Daily Log: remove user password in linux/for change password

Q. How do I delete user Password and for user under Linux?

A. All user encrypted passwords are stored in /etc/shadow file. The quick way to remove/delete a user password is pass –delete option to passwd command.

First, login in as a root user. Command to delete user password under Linux

Type the following command to delete a user password:

# passwd --delete username

OR

# passwd -d username

Above command delete a user’s password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless. User will not able to login. but if the user still have his/her ssh public keys he/she can still login to the accounts to disable the account permanently do:

# usermod -s /sbin/nologin username

NOTE: this also useful to force user to change their password at login (those that have ssh public keys auth enabled) with chage command combined, example

# passwd -d alba
# chage -d 0 alba

command above will delete the user password and he/she will required to set a new password when connecting via ssh without needing to enter the old password, good for resseting forgotten user password :)

GIT + SSH passwordless auth on windows

Getting Git to use Plink for SSH on Windows somehow by default it wont :20:

You need to create a system variable in Windows for GIT_SSH:

1. Go to System Properties > Advanced Settings
2. Click the button for Environment Variables
3. Click ‘New’ to add a new system variable
4. Under variable name, call it ‘GIT_SSH’
5. Under variable value, put in the path to your Plink executable: ‘C:\Program Files\PuTTY\plink.exe’ (or where ever your plink are)

6. Click all the OK until you are out of System Properties
7. Git should now able to use Plink for SSH

Moving your GPG keys to another machine

It pretty straight forward step, the only thing you need to do is copy the *.gpg files (pubring.gpg;secring.gpg; trustdb.gpg; and trustedkeys.gpg, if it exists) along with gpg.conf from the GnuPG home directory (usually ~/.gnupg or C:\Documents and Settings\YOURUSERNAME\Application Data\gnupg) on the current machine to the new machine.

if you are moving it from linux to windows machine you can skip the gpg.conf files

:cayo: :06:

/bin/rm: Argument list too long.

Have you ever encountered this particular messages? don’t know what to do with it? I used to get this a lot on some of the freeBSD server that I maintain, mostly cause when I try to delete the sendmail queue’s, my sendmail realy like to fill up the /var/spool partition :p so from time to time I have to delete it manually, but the thing is the folder contain to many files when I try to rm -fr * nasty “/bin/rm: Argument list too long.” show up. Well the solution is fairly simple (for me that is) for me just use some shell script magic:

1st I make sure I’m in the /var/spool/mqueue, so we don’t want accidentally delete the / partition don’t we?, trust me I happen to me once good thing I run it on my VMware machine if not I’ totally fsck :p. So back to our folder /var/spool/mqueue that is, I just issued this single line of shell script:

for x in *; do rm -vfr $x; done

and all the thousand files in /var/spool/mqueue is gone! there some other way to delete multiple files here a good example how with a different approach :

find . -name '*' | xargs rm

where “.” is the current directory the command is being run

-EOF

VPN ?? meh tgk sket

Ni time aku rajin sikit, sikit jer tak banyak mende tengah ada idea sebelum aku lupa baik aku share kat sini nanti kalau depan-depan aku lupa bley gak tengok-tengok balik ape yg aku tulis ni,

** !!!AMARAN!!! **

SEGALA MALAPETAKALA YANG AKAN TERJADI KALAU KORANG IKUT APE BENDE YANG AKU MEREPEK KAT SINI AKU TAK TANGGUNG. SEBAB AKU BUAT TAKDA PROBLEM KALAU KORANG TRY ADA PROBLEM NASIB LA BERANI BUAT BERANI TANGGUNG SENDIRI HEHEHE

** !!!AMARAN!!! **

Resepi hari ni:

Cara mudah untuk setup Virtual Private Network guna MPD atas FreeBSD 6.0 nasib la kalau korang guna version lain dah ini jer yang aku ada tapi takpa versi lain bley apply aku rasa ni try & error :p
Ni kalau korang tengok contoh network layout aku:

LAN network : 10.10.10.0:255.255.255.0 (10.10.10.0/24)
Gateway LAN : 10.10.10.1
IP Luar / ISP : 100.100.100.254 (ni contoh kalau static kalau dynamic nanti aku story lebih kat bawah)
IP untuk VPN server : 10.10.10.9
IP untuk VPN client : 10.10.10.10,10.10.10.11 …. suka hati korang la nak letak byk mane pun

sebelum korang try check dulu ler kernel korang tu dah compile untuk support pseudo-device aka “tun” kalau takda sila compile cara nak compile jgn tanya leceh aku nak panjang-panjang kat sini korang gi la cari dalam freebsd handbooks ada situ dia dah sesiap ajar baca jangan tak baca kalau dah siap baru sambung baca yang kat bawah ni plak.

