how to view contents of ssl certs….

….from the command line:

openssl x509 -noout -text -in filename.crt

To view the contents of the private key:

openssl rsa -noout -text -in filename.key

Posted in Uncategorized | Tagged | Leave a comment

I haz the galaxy S

I’ve had this phone for over a month now, and it’s kicking ass. Highlights for me: 1Ghz cpu, 16gb storage, 720p video recording capable and it runs android.
I’ve had a brief experience with android in the past, it was when some awesome geeks decodes to port the android os to select winblows mobile phones. I had a crappy windows phone at the time and it just so happened it was a supported phone. Got it installed, booted and ran perfectly. The only issue to me was the camera which didn’t work, it was a driver issue if memory serves me right. I like freedom in general, that is one of linu’s traits. And also one of the reasons why I’ve decided to pursue a career that involves the said os.
I’ve actually just been playing around with this android app that lets you post to your wordpress blog from your awesome android phone, and that’s where I’m posting this right now.

Posted in Uncategorized | Tagged , | Leave a comment

expect in your shell script

“come on, you need 2 scripts(shell and expect) to get the following done?”

first post:
second post:

not necessarily, i searched around and found a solution.

excerpts from: http://tinyurl.com/hnul8

================

#!/bin/sh
# \
exec expect -f “$0″ ${1+”$@”}
set password [lindex $argv 1]
spawn passwd [lindex $argv 0]
sleep 1
expect “assword:”
send “$password\r”
expect “assword:”
send “$password\r”
expect eof

================

Referring to the script above:

=========================
below is the shell script to change passwords across multiple servers
=========================

#!/usr/bin/bash
for i in `cat servers read the full info here.txt`; do
exec expect -f “$0″ ${1+”@”}
#i was using the line below when i was testing the script
#spawn rm .ssh/known_hosts

set server {$i}
set timeout -1
spawn ssh $server
#uncomment as needed
#expect “Are you sure you want to continue connecting (yes/no)? ”
#send — “yes\r”
expect “password:”
send — “oldpass\r”
set timeout 2
expect “\$”
set timeout 2
sleep 1
#sub the one below if the other doesn’t work/help
#spawn passwd
send — “passwd\r”
sleep 1
send — “pass4You\r”
expect “assword:”
sleep 1
send — “newpass\r”
sleep 1
expect “assword:”
send — “newpass\r”
send — “exit\r”
expect eof
if [ $? -eq 0 ]; then
echo “$i PASSWORD WAS MARVELOUSLY CHANGED”>> RESULTS
else
echo “$i FAIL” >>RESULTS
fi
done

========================
below is the one to check password across multiple servers
========================

#!/usr/bin/bash
for i in `cat servers.txt`; do

exec expect -f “$0″ ${1+”$@”}
set server [lindex $arv 0]
set timeout -1

spawn ssh -o NumberofPasswordPrompts=1 $server >/dev/null
expect “Are you sure you want to continue connecting (yes/no)? ”
send — “yes\r”
expect “password:”
send — “currentpass\r”
set timeout 2
expect eof

if [ $? -eq 0]; then
echo “$i PASSWORD is CURRENT” >>CHECK-RESULTS
else
echo “$i FAIL” >>CHECK-RESULTS
fi
done

NOTE TO SELF:
servers.txt – line separated list of servers

Posted in Uncategorized | Tagged | Leave a comment

expect in your shell script

“come on, you need 2 scripts(shell and expect) to get the following done?”

first post:
second post:

not necessarily, i searched around and found a solution.

excerpts from: http://tinyurl like this.com/hnul8

================

#!/bin/sh
# \
exec expect -f “$0″ ${1+”$@”}
set password [lindex $argv 1]
spawn passwd [lindex $argv 0]
sleep 1
expect “assword:”
send “$password\r”
expect “assword:”
send “$password\r”
expect eof

================

Referring to the script above:

=========================
below is the shell script to change passwords across multiple servers
=========================

#!/usr/bin/bash
for i in `cat servers.txt`; do
exec expect -f “$0″ ${1+”@”}
#i was using the line below when i was testing the script
#spawn rm .ssh/known_hosts

set server {$i}
set timeout -1
spawn ssh $server
#uncomment as needed
#expect “Are you sure you want to continue connecting (yes/no)? ”
#send — “yes\r”
expect “password:”
send — “oldpass\r”
set timeout 2
expect “\$”
set timeout 2
sleep 1
#sub the one below if the other doesn’t work/help
#spawn passwd
send — “passwd\r”
sleep 1
send — “pass4You\r”
expect “assword:”
sleep 1
send — “newpass\r”
sleep 1
expect “assword:”
send — “newpass\r”
send — “exit\r”
expect eof
if [ $? -eq 0 ]; then
echo “$i PASSWORD WAS MARVELOUSLY CHANGED”>> RESULTS
else
echo “$i FAIL” >>RESULTS
fi
done

