Posts

Showing posts from September, 2019

Free privileged access management software. Get PrivX now.

PrivX® Free

Zero Trust for Zero Bucks!


Gain lean and fast access management for your critical assets – without spending a dime.

Quickly deploy our agentless, credentialess solution that integrates with your existing identity management tools, and start benefitting from secure authorized access to your hybrid and multi-cloud servers and applications.

Own and use – for free – PrivX with a smaller number of servers. Replace your in-house jump hosts, and combine your AWS, GCP and Azure Admin access management into one true multi-cloud solution. As you scale, PrivX will grow with you.
https://info.ssh.com/privx-free-access-management-software

Remove the passphrase for the SSH key

$ ssh-keygen -p
This will then prompt you to enter the keyfile location, the old passphrase, and the new passphrase (which can be left blank to have no passphrase).

kill all processes run by a user on Linux

kill all processes run by a user on Linux$ pgrep -u i88ca | sudo xargs kill -9 Or $ sudo pkill -u i88ca  Or $ sudo killall -u i88ca

MHT vs HTML

MHT files are very similar to HTML files. The difference is that an HTML file only holds the text content of the page. Any images seen in an HTML file are really just references to online or local images, which are then loaded when the HTML file is loaded.

MHT files are different in that they actually hold the image files (and others like audio files) in one file so that even if the online or local images are removed, the MHT file can still be used to view the page and its other files. This is why MHT files are so useful for archiving pages: the files are stored offline and in one easy-to-access file regardless of whether or not they still exist online.

Any relative links that were pointing to external files are remapped and pointed to the ones contained within the MHT file. You don't have to do this manually since it's done for you in the MHT creation process.

The MHTML format is not a standard, so while one web browser might be able to save and view the file without any problem…

General workflow to solve a recursion problem

Define the recursion function;Write down the recurrence relation and base case;Use memoization to eliminate the duplicate calculation problem, if it exists.Whenever possible, implement the function as tail recursion, to optimize the space complexity.

Delete the nth line from a text file

For example, to remove the 106th line: sed -i '106d' .ssh/known_hosts

Microsoft Graph endpoints

Microsoft Graph endpoints available for both personal and work or school accounts, such as:DataEndpointUser profilehttps://graph.microsoft.com/v1.0/meOutlook mailhttps://graph.microsoft.com/v1.0/me/messagesOutlook contactshttps://graph.microsoft.com/v1.0/me/contactsOutlook calendarshttps://graph.microsoft.com/v1.0/me/events

How to move the current directory to AWS S3

aws s3 mv . s3://i88ca-backup-canada/ --recursive

Or

find .-name '*test.c' -maxdepth 1 -exec aws s3 mv {} s3://i88ca/ \;

Get Java process id

pgrep java
#OR
#provided by JDK
jps -l
#OR
ps -el | grep java
#OR
jcmd

How to rotate-log in GlassFish

asadmin rotate-log

Generate-DKIM-records-for-domain.sh

#! /bin/bash
read -p "Enter New Domain: " domain
PRIVKEY=$domain.private
PUBKEY=$domain.public
openssl genrsa -out $domain.private 2048 2> /dev/null
openssl rsa -in $PRIVKEY -out $PUBKEY -pubout -outform PEM 2> /dev/null

cat $PUBKEY
chown -R yourMTA:yourMTA $domain.p*
chmod -R 600 $domain.p*

ssh-keygen -y -e -f "$PRIVKEY"
#diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBKEY" )
## crop first and last line of keyfile
sed '1d;$d'$domain.public >$domain.tmp
## remove newlines from the key
dkim_key=$(tr -d '\n'<$domain.tmp)
rm $domain.tmp

## generate domainkey record and store to text file
echo"default._domainkey.$domain IN TXT \"v=DKIM1;k=rsa; p=$dkim_key\"">$domain.dkim.txt

