Author Archives: Menaka De Alwis

About Menaka De Alwis

I, Menaka De Alwis, am a Linux enthusiast who loves working with open source technologies. I strongly believe in sharing knowledge that I have gained through my education and experience.

AES Crypt Encryption on CentOS 8

Leave a reply

AES Crypt is a software that encrypts files using the Advanced Encryption Standard (AES). AES Crypt supports multiple operating systems such as Linux, Mac and Windows. Another advantage to this is that files encrypted on one platform are compatible with – and can be decrypted on other platforms.

If you have any questions about AES Crypt or experience any errors, feel free to ask about it on the discussion forum: http://forums.packetizer.com/viewforum.php?f=72

Let’s download the software using following link.

First of all, unzip the download file, then make the executable unzipped file and run the executed file to install the program.

You will see the following installation steps. Follow them to complete the installation process.

Now we can see the AES Crypt Option under Applications.

Encryption using AES Crypt

Select the file that you’d like to encrypt and open it with AES Crypt Application. There you will be prompted to set up the encryption passphrase. After entering the passphrase you just made, the file will automatically convert into a file with .aes extention. Remove the original file.

If you want to decrypt the encrypted file, reverse the process. Select the encrypted file and open it with AES Crypt. Then it will ask for the passphrase – enter it to automatically decrypt the encrypted file.

AES Crypt in Linux CLI

There are a few command options which can be seen by accessing the man page of “aescrypt”. We can encrypt using following command given file and where “p” lets us type the passphrase on a CLI. If you ignore the “p” option, you will be prompted to make a passphrase. Type the “ls” command to see the encrypted file with the .aes extension.

To decrypt or reverse the process, use the “d” option instead of using the “e” option. We can use option “p” to decide whether we want to enter the passphrase on a CLI or not.

Folder Encryption and Decryption

Enter the following set of commands to archive, compress and encrypt the folder named backup. For reference, we can get md5sum to make sure the file has not altered.

To revert the whole process enter the following set of commands accordingly.

NB:- When you encrypt the larger file, it is better to compress before encrypting else it may generate unnecessary complications when it reverts.

Reference

AES Crypt

https://www.aescrypt.com/

Man pages for aescrypt.

Connect google-drive with GNOME

Leave a reply

Synchronizing from Google Drive to CentOS 7 or 8 does not require any additional packages. When you install the desktop environment, it has a necessary feature on it.

Let’s see how to connect Google Drive using Linux. First of all, we’ll need to already have a Google account to access Google Drive. I won’t worry about making a Google account – you simply have to follow the instructions that Google gives you.

Go to Application → System tools → Settings. There will be an option called “Online Accounts” – click on it, and the following screen should appear. Here, select the Google option by double clicking on it.

Here, enter the username and password of your Google account.

GNOME will need access to your Google account – press “Allow” to proceed.

By default all the options are on, but you can turn off any of the options you may find unnecessary.

Now under the Places menu, you can see that the Google account is listed. To access the account double click on it.

VLC Player on CentOS 8

Leave a reply

The VLC player is one of the most popular open-source media player widely used and worked multi-platform including Linux. It initially released in 2001 as a result of the Video LAN Project. Since then, it has been developing and adding so may feature time to time.

Let install the VLC player.

First of all, we have to install EPEL repositories and rpmfusion.

Then, install the vlc player.

You can access to VLC player as follows. (Applications → Sounds & Video → VLC Media Player)

The following video, I found in you tube I shared it with you. It is quite good and let us to know more about the player.

Above video from TechGumbo

Install the Virtualbox on CentOS 8

Leave a reply

Created by Innotek and later developed by the Oracle Corporation, Oracle VM VirtualBox is a free and open-source hosted hypervisor for x86 virtualization. It was acquired by Sun Microsystems in 2008, which was in turn acquired by Oracle in 2010. VirtualBox can be installed on Windows, macOS, Linux, Solaris and OpenSolaris.

Step 1

Install the EPEL repositories and VirtualBox repositories are respectively.

