Linux Tips and Tricks

• Install screen (Depends on the Linux Distribution if it came pre installed or not) : yum install screen
• Initiate a Screen : screen or  screen -S <screen name> <command to execute>
• Detach from the screen : “CTRL+A,D” not “CTRL+A+D”
• List all the screen currently working : screen -ls
• Reattach to a screen : screen  -r  <session number> or screen -r <screen name>
• Kill specific screen: screen -X -S <screen name> quit
• Kill all screens : pkill screen

Become root:

Change to user nsm:
su nsm 

Go to the /home/nsm directory:
cd /home/nsm 

Create the keys: (Path should be /home/nsm/.ssh/id_rsa. Leave the passphrase blank.)

ssh-keygen -t rsa

Secure copy the public key to the other server as the admin user: (use admin password)

scp /home/nsm/.ssh/id_rsa.pub admin@<ipAddressOfOtherServer>:/home/admin/authorized_keys

• or Go to the remote server. The command below will add the key that is in temp1 file to the end of the authorized_keys file.

cat temp1 >> authorized_keys

• Repeat steps 2-6 on  deviceB.   On deviceB, become root: (from user nsm, exit to root). Move the authorized_keys file that was copied to admin into nsm/.ssh:

mv /home/admin/authorized_keys /home/nsm/.ssh/authorized_keys

• Change ownership of authorized_keys: 

chown nsm:nsm /home/nsm/.ssh/authorized_keys

• At this point, you will be able to SSH between both servers without it asking for a password.

ssh [email protected]

• find . -type f -size +10000 -exec ls -lh {} \; 
• find . -type f -size +50000k -exec ls -lh {} \; | awk ‘{ print $9 “: ” $5 }’
• Find large files (>10M) in current folder

find . -type f -size +10000k 

a. Juniper Firewall  

Sample output:

root@FW% find . -type f -size +10000 -exec ls -lh {} \; 
-rw-r–r–  1 930  929   134M Jan  5 17:34 ./cf/packages/junos-11.4R6.6-domestic
-rw-r–r–  1 root  wheel   139M Sep  8  2011 ./cf/var/log/junos-srxsme-11.2R2.4-domestic.tgz
-rw-r—–  1 root  wheel   4.9M Feb 11 17:12 ./cf/var/db/idpd/db/secdb_02.db
-rw-r—–  1 root  wheel   6.7M Feb 11 17:13 ./cf/var/db/idpd/db/secdb_03.db
-rw-r—–  1 root  wheel    64M Feb 11 17:13 ./cf/var/db/idpd/db/secdb_06.db
-rwxr-xr-x  1 admin  20    24M May 23 08:38 ./cf/var/db/idpd/nsm-download/SignatureUpdate.xml
…..

b. Checkpoint Firewall gateway:

[Expert@CP]# find . -type f -size +50000k -exec ls -lh {} \; | awk ‘{ print $9 “: ” $5 }’
./sysimg/CPwrapper/linux/CPEndpointSecurity/EndpointSecurityServer.bin: 145M
./sysimg/CPwrapper/linux/windows/SmartConsole.exe: 194M
./sysimg/CPwrapper/linux/CPrt/CPrt-R75.40-00.i386.rpm: 53M
./sysimg/CPwrapper/linux/CPportal/CPportal-R75.40-00.i386.rpm: 59M
./var/log/db: 336M
….

Following commands can clean most of your history trails in your linux system.  Please let me know if you found there is anything missing.  I will add the command in.

echo > /var/log/wtmp
echo > /var/log/btmp
echo >/var/log/lastlog
echo > /var/log/secure
echo > /var/log/messages
echo >/var/log/syslog
echo >/var/log/xferlog
echo >/var/log/auth.log
echo >/var/log/user.log
cat /dev/null > /var/adm/sylog
cat /dev/null > /var/log/maillog
cat /dev/null > /var/log/openwebmail.log
cat /dev/null > /var/log/mail.info
echo >/var/run/utmp
echo > ~/.bash_history
history -c
echo > .bash_history
history -cw