-source ways to handle database replication for a handful of small but important MySQL databases. A few options were viable but usually included too many config changes for things like creating a new database. DRDB on a Linux server seems to be one of the fastest and easiest methods to handle database synchronisation for DR purposes, so this is the subject of this post. The content is a combination of two main sources from Mark Schoonover and the Ubuntu server guide and the gotchas I found along the way.

This post will show you how to create two MySQL servers that automatically replicate all their databases using DRBD. With Heartbeat installed on a third machine you’ll have basic fail over protection as well (we’ll do this in another post). Only one of the database servers will be active at any one time. Continue reading MySQL Replication on Ubuntu with DRBD

Upgrading to VMware Server 2 on Ubuntu 8.04

After downloading the latest Windows 7 RC I loaded it into VMware Server 1.06 that I installed on Ubuntu Server a while back. All going well until the Windows 7 installer wouldn’t see the disk I had created. It seems that Windows 7 doesn’t like the SCSI virtual disk, so I removed that and created an IDE virtual disk and restarted the install.

Things were much better until it came time to install the VMware Tools and nothing happened. Things weren’t exactly snappy and without the tools installed, they weren’t going to get any better. It was time to make the upgrade from VMware 1.06 to 2.0 and as it turns out, is much easier than previous VMware installs.

Overall I followed the instructions from the LinuxGazette website and things worked flawlessly, but there were a couple of extras due to the upgrade.

Firstly (and fairly obviously), make sure you stop your current VMware daemon/service before starting the install. The VMware installer is pretty good, but I’m sure that your virtual machines would appreciate being offline before things get messed up.

sudo /etc/init.d/vmware stop

If you’re upgrading from VMware Server 1.06 the installer will also complain about the vmnet and vmmon modules being left from a previous version. So we need to get rid of those – using the correct kernel version. You can get that with “uname -r”.

sudo rm /lib/modules/2.6.24-22-server/misc/vmnet.o
sudo rm /lib/modules/2.6.24-22-server/misc/vmnet.ko
sudo rm /lib/modules/2.6.24-22-server/misc/vmmon.o
sudo rm /lib/modules/2.6.24-22-server/misc/vmmon.ko

After that it’s plain sailing. Just follow the instructions to untar your VMware download and run the installer. Assuming you used the default locations in the previous install, your virtual machines will be untouched and start happily under VMware Server 2.0

One of the final things to note in the install is that the new client interface is all browser based. To log into your VMware server requires a password and the Ubuntu root user does not have one by default. So on your server be sure to run,

sudo passwd root

and set a nice secure password for when you head to http://servername:8222. Firefox users will need to give the site security certificate the OK and all browsers will need to install the plugin to use the console to view your machines.

Hooray – Windows 7 now installs the VMware Tools properly and runs pretty well. At the moment I have no sound and the limited graphics under VMware don’t allow Aero fanciness, but I can now test and develop in the Windows world while meeting all license requirements. The Windows 7 RC license is valid until June 2010 although don’t wait that long as it’ll start making life hard for you in March 2010. That’s almost a year of free OS from Microsoft!

Enable WakeUp from PS2 Keyboard in Ubuntu 8.10

One of the annoying “missing features” I’ve struggled with under Ubuntu is that I was unable to wakeup the PC from suspend or hibernate with my keyboard. Of course, Windows just does it – tap the keyboard and the PC starts up again. I could press the power button on the front of the PC, but its down the side of the desk and not easily accessible.

I found an older post in the Ubuntu forums that had the fix for USB devices and it also works for PS2 with the simplest of changes. So follow these steps and you should be saving power and getting back to work faster.

Open a Terminal and type,

cat /proc/acpi/wakeup

Note the entries that come back and you should see a device called “PS2K” toward the top if you have a PS2 keyboard. For those with USB, it’ll be one of the USB items toward the bottom. The entry will probably also have “Disabled” on the same line, hence your problem.

To enable this entry, switch to a root session by typing,

sudo -s

and enter your password. Now type the following to update the acpi file and toggle “disabled” to “enabled”, (those with USB devices can try USB0, USB1, etc)

echo PS2K > /proc/acpi/wakeup

That should have now enabled your PS2 keyboard to wakeup your PC for this session. Give it a test by putting your machine to sleep and then tapping a key on your keyboard. Probably a good idea to save stuff first, just in case.

If you tried changing a USB device, it may take a few guesses until you find the KB. My mouse was USB0 and clicking any mouse button can also do the wakeup task.

To make this change permanant, you need to add that line to a script and run it when Ubuntu starts. So we create a file called wakeup.sh with the following contents,

#!/bin/bash
echo PS2K > /proc/acpi/wakeup

Save it and from a Terminal make it executable so it runs properly as a script and not just a text file,

chmod +x wakeup.sh

Now to add it to the startup area go back to your Terminal that’s running as root. We need to copy the file to the correct location and add it to the startup processes. You’ll need to run the cp command in the same folder as where you saved your wakeup.sh file.

cp wakeup.sh /etc/init.d/wakeup.sh
update-rc.d wakeup.sh defaults

Now when you reboot, the script will run and enable your PS2 keyboard in ACPI so you can wakeup your PC.