EPEL

Oracle Repositories for CentOS

Step 2

Install vboxdrv Kernel Module

Step 3

Download the software and the extended package.

Follow these integrity checks before installation as follows.

https://download.virtualbox.org/virtualbox/6.1.10/MD5SUMS

1d9290e5a8d4f0187e913e8827c8e12b *VirtualBox-6.1-6.1.10_138449_el8-1.x86_64.rpm

9df7a27d3f7f0cf6cad193898cbf05fa *Oracle_VM_VirtualBox_Extension_Pack-6.1.10-138449.vbox-extpack

Step 4

Install the rpm package for VirtualBox.

Step 5

Access VirtualBox and check the version.

Errors and Issues

In the beginning, if the following error appears, check step 2 and see if all of the packages have been properly installed. If so, please the packages from Step 2. Then, run the following command: “/sbin/vboxconfig”.

According to the error, the kernel drivers are not loading so we’ll have to run the mentioned command as root.

I reinstalled all the packages in step2 and ran the above command – it works perfectly. Further, this issue can be due to “Secure Boot” enabled on the BIOS. Because of this, make sure to disable that option before running the command.

Installation of Extended Package.

We can get following additional features with the extended package.

USB 2.0 & USB 3.0 support
Virtual RDP (VRDP)
Disk Image Encryption
Intel PXE Boot
Host WebCam

Let’s install extended package

In this installation, it is essential to identify the version of VirtualBox and the matching extended package as I have mentioned. (6.1.10.r138449) If they are matching each other, go to ( file → preference → extensions) and add the extended package. Agree to the agreement and click install to complete the process.

Linux Terminator

Leave a reply

Terminator is a terminal emulator that can use to interact with Linux shell. Further, it supports many operating systems such as Linux, Windows and Mac too. It is more attractive with sysadmins because we can interact with several shell session at the same window and same time.

Let’s install Terminator on Linux.

First of all, we have to set up EPEL repositories that we can download terminator as well as its dependencies directly from it.

Now, we can install terminator and dependencies as below.

Now you can see terminator under “Applications → System tools → Terminator.”

Further configurations, please see the man page of terminator and terminator-config.

Version

Few terminal session in same window.

Installation of Chrome Browser.

Leave a reply

Google Chrome is the most widely used web browser in the world. It is fast, easy to use, and a secure browser built for the modern web. Chrome is not an open-source browser, and it is not included in any of the official CentOS repositories. Let’s install Chrome on CentOS 8.

[root@localhost ~]# dnf install wget https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm

Copy the above link and install as mentioned. It will download the relevant packages.

Method 1

Repositories are installed with package installation. If it fails to install, we will have to create a repo file inside the “/etc/yum.repos.d/” folder.

[root@localhost ~]# vi /etc/yum.repos.d/google-chrome.repo

[google-chrome]

name=google-chrome

baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64

enabled=1

gpgcheck=1

gpgkey=https://dl.google.com/linux/linux_signing_key.pub

Method 2

Following command automatically do the above process.:

# dnf config-manager –add-repo=https://raw.githubusercontent.com/ade9alwis/chrome/master/google-chrome.repo

Additionally

Further configuration, please checks the man pages as shown in the picture.

[root@localhost ~]# man google-chrome

You can identify the installed version details as follows.

Install LibreOffice on CentOS 8

Leave a reply

LibreOffice [the successor to OpenOffice(.org)] is a powerful and free office suite, used by millions of people around the world. Its clean interface and feature-rich tools help you unleash your creativity and enhance your productivity. LibreOffice includes several applications that makes it the most versatile Free and Open Source office suite on the market: Writer (word processing), Calc (spreadsheets), Impress (presentations), Draw (vector graphics and flowcharts), Base (databases), and Math (formula editing).

Go to “https://www.libreoffice.org/”. From there, select “Download LibreOffice”, which is under the “Download” section on the header. There are few versions under that category, but it’s best if you select the latest version (LibreOffice 6.4.4).