How to check your MySQL connection is secure

Just run  status OR \s And see the result. If this connection is not using SSL, you'll get: SSL:NotinuseYou can also use: mysql> SHOW STATUS LIKE'Ssl_cipher';+---------------+--------------------+| Variable_name | Value |+---------------+--------------------+| Ssl_cipher | DHE-RSA-AES256-SHA |+---------------+--------------------+1rowinset(0.00 sec) mysql>

MySQL Option Files Read on Unix and Unix-Like Systems

Option Files Read on Unix and Unix-Like Systems File NamePurpose/etc/my.cnfGlobal options/etc/mysql/my.cnfGlobal optionsSYSCONFDIR/my.cnfGlobal options$MYSQL_HOME/my.cnfServer-specific options (server only)defaults-extra-fileThe file specified with --defaults-extra-file, if any~/.my.cnfUser-specific options~/.mylogin.cnfUser-specific login path options (clients only)

Most IT security teams know they need to prioritize their worstvulnerabilities.

However, with the overload of vulnerability disclosures it has become an extremely challenging task.

A secure web server isn’t really secure if the infrastructure supporting it remains vulnerable.

Unless you implement infrastructure protection, your non-HTTP assets are vulnerable and you may not be as protected as you think you are.

How to Pass Arguments to a Bash Script

Bash arguments are accessed inside a script using the variables $1, $2, $3, and so on. The variable $1 refers to the first argument, $2 to the second argument, and $3 to the third argument.
name=$1
email=$2

If you have a variable number of arguments, use the $@ variable, which is an array of all the input parameters. This procedure uses a for loop to iteratively process each one, as illustrated in the following example: for names in "$@"
do
echo $names
done

Two data states: At rest and In transit

At rest: This includes all information storage objects, containers,
and types that exist statically on physical media, whether magnetic or
optical disk.
In transit: When data is being transferred between components,
locations, or programs, it's in transit. Examples are transfer over
the network, across a service bus (from on-premises to cloud and
vice-versa, including hybrid connections such as ExpressRoute), or
during an input/output process.

Change Jenkins time zone

Image
If running Jenkins via a system package, this can be accomplished by setting JAVA_ARGS in your /etc/default/jenkins (Debian)

JAVA_ARGS="-Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York"
or /etc/sysconfig/jenkins (Red Hat) such as:

JENKINS_JAVA_OPTIONS="-Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York"
or, if that doesn't work,

JENKINS_JAVA_OPTIONS="-Duser.timezone=America/New_York"

Debug for user with nologin / headless in linux

For users such as postfix, jenkins with nologin in linux

You can login like:

$ sudo su - jenkins -s /bin/bash

Or you can temporarily change it to, for example:
usermod -s /bin/bash postfixfor debugging.


You need to change back to /sbin/nologin though.

You can do the other way:

$ sudo chsh -s /bin/bash postfix
Changing shell for postfix.
Shell changed.
$ getent passwd postfix | cut -d: -f7
/bin/bash
sudo chsh -s /sbin/nologin postfix (or /bin/false)
Changing shell for postfix.

Windows kill by PiD - taskkill

Stopping or killing a PID.
Microsoft Windows users can end a PID by using the taskkill command from the command line or through the Task Manager.

In order to get Dolby Digital Plus audio, you need to have a receiver that supports Dolby Digital Plus.

Dolby Digital Plus is an audio technology based on Dolby Digital 5.1, the established standard for home theater surround sound.

Homebase Electronic Timer Operation Instructions

Image
ChargingIf your timer has sat unused for some time then you may need to leave it plugged into
the mains for a bit to recharge its internal battery. Timer ModesThe timer has five basic modes: Normal operating modeTime Set modeProgram (Timers) set modeRandom (RND) modeCountdown timer (CTD) modeNoteIf at any time if you don’t press a button for more than around 5 seconds the
unit will drop out of setting modes into normal operation mode

ResetTo perform a complete reset of the timer press the small round ‘R’ button with a
pencil, or similar. To reset/clear a single timer, when in programme mode (see "Set Programmes"
below) press the 'finger' button.
Set AM/PM or 24hr clock ModePress and hold the ‘TIME' button for around 3 seconds and the timer will change
between AM/PM and 24hr clock display modes. In AM/PM mode AM or PM is
displayed just to the right of the seconds count
Set Summer Time or Winter Time (BST/GMT)There's no need to adjust the actual clock hours, just change be…

Technology might make your job obsolete.