Bahan-bahan yang di perlukan:

1. Akses root kalau takda jangan nak mengatal try bazir masa jer
2. FreeBSD ports (make sure korang dah cvsup yang latest)
3. Mpd – Multi-link PPP daemon based on netgraph

Cara-caranya:

Install MPD dari FreeBSD ports untuk contoh ni aku guna version 3 dia duk dalam /usr/ports/net/mpd/ kalau time korang baca ni dah ada yang versi lain tak tau ler aku.

# cd /usr/ports/net/mpd
# make && make install && make clean

lepas dah siap install tu (harap-harap takda la error ye) meh kita create config plak, kebiasaannya semua contoh config ada duk dalam /usr/local/etc/mpd/ kalau rajin nak tgk sila la tgk kalau malas ikut jer ape yg aku suh buat ni:

Edit mpd.conf guna la editor ape yang korang suka aku tak kesah copy paste ni ubah mane yang patut:

# mpd.conf – mpd VPN configuration file

default:
load pptp0
load pptp1

# Kalau korang nak byk conection add la mende alah ni bebanyak contoh ni aku buat 2 jer
# load pptp3
# load pptp4
# load pptp5

pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 10.10.10.9/24 10.10.10.10/24
load global

pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 10.10.10.9/24 10.10.10.11/24
load global

# Sama macam kat atas kalau korang buat 5 letak la 5 option untuk tiap satu interface

global:
set iface disable on-demand
set iface enable proxy-arp
set iface idle 3600
set iface mtu 1400
set bundle disable multilink
set bundle enable compression
set bundle enable crypt-reqd
set link mtu 1400
set link no pap chap
set link enable chap
set link enable chap-msv1
set link enable chap-msv2
set link keep-alive 10 60
set link enable acfcomp protocomp
set ipcp yes vjcomp
set ipcp dns 202.188.0.132 # Set DNS yang korang nak pakai
set pptp disable delayed-ack
set pptp disable windowing
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e56
set ccp yes mpp-e128
set ccp yes mpp-stateless
set ccp no mpp-compress

ok siap save ke /usr/local/etc/mpd/mpd.conf

Sekarang kita buat mpd.links plak cam biasa edit /usr/local/etc/mpd/mpd.links kalau takda create jgn byk cerita isi perut nyer …

# mpd.links – mpd VPN links file

pptp0:
set link type pptp
# Ni kalau korang ada static ip letak la ip server korang tu kalau takda
# guna dynamic dns free set jer domain abih citer boleh belaka mende ni
# contoh
# set pptp self vpn.saya.mine.nu
set pptp self 100.100.100.254
set pptp enable incoming
set pptp disable originate

pptp1:
set link type pptp
set pptp self 100.100.100.254
set pptp enable incoming
set pptp disable originate

sama cam mpd.conf kalau korang set 5 pptp tu kene la ada lima define kat sini jgn kurang plak
dah siap cam biasa save /usr/local/etc/mpd/mpd.links

OK Seterus nyer password files plak /usr/local/etc/mpd/mpd.secret

# mpd.secret – mpd VPN password file

admin “kambing”
ahmad “temp123”

Save ke /usr/local/etc/mpd.secret suka hati korang la nak add byk mane user dalam ni, jangan lupa plak set permission files ni root saje yang boleh baca kang kantoi plak password semua org baca.

# chmod 0600 /usr/local/etc/mpd/mpd.secret

fuh letih gak menaip campur copy paste ni, ok sambung skang edit rc.conf add :

### PPTP VPN Server ###
mpd_enable=”YES”

ni kalau korang reboot nanti dia automatis on ler takyah la nak sesusah nak on kan manual.
pastu edit /etc/syslog.conf add ni plak:

!mpd
*.* /var/log/mpd.log

Save kendian restart syslogd

# touch /var/log/mpd.log
# killall -HUP syslogd

kalau korang nak rotate log edit /etc/newsyslog.conf add :

# logfilename [owner:group] mode count size when flags
/var/log/mpd.log 644 4 100 * J

kalau tak nak takyah usik biarkan jer log tu sampai 1GB hehe, step ni plak utk org yang rajin cam aku malas tapi sebab aku tau ada yang rajin nak buat.