In the next step, select the operating system. We are using CentOS so select Linux (64bit)(rpm). It is compatible with Redhat too.

After that, access as a superuser (root) or Sudo, and issue the following commands to complete the installation process.

Unpack the archived and compressed package.

Then access the RPMS folder and issue the following command to install the package.

You can see the installed package here.

Reference:

LibreOffice Document foundation

https://www.libreoffice.org/

Logwatch on Centos 8

Leave a reply

Logwatch is an application that can summaries the actives in log files and generates output according to our requirement. Further, we can redirect this output in many ways such as email, text and screen output. Let’s see install logwatch and play around with it.

Logwatch sample configuration can copy from below directory if necessary.

Configure “/etc/logwatch/conf/logwatch.conf” file as requires, if not, it applies default values to create a report.

Finally type logwatch to access the log report as below.

Manual method

Logwatch can be run manually at any time by inputting the logwatch command to your console. This command can be appended with a number of options to change the default output to suit your needs:

–detail level

This is the detail level of the report. level can be a positive

integer, or high, med, low, which correspond to the integers 10,

5, and 0, respectively.

–service service-name

This will force Logwatch to process only the service specified

in service-name (i.e. login, pam, identd, …). Logwatch will

therefore also process any log-file-groups necessary to process

these services. This option can be specified more than once to

specify multiple services to process. A useful service-name is

All which will process all services (and logfile-groups) for

which you have filters installed.

–mailto address

Mail the results to the email address or user specified in

address.

–range range

You can specify a date-range to process. Common ranges are Yes‐

terday, Today, All, and Help. Additional options are listed

when invoked with the Help parameter.

–archives

Each log-file-group has basic logfiles (i.e. /var/log/messages)

as well as archives (i.e. /var/log/messages.? or /var/log/mes‐

sages.?.gz). When used with “–range all”, this option will

make Logwatch search through the archives in addition to the

regular logfiles. For other values of –range, Logwatch will

search the appropriate archived logs.

–hostlimit host1,host2

Limit report to hostname – host1, host2.

–hostname hostname

Use hostname for the reports instead of this system’s hostname.

In addition, if HostLimit is set in the logwatch.conf configura‐

tion file (see MORE INFORMATION, below), then only logs from

this hostname will be processed (where appropriate).

–html_wrap num-characters

Number of characters that html output should be wrapped to.

Default is 80.

–numeric

Inhibits additional name lookups, displaying IP addresses numer‐

ically.

–no-oldfiles-log

Suppress the logwatch log, which informs about the old files in

logwatch tmpdir.

–usage

Displays usage information

–help same as –usage.

Reference

Monitor System Logs with Logwatch

https://www.linode.com/docs/uptime/monitoring/monitor-systems-logwatch/

Tripwire Installation on CentOS 8

Leave a reply

Step1

This is a rather common piece of software for intrusion detection – it has been with Linux community several years in fact. Let’s see how it set up in CentOS 8 environment.

Step2

[root@localhost ~]# tripwire-setup-keyfiles

Setting up the Site Key Passphrase

Setting up the Local Keyfile Passphrase

Setting up the Policy File..

Step3

Configuration of the tripwire config file (Text version)

[root@localhost ~]# vi /etc/tripwire/twcfg.txt

I have changed the “REPORTLEVEL = 4”

Step 4

Regenerating the configuration file.

[root@localhost tripwire]# vi twpolmake.pl

#!/usr/bin/perl
# Tripwire Policy File customize tool
# —————————————————————-
# Copyright (C) 2003 Hiroaki Izumi
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place – Suite 330, Boston, MA 02111-1307, USA.
# —————————————————————-
# Usage:
# perl twpolmake.pl {Pol file}
# —————————————————————-
#
$POLFILE=$ARGV[0];

open(POL,”$POLFILE”) or die “open error: $POLFILE” ;
my($myhost,$thost) ;
my($sharp,$tpath,$cond) ;
my($INRULE) = 0 ;