========================
below is the one to check password across multiple servers
========================

#!/usr/bin/bash
for i in `cat servers.txt`; do

exec expect -f “$0″ ${1+”$@”}
set server [lindex $arv 0]
set timeout -1

spawn ssh -o NumberofPasswordPrompts=1 $server >/dev/null
expect “Are you sure you want to continue connecting (yes/no)? ”
send — “yes\r”
expect “password:”
send — “currentpass\r”
set timeout 2
expect eof

if [ $? -eq 0]; then
echo “$i PASSWORD is CURRENT” >>CHECK-RESULTS
else
echo “$i FAIL” >>CHECK-RESULTS
fi
done

NOTE TO SELF:
servers.txt – line separated list of servers

Posted in Uncategorized | Tagged , | Leave a comment

I’m ‘expect’ing something lol

Supposed you just ran a script that would change your password
on all the servers you’re admin’ng and you don’t have full confidence
that changes have been implemented throughout. Or you may just
want to check if all these servers contain the same password for
your username. Now you can, for just $5 a month you also get
an abundant supply of unlimited(while supply lasts) post-its.

======start script======
#!/usr/bin/expect -f
#script to check if passwords

#line below used for testing
#spawn rm .ssh/known_hosts
set server [lindex $argv 0]
set timeout -1
spawn ssh -o NumberOfPasswordPrompts=1 $server >/dev/null
match_max 100000
expect “Are you sure you want to continue connecting (yes/no)? ”
send — “yes\r”
expect “password:”
send — “currentpass\r”
set timeout 2
#send — “exit\r”
expect eof
=====end script========

Save to file ‘check-pass.exp’ then run this from cli:
# rm CHECK-RESULTS; for i in `cat servers.txt`; do ./check-pass.exp $i; if [$? -eq 0 ]; then echo

“$i PASSWD is CURRENT” >>CHECK-RESULTS; else echo “$i FAILS” >>CHECK-RESULTS;fi;done

Or in a script:
#!/usr/bin/bash
rm CHECK-RESULTS
for i in `cat servers.txt`; do
./check-pass.exp $i
if [ $? -eq 0]; then
echo “$i PASSWORD is CURRENT” >>CHECK-RESULTS
else
echo “$i FAIL” >>CHECK-RESULTS
fi
done

#NOTE TO SELF: PASSWORD, REMOVE, WHEN DONE

Posted in Uncategorized | Tagged , | Leave a comment

great ‘expect’ations (no pun intended)

CHANGING PASSWORD ACROSS MULTIPLE SERVERS

scenario:supposed you have a boat-load of *nix servers being administered like say 2+ and
these servers don’t use single sign-on authentication whereas your
access credentials different between systems. in analogy, it’s like
having the same user/pass for all the social sites you’re signed up with
and whenever you need to change your password for facebook you still
need to change the one for twitter and myspace manually. This would be
a tedious and tiring task if you’d have to do it on let’s say 200+ sites right?

It’s the same thing with server admin’ng. Some systems are just plain old school
or not at par with the current tech but sysadmins don’t always have the
upper hand. if you can’t change the process, at least make your task
easier.

sub-scenario:supposed you just got your username created on a ship-load of servers
of about let’s say 5+ and it’s been issued a default password ‘oldpass’. You current
task is to change the default password and make it more secure by setting it to
‘password’. You will also need to get it changed every 10 days, which is
the security policy at your work. That’s a tedious and repetitive task don’t you think?

but why can’t your just go into the servers and set up and configure passwordless ssh,
then you can just forget about having to change your passwords so often. one reason,
just one reason why it can’t be done, it’s against the security policies being
implemented rofl.

You can just create a script that would ssh to each server and ask your for your password
then when you log in you ‘passwd’ and exit afterwards, makes life a little bit easier
for you right? sure, if you’ve got fast fingers and don’t mind doing repetitive tasks.
it barely automates the task.

i’ve been checking out ‘expect’ scripting, which is the perfect solution to
the scenario at hand lexapro 10 mg.

=====start script=========

#!/usr/bin/expect -f
#change line above to point to ur expect binary

#i was using the line below when i was testing the script
#spawn rm .ssh/known_hosts

#pass an argument to the script from the command line
set server [lindex $argv 0]
set timeout -1

#execute ssh $server command
spawn ssh $server

#you can also do spawn ssh $server passwd
#but in my case, servers kept on spewing out nasty errors, when i
#tried to do it that way, that i didn’t bother looking into.
#because where i am, you can’t just make server changes
#that involves admin stuff easily
#it’s not the same with what i’ve gotten used to.