Edit /etc/hosts tambah

# VPN Server IP
10.10.10.9 vpn-iface

# VPN client IP ni korang add la semua yang ada dalam mpd.conf tu
10.10.10.10 pptp0
10.10.10.11 pptp1

Save kalau tak save bazir masa jer menaip byk2 tadi tu. Skang meh kita test start MPD suka korang nak guna script dia bagi tu ke or taip jer command dia

# /usr/local/etc/rc.d/mpd.sh start

atau

# /usr/local/sbin/mpd -b

sama jer script atas tu balik-balik run mpd -b gak pandai korang la nak run cam mane.

check log kalau ok dia kuar cam ni dalam log:

May 16 14:21:20 kambing mpd: mpd: pid 805, version 3.18 (root@kambing.net 18:17 15-May-2006)
May 16 14:21:20 kambing mpd: [pptp0] ppp node is “mpd805-pptp0”
May 16 14:21:20 kambing mpd: mpd: local IP address for PPTP is 100.100.100.254
May 16 14:21:20 kambing mpd: [pptp0] using interface ng0
May 16 14:21:20 kambing mpd: [pptp1] ppp node is “mpd805-pptp1”
May 16 14:21:21 kambing mpd: [pptp1] using interface ng1
May 16 14:21:21 kambing mpd: [pptp2] ppp node is “mpd805-pptp2”
May 16 14:21:21 kambing mpd: [pptp2] using interface ng2

haa kalau cam tu ok la tu dah UP bley la try guna client window untuk connect, tapi sebelum tu ejas la firewall rules dulu kalau tak nanti takleh connect plak sebab kene block tu kalau korang ada firewall la bagi yang pass in all & pass out all tu kalau nak ejas juga pandai korang la aku tak larang

# PPTP – Allow connection to VPN
/sbin/ipfw add pass log tcp from any to any 1723 setup
/sbin/ipfw add pass gre from any to any
/sbin/ipfw add pass all from any to any via ng0
/sbin/ipfw add pass all from any to any via ng1

Kalau korang ada byk interface ulang rules last tu (untuk ng0/1) tapi kene match dengan interface nyer
la

OK abih pasal Server setup kita setup client plak tapi aku dah letih nak sambung jadi sambung lenkali
kalau korang ni jenis tak sabar,rakus & tamak tak sanggup nak tunggu gi SINI ada uncut version nyer version cara untuk setup client aku dah malas ni.

Sebarang comment pandai-pandai la comment takkan tu nak aku ajar gak kalau tak jadi tanya sini kalau aku rajin aku jawap hehe

TQ!

Kambing!

Takala kebosanan melanda maka lahirlah sekor kambing yang tidak dpt di kesan asal usul nyer!

#!#c:\Perl\bin\perl.exe -w
# KAMBING BOT!
use strict;
use IO::Socket;

# maklumat penting! untuk ternakan kambing anda
my $pelayan = “oblivion.ca.us.irchighway.net“;
my $nama_kambing_anda = “kekambing”;
my $spesis = “gurun”;

# kandang kambing anda
my $kandang = “#saiyaman-malay”;

# koneksi ke irc server
my $sock = new IO::Socket::INET(PeerAddr => $pelayan,
PeerPort => 6667,
Proto => ‘tcp’) or
die “kambing betul takleh connect plak\n”;
# membuat koneksi ke pelayan
print $sock “NICK $nama_kambing_anda\r\n”;
print $sock “USER $spesis 8 * :Kambing Ternakan zuan\r\n”;

# baca info dari pelayan tunjuk kambing dah masuk
while (my $input = < $sock>) {
if ($input =~ /004/) {
last;
}
elsif ($input =~ /433/) {
die “kambing telah mampus di baham rimau!.”;
}
}

# masuk ke kandang.
print $sock “JOIN $kandang\r\n”;

while (my $input = < $sock>) {
chop $input;
if ($input =~ /^PING(.*)$/i) {
# main ping pong dengan server kalau tak nanti kene sembelih
print $sock “PONG $1\r\n”;
}
else {
# taik kambing bersepah-sepah
print “$input\n”;
}
}

* [kekambing] (~gurun@18251e65.2f9b2a4a.4e929bd.2fc699fcX): Kambing Ternakan zuan
* [kekambing] #saiyaman-malay
* [kekambing] irc.irchighway.net :The IRCHighWay Network
* [kekambing] End of WHOIS list.

PS: nak curik copy ke ape dengan kod di atas silakan takda sape nak marah lepas ko amik ko cakap ko punya aku curik yg ko pun aku takde nak marah nyer sebab aku pun lupa mane aku dapat coding ni har har har harun!