Author Archives: Menaka De Alwis

Unknown's avatar

About Menaka De Alwis

I, Menaka De Alwis, am a Linux enthusiast who loves working with open source technologies. I strongly believe in sharing knowledge that I have gained through my education and experience.

Avoid root to access Locally.

Leave a reply

There are three different way to do this. We can use one of these methods to prevent root from access the system locally. But before that, it is important to create an admin user to reverse the process if needed.

  • Locking the root user.
  • Removing the password from the showpass file
  • Changing the login shell to /sbin/nologin
  1. Locking the root user.

Before locking root, it is necessary to create an admin user, in case we need to rollback the process.

Let’s create admin user by adding an ordinary user to the wheel group.

[root@localhost ~]# useradd tom

[root@localhost ~]# passwd tom

Changing password for user tom.

New password:

BAD PASSWORD: The password is shorter than 8 characters

Retype new password:

passwd: all authentication tokens updated successfully.

[root@localhost ~]# id tom

uid=1001(tom) gid=1001(tom) groups=1001(tom)

Adding to wheel group

[root@localhost ~]# usermod -aG wheel tom

[root@localhost ~]# id tom

uid=1001(tom) gid=1001