while (<POL>) {
chomp;
if (($thost) = /^HOSTNAME\s*=\s*(.*)\s*;/) {
$myhost = `hostname` ; chomp($myhost) ;
if ($thost ne $myhost) {
$_=”HOSTNAME=\”$myhost\”;” ;
}
}
elsif ( /^{/ ) {
$INRULE=1 ;
}
elsif ( /^}/ ) {
$INRULE=0 ;
}
elsif ($INRULE == 1 and ($sharp,$tpath,$cond) = /^(\s*\#?\s*)(\/\S+)\b(\s+->\s+.+)$/) {
$ret = ($sharp =~ s/\#//g) ;
if ($tpath eq ‘/sbin/e2fsadm’ ) {
$cond =~ s/;\s+(tune2fs.*)$/; \#$1/ ;
}
if (! -s $tpath) {
$_ = “$sharp#$tpath$cond” if ($ret == 0) ;
}
else {
$_ = “$sharp$tpath$cond” ;
}
}
print “$_\n” ;
}
close(POL) ;

[root@localhost tripwire]# perl twpolmake.pl twpol.txt > twpol.txt.new

Step 5

Create database

Step 6

Attention on the integrity check daily.

Step 7

Results are saved under the directory below

[root@localhost tripwire]# ls /var/lib/tripwire/report

localhost.localdomain-20200608-180500.twr

Step 8

Updating the database with a specific report

Step 9

Change the permission on following files and remove the files below

[root@localhost ~]# cd /etc/tripwire/

[root@localhost tripwire]# chmod 600 localhost.localdomain-local.key site.key tw.cfg tw.pol

[root@localhost tripwire]# rm twcfg.txt twpol.txt

rm: remove regular file ‘twcfg.txt’? y

rm: remove regular file ‘twpol.txt’? Y

Step 9

Re-create twcfg.txt and twpol.txt

[root@localhost tripwire]# twadmin –print-polfile >twpol.txt

[root@localhost tripwire]# twadmin –print-cfgfile >twcfg.txt

Step 10

Modifying policy and configuration files.

Step 11

Update the changes (or accept the changes)

[root@localhost tripwire]# tripwire –update –twrfile /var/lib/tripwire/report/localhost.localdomain-20200608-194635.twr

The report contains no new data, so the database will not be updated.

[root@localhost tripwire]# tripwire –update –twrfile /var/lib/tripwire/report/localhost.localdomain-20200608-194635.twr

Please enter your local passphrase:

Wrote database file: /var/lib/tripwire/localhost.localdomain.twd

Step 12

Print the tripwire database

[root@localhost tripwire]# twprint –print-dbfile

Reference

Server-world.info, 2019/12/16

Tripwire : Install

Toms, 19/01/2017

Configure Tripwire on CentOS 7

https://www.lisenet.com/

Upgrade CentOS 7 to CentOS 8

Leave a reply

This is a preliminary update process. However, if you update the production system, there may be more factors that will need to be considered due to the pre-installation packages and settings of an older system, where we’ll have to do some additional work on them. This is not like a fresh installation, and it might be complicated depending on which factors take place.

Update the enitre system before the upgrade.

Go to “/etc/sysconfig/selinux” disable the SELinux and reboot the system.

# vi etcsysconfig/selinux (Or setenforce 0)

Install the pre-requisite packages for the upgrade process.

Remove the unused and duplicate packages and configurations (if any)

On my machine, I couldn’t find any unused or older packages

Identify the packages that are not relied upon by any other installed packages, and remove them.

Identify the older or duplicate packages that are not available in the configured yum repositories and clear them all (in my one none of them have been identified).

Replace the package management from YUM to DNF by below steps.

Create the cache for DNF repositories.

Upgrade all the packages to it’s latest version. (My one, it marked as none)

Upgrade the Yum repositories from centOS 7 to centOS 8 by using the following step.

Upgrade the EPEL repositories for 7 to 8

Remove the old Kernels in the system.

Begin the system upgrade process

There are some errors identified in the upgrade process. Some of the old packages have a conflict with the new ones. We have to remove them one-by-one, before re-run the upgrade process.