Self signed SSL – quick and dirty

    If you’re in the market for quickly getting a self signed SSL certificate done:

    openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
    openssl rsa -passin pass:x -in server.pass.key -out server.key
    openssl req -new -key server.key -out server.csr
    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

    ls -la

    -rw-r–r–. 1 root root 1387 Apr 27 08:49 server.crt
    -rw-r–r–. 1 root root 1098 Apr 27 08:49 server.csr
    -rw-r–r–. 1 root root 1679 Apr 27 08:48 server.key

    Enjoy

    Changing SSH port in CentOS with SELinux enabled

    So, you wanted to change the ssh port, but when you restart sshd : “systemctl restart sshd” – it doesn’t wanna come up due to selinux not allowing it:

    Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Starting OpenSSH server daemon…
    — Subject: Unit sshd.service has begun start-up
    — Defined-By: systemd
    — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

    — Unit sshd.service has begun starting up.
    Apr 26 12:31:21 ip-10-0-0-169 polkitd[13985]: Unregistered Authentication Agent for unix-process:14017:9027294 (system bus name :1.65, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bu
    Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on 0.0.0.0 failed: Permission denied.
    Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on :: failed: Permission denied.
    Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: fatal: Cannot bind any address.
    Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
    Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Unit sshd.service entered failed state.
    Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service failed.

    Enter semanage:

    [root@ip-10-0-0-169 log]# semanage port -l | grep ssh
    ssh_port_t tcp 22
    [root@ip-10-0-0-169 log]# semanage port -a -t ssh_port_t -p tcp 25252

    (this command will take a while to complete, so just let it be)

    restart sshd: systemctl restart sshd 

    voila! it’s alive!

    — Unit sshd.service has begun starting up.

    Fix ESC git diff / FreeBSD

    So let’s say you are trying to do a git diff and it looks like crap:

    ESC[1mdiff –git a/node_modules/namecheap/namecheap.js b/node_modules/namecheap/namecheap.jsESC[m
    ESC[1mindex df87fc0..dde8ea0 100644ESC[m
    ESC[1m— a/node_modules/namecheap/namecheap.jsESC[m
    ESC[1m+++ b/node_modules/namecheap/namecheap.jsESC[m
    ESC[36m@@ -276,15 +276,15 @@ESC[m ESC[mnamecheap.prototype = {ESC[m

    fix it by doing :

    git config –global core.pager “less -r”

    Enjoy

    [SOLVED] vmware-hostd high cpu usage

    This can get quite annoying at times, but it if you notice vmware-hostd taking up cpu, you can disable VMs sharing by going to Edit > Preferences > Shared VMs > Disable Sharing.

    Will fix instantly.

    Enjoy!

    git – large file removed but still can’t push

    So i have a git repo where a large file got commited by mistake:

    git push origin master
    Counting objects: 2480, done.
    Delta compression using up to 4 threads.
    Compressing objects: 100% (1922/1922), done.
    Writing objects: 100% (2480/2480), 484.14 MiB | 15.10 MiB/s, done.
    Total 2480 (delta 697), reused 0 (delta 0)
    remote: error: GH001: Large files detected. You may want to try Git Large File Storage – https://git-lfs.github.com.
    remote: error: Trace: b3405c85f13ee38933ee3ba62be554e1
    remote: error: See http://git.io/iEPt8g for more information.
    remote: error: File auf2/aaaaa.mp4 is 389.00 MB; this exceeds GitHub’s file size limit of 100.00 MB

    I removed the file, commited bla bla and still in the commit history, the file would exist and i would get the same message over and over again.

    In order to fix this, i had to remove it from the history using the command below:

    git filter-branch –index-filter ‘git rm -r –cached –ignore-unmatch auf2/aaaaa.mp4’ HEAD

    Enjoy!

    htaccess redirect http:// to www and vice versa

    RewriteEngine On
    RewriteBase /

    # Redirect to www
    RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+$
    RewriteCond %{HTTPS}s ^on(s)|
    RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    #Redirect to http://
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

    Enjoy

    Useful vi commands

    Just in case you’re lost at some point.

    “o” = insert mode
    “A” = edit at the end
    “a” = edit where you are
    “shift r” = replace some text
    “yy” “5yy” = copy the lines
    “p” “shift p” = paste below or above the line
    “dd” “10dd” = deletes the line
    “shift h” = go top
    “shift l” or “shift g” = go bottom
    “cw” = replace only 1 word – different than “shift r”
    “/” = search forward | “n” and “shift n” – go to the next search
    “?” = search backward
    “u” = undo
    “:%s/the/katmai” – replace in all the doc
    “:1s/the/katmai” – replace on a line
    “:e filename” – loads a file
    “:r filename” – loads the contents of another file

    disable and stop firewall on CentOS7

    For the time being the firewall has to be off. I will replace it with csf anyway.

    [root@500748 ~]# systemctl list-unit-files |grep -i firewall
    dbus-org.fedoraproject.FirewallD1.service enabled
    firewalld.service enabled
    [root@500748 ~]# systemctl disable firewalld
    rm ‘/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service’
    rm ‘/etc/systemd/system/basic.target.wants/firewalld.service’

    [root@500748 ~]# systemctl stop firewalld
    [root@500748 ~]#

    Done!

    CentOS7 disable ipv6

    For the time being this has to stay off for clarity sake:

    Add:
    net.ipv6.conf.all.disable_ipv6 = 1
    to /etc/sysctl.conf
    
    then type: sysctl -p
    
    Done.

    CentOS7 change hostname

    I started switching recently (i know i should have probably started earlier but meh, was busy) switching boxes to CentOS7. Changing the hostname is slightly different now:

    [root@500748 ~]# hostnamectl status
    Static hostname: beast1.domain.com
    Icon name: computer-desktop
    Chassis: desktop
    Machine ID: e289f5250bd548609d5989766573ab49
    Boot ID: 844dbb05561c4c599aad84d9f685d0e8
    Operating System: CentOS Linux 7 (Core)
    CPE OS Name: cpe:/o:centos:centos:7
    Kernel: Linux 3.10.0-229.el7.x86_64
    Architecture: x86_64

    So in order to change the hostname you would do:

    hostnamectl set-hostname my.new.hostname

    Done!