Technological advancement is occurring rapidly. Many jobs that once relied on the skills of a single person may not be the case anymore. It is important to consider training and/or retraining in your field to continue to make yourself valuable in the market. Additionally, with the rise of technology it is important to consider that your skill set may need to evolve beyond your scope and line of work and into another discipline.

Configure your incoming Email server firewall

Open up port 25 on your server so that people can send email into the server over SMTP.Open up port 143 on your server so that you can read email from other server over IMAP.

Most modern mailing list software already knows how to handle VERP messages if the MTA is properly configured to pass them back to the mailing list software

In the case of GNU Mailman you should checkout the FAQ page aptly named "How do I use VERP with a - delimiter (Postfix recipient_delimiter)?

Thread-safe in Session scope

The Session object is shared among all threads initiated by the same user. This may cause problems when objects are accessed concurrently e.g. when the user opens a second browser tab of the application.

Concurrency problems are hard to discover.

Fixed: add-apt-repository command not found on ubuntu

# apt-get install -y software-properties-common
If software-properties-common not found, run update and upgrade first.

Scriptable email client on Linux

The MH message handling system is a set of electronic mail programs in the public domain. If your computer runs Unix, it can probably run MH.The big difference between MH and most other "mail user agents" is that you can use MH from a Unix shell prompt.

In MH, each command is a separate program, and the shell is used as an interpreter. So, all the power of Unix shells (pipes, redirection, history, aliases, and so on) works with MH--you don't have to learn a new interface. Other mail agents have their own command interpreter for their individual mail commands (although the mush mail agent simulates a Unix shell).

Because MH commands aren't part of a monolithic mail system, you can use them at any time; you don't have to start or quit the mail agent. Because you use them from a shell prompt, you can use all the power of the shell. If your shell has time-saving aliases or functions (and most do),you'll be able to use them with MH, of course. And because MH isn'…

Difference between sleep() and wait() in Java?

Java sleep () and wait ()

The major difference is that wait () releases the lock or monitor while sleep () doesn't releases the lock or monitor while waiting. wait () is used for inter-thread communication while sleep () is used to introduce pause on execution, generally.

How to Add Custom Ads.Txt File in Blogger?

Image
You can now manually set up the content of the ads.txt file via Blogger settings without the need of uploading any file to Blogger’s root directory, which doesn’t exists.



Sign in to Blogger at blogger.comIn the top left, click the Down arrow Down Arrow .Click the blog you want to set up an ads.txt file on.On the left, click Settings.Under “Settings,” click Search preferences.Under “Monetization,” find “Custom ads.txt” and click Edit.Click Yes.Copy the settings from your third-party monetization provider and paste them in the text box.Click Save settings.

DNS records for a subdomain

If you send mail from a subdomain, you may not be able to add a TXT record for that subdomain. To use DKIM authentication, you can add the necessary TXT record to the parent domain.

Fixed: No package dig available

yum install bind-utils

Install the mongo shell on Ubuntu 18.04

Import the public key that will be used by the package management system.

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5
Create the list file /etc/apt/sources.list.d/mongodb-org-3.6.list for MongoDB using the command appropriate for your version of Ubuntu.

Ubuntu 18.04

echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
Reload the local package database using the following command:

sudo apt-get update
Install the MongoDB shell.

sudo apt-get install -y mongodb-org-shell

Use recursion to compute the Fibonacci number of a given integer

Artificial general intelligence (AGI) will be the most significant technology ever created by humans.