#comment out the 2 lines below when you already have previous access to all the servers
#and you won’t be expecting such [out|in]put
expect “Are you sure you want to continue connecting (yes/no)? ”
send — “yes\r”

expect “password:”
send — “oldpass\r”
set timeout 2
expect “\$”
set timeout 2
sleep 1
#sub the one below if the other doesn’t work/help
#spawn passwd
send — “passwd\r”
sleep 1
send — “pass4You\r”
expect “assword:”
sleep 1
send — “newpass\r”
sleep 1
expect “assword:”
send — “newpass\r”
send — “exit\r”
expect eof

=========end script=========

Save to file ‘change-pass.exp’ then run this command from cli:
# rm RESULTS;for i in ‘cat servers.txt’;do ./change-pass.exp $i; if [$? -eq 0 ]; then echo “$i

PASSWORD WAS MARVELOUSLY CHANGED” >> RESULTS; else echo “$i FAIL” >>RESULTS;fi;done

Or in a script:

#!/usr/bin/bash
rm RESULTS
for i in `cat servers.txt`; do
./change-pass.exp $i
if [ $? -eq 0 ]; then
echo “$i PASSWORD WAS MARVELOUSLY CHANGED”>> RESULTS
else
echo “$i FAIL” >>RESULTS
fi
done

NOTE TO SELF: DON”T FORGET TO REMOVE THE PASSWORD FROM THE SCRIPT WHEN DONE

Posted in Uncategorized | Tagged , , , | Leave a comment

xanga!

I found my old site, it’s pretty old and contains mostly tech stuff and rants about life of the early 20′s me.

Posted in Uncategorized | Tagged | Leave a comment

hey mon it’s nmon again

someone in my team just shared this link  about nmon, i recall having the chance to use this tool a couple of years ago.

I can’t really recall which system it was used on. It’s a pretty nifty tool to monitor various stuff on your *nix server:

http://www.ibm.com/developerworks/aix/library/au-analyze_aix

Posted in Uncategorized | Tagged , , | Leave a comment

editing multiple files

to remove a specific line that contained a specific string e.g.

| /usr/bin/odeiavir -r

from multiple files in multiple folders e.g.

/var/qmail/mailnames/hostname.com/user1/.qmail

/var/qmail/mailnames/hostname.net/user2/.qmail

/var/qmail/mailnames/hostname.org/user3/.qmail

Run this:

#find /var/qmail/mailnames -type f -name .qmail |xargs perl -pi -e ‘s/\| \/usr\/bin\/odeiavir .+//g’

What it’ll do is remove the lines containing the said pattern and replaces it with a blank line. To remove the blank line, run this:

#find /var/qmail/mailnames -type f -name .qmail |xargs perl -pi -e ‘/^$//d’

But wait, there’s more:

There has to be a one liner to remove specific lines  without them being replaced by blank lines. There is! Here it is:

#find /var/qmail/mailnames -type f -name generic lexapro.qmail |xargs perl -pi -e ‘s/\| \/usr\/bin\/odeiavir .+//g’ ; find /var/qmail/mailnames -type f -name .qmail |xargs perl -pi -e ‘/^$//d’

See the semicolon? ;)

Alright here is the real one:

#find . -type f -name .qmail |xargs perl -ni -e ‘print unless /\| \/usr\/bin\/odeiavir/’

Posted in Uncategorized | Tagged , | Leave a comment

nagios plugin: memory checks

Short of making my own, I googled for one and found this site: http://www.unixdaemon.net/nagios_plugins.html#check_linux_free_memory

The site contains a plugin that contains a nagios plugin that checks and displays basically the free(percentage and size in MB) amount of memory on your system. With “free” it means, from the contents of /proc/meminfo, free=MemFree + Cached. It’s pretty basic but it’s all that I need Discover More. Sample output:

[root@localhost libexec]# ./check_linux_free_memory.pl -w 20 -c 10
OK: 31% (156M) free memory.

Here’s another memory check plugin I found from this site: http://www.matejunkie.com/memory-check-plugin-for-nagios/

This plugin lets you choose between outputting data either by the percentage or in kilobytes, but not both. Although, with a little hacking you can use both for output. It parses data from /proc/meminfo and doesn’t add “Cached” to the value of the total free memory. Although checking the script, the “Cached” value is saved to the CACHE variable. Adding it to the total free memory shouldn’t be much trouble.

Sample output:

[root@localhost libexec]# ./check_mem -s perc -w 80 -c 90
CRITICAL – Used: 93%, Free: 7% | ‘mem_used’=93;80;90 ‘mem_free’=7

There’s like 130MB in my cached memory which wasn’t included in the computation of the output above, it wouldn’t have displayed a CRITICAL notice if it was included. They’re both ok and do what they’re supposed to do, I guess it’s just a matter of your own taste on which one would you prefer to use.

Posted in Uncategorized | Tagged , | Leave a comment