Category: Linux

It can happen that you’re getting that message when trying to connect to your linux server: You are required to change your password immediately (password aged) WARNING: Your password has expired. You must change your password now and login again! Changing password for user mylinuxuser. (current) UNIX password: The message is quite explicit and you…

If you’re getting many “unstrusted issuer” alerts in your app logs, it might be due to some CA trusted certificates outdated. To fix that, just perform an update: For Ubuntu/Debian update-ca-certificates For CentOS/RedHat update-ca-trust extract

If you need to push multiple lines to one file through a bash script, you can simply use that syntax: cat > /etc/ntp.conf << _NTPconf_ server 1.2.3.4 server 5.6.7.8 _NTPconf_ Tip: Be aware that if you’re using indentation, last line should not be indented (this would lead you to some errors). If you want to…

There’s no easy way to list all the IPs connecting to your postfix server for sending mail. But you can easily extract them from all your postfix logs. For our example, we will consider the logs from postfix to be as default and located in /var/log/maillog Here is what a postfix log look like when…

It’s possible to connect to serial console with MacOS without using a specific app but only screen. First, you need to find the correct device you will use to connect to the serial console. Depending on your installation and your adapter, you’ll can find it under different names with one these commands: $ ls /dev*/usb*…

When you’re facing performance issues, it’s always useful to check CPU/MEM usage per process to see if you have an issue with a specific process. For that, you can use ps and some sorting commands. Tip: You can shrink the results to the first lines by using head Memory analysis We’re using the –sort -rss attributes…

Here is a simple script with configuration file to generate a self-generated SSL certificate (cert/key pair). First define a config file openssl.cnf containing the certificate informations: [ req ] default_bits = 2048 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] # country (2 letter code) C=FR # State…

You can get standard information about the certificate directly by opening a connection to a website: openssl s_client -showcerts -connect python.org:443 </dev/null Answer will be like: CONNECTED(00000003) depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root verify return:1 depth=2 C = US, ST =…

You already probably noticed that if you want to update the ownership of a symbolic link on any UNIX system, a simple chown won’t do the job. Indeed, let’s suppose you have this: 8 lrwxr-xr-x 1 user1 group1 4 Jun 13 23:46 link -> test 8 -rw-r–r– 1 user1 group1 6 Jun 13 23:54 test…