OpenAI is a non-profit AI research company, discovering and enacting the path to safe
artificial general intelligence.

‘Hey Siri’ works great with CarPlay and allows you to keep your hands free

The ‘Hey Siri’ hands-free function allows you to speak to Apple’s virtual assistant, Siri, without pressing the Home button or pressing any button on the wheel, dash, or headunit. Simply saying ‘Hey Siri’ will wake him/her up and you can continue to command Siri immediately after.

PowerShell Core is now an Open Source project on GitHub.

See the following articles for more information on installing PowerShell Core on various supported and experimental platforms.

Installing PowerShell Core on WindowsInstalling PowerShell Core on LinuxInstalling PowerShell Core on macOSInstalling PowerShell Core on ARM

Deployment Groups are a new feature in Payara 5.

The Deployment Group is designed to replace the deployment targeting aspect of Clusters that was available in previous versions of Payara.

segregated funds can help protect your retirement savings

For older people afraid of having their savings wiped out in a market downturn, segregated funds could be an effective option.

Convert a maven java project to support Eclipse

To convert a maven java project to support Eclipse, you can use below command to generate configuration files

mvn eclipse:eclipse
Run this command from the directory containing the pom.xml

TestNG Annotations and Their Meaning

@BeforeSuite: The annotated method runs before all tests in this suite.

@BeforeTest: The annotated method runs before test classes.

@BeforeGroups: The annotated method runs before the group's tests.

@BeforeClass: The annotated method runs before the first test method which belongs to any of the test groups.

@BeforeMethod: The annotated method runs before each test method.

@Test: The annotated method is a test method. It executes the test.

@AfterMethod: The annotated method runs after each test method.

@AfterClass: The annotated method runs after all the test methods in the current test class.

@AfterGroups: The annotated method runs after the last test method which belongs to any of the test groups.

@AfterTest: The annotated method runs after test classes.

@AfterSuite: The annotated method runs after all tests.

TestNG XML File

TestNG is a testing framework and we can run our Selenium Tests by using its annotations such as @BeforeMethod, @Test, @AfterMethod, etc.

We can structure and control our test classes with TestNG.xml file. We should add class names, methods, groups, parameters, in this file to run our test with specific configurations.

How to fix "fatal: remote origin already exists."

git remote rm origin

How to get all shell options

Use the -o option to set to display all shell options:
set -o

Bash set debugging options

set -f
set -o noglob
Disable file name generation using metacharacters (globbing).
set -v
set -o verbose
Prints shell input lines as they are read.
set -x
set -o xtrace
Print command traces before executing command.

Find out which groups on Linux

Every user is a member of one or more groups. To find out which groups you belong to use the command:

    groups

To find out which groups another user belongs to use the command:

    groups username

How to change group ownership of files and directories on Linux

To change group ownership of files and directories

Every user is a member of one or more groups. To find out which groups you belong to use the command:
    groupsTo find out which groups another user belongs to use the command:
    groups usernameYour files and directories are owned by the group (or one of the groups) that you belong to. This is known as their "group ownership".

To list the group ownership of your files:
    ls -glYou can change the group ownership of a file or directory with the command:
    chgrp group_name file/directory_nameYou must be a member of the group to which you are changing ownership to.

Understanding Ephemeral storage

Ephemeral storage, as its name suggests, exists only as long as the instance it is associated with. If and when the user decides to delete the instance, the ephemeral storage is destroyed along with it. This is in contrast to persistent storage which remains in existence even if it is not currently being used by an instance.

Persistent storage can thus be reused across instances and is priced separately while ephemeral storage is tied to each instance and is included in the instance charges.

Users familiar with PC storage might think of ephemeral storage as akin to a PC's internal disk drives; persistent storage can be considered similar to an external USB drive.

MySQL :: Workbench ssh tunnel and Proxy

To use MySQL workbench through ssh tunnel, you just need to create a new connection in the workbench, and then choose "Standard TCP/IP over SSH" for the "connection method".

Access Single User Mode (Reset Root Password) on CentOS 7

1. Reboot the server
2. As soon as the boot process starts, press ESC to bring up the GRUB boot prompt. You may need to turn the system off from the control panel and then back on to reach the GRUB boot prompt.
3. You will see a GRUB boot prompt - press "e" to edit the first boot option. (If you do not see the GRUB prompt, you may need to press any key to bring it up before the machine boots)
4. Find the kernel line (starts with "linux16"), change ro to rw init=/sysroot/bin/sh.
5. Press CTRL-X or F10 to boot single user mode.
6. Access the system with the command: chroot /sysroot.
7. Run passwd to change the root password.
8. Reboot the system: reboot -f.

How to find information about programs and files on Linux

which -a script_name

whereis script_name

locate script_name

Format code in Visual Studio Code (VSCode)

The code formatting is available in Visual Studio Code through the following shortcuts:

On Windows Shift + Alt + F
On Mac Shift + Option + F
On Ubuntu Ctrl + Shift + I
Alternatively, you can find the shortcut, as well as other shortcuts, through the search functionality provided in the editor with Ctrl +Shift+ P (or Command + Shift + P on Mac), and then searching for format document.

Reuse an ssh connection

In .ssh/config file:

host *
  ControlMaster auto
  ControlPath ~/.ssh/ssh_mux_%h_%p_%r
ssh figures out if a shareable connection already exists for the host/port/username combination and uses that if possible.

Reboot WSL (Windows subsystem Linux) in Windows 10

Type the below command and press the Enter button. ( by Admin )

Get-Service LxssManager | Restart-Service

How to Find out current Status of MySQL server?

To find out current status of MySQL server, use the following command. The mysqladmin command shows the status of uptime with running threads and queries.

# mysqladmin --login-path=root status

How to check MySQL Server is running?

$ mysqladmin --login-path=root ping

How to change settings for CNAME Flattening

CNAME Flattening cannot be disabled. By default, domains are setup to only flatten CNAME records at the root domain.
Domains on Pro, Business and Enterprise plans can either apply CNAME Flattening to CNAMEs at the root domain or for all CNAMEs within the domain. To flatten all CNAMEs in the domain, select Flatten all CNAMEs from the CNAME Flattening dropdown menu within the DNS app of the Cloudflare dashboard.

Free plans can only flatten CNAMEs at the root domain.

US security officials warn more cyberattacks are coming

Fighting back is complicated when the vicitm is a private company.

New phone includes 3 cameras, a feature already part of some rival products

Apple Introduces New iPhone as it Seeks to Keep Up with Competitors

Build a data lake on Amazon S3

Data Lake Storage on AWS
Why build a data lake on Amazon S3?

Amazon S3 is the largest and most performant object storage service for structured and unstructured data and is the storage service of choice to build a data lake.

How to Install Postfix on CentOS/RHEL/Oracle 7/6/5

yum remove sendmail
yum install postfix
Make postfix as default MTA for your system using the following command

alternatives --set mta /usr/sbin/postfix
If above command not work and you get the output as "/usr/sbin/postfix has not been configured as an alternative for mta". Use below command to do the same else skip it

alternatives --set mta /usr/sbin/sendmail.postfix

Run Unix commands from within Vim

:shell :sh[ell] start a shell
:! :!{command} execute {command} with a shell

iPhone 11 Pro Available 9.20

A transformative triple‑camera system that adds tons of capability without complexity. An unprecedented leap in battery life. And a mind‑blowing chip that doubles down on machine learning and pushes the boundaries of what a smartphone can do. Welcome to the first iPhone powerful enough to be called Pro.

Install neovim on Oracle Linux/CentOS/Red Hat Linux

CentOS 7 / RHEL 7Neovim is available through EPEL (Extra Packages for Enterprise Linux) yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install -y neovim python3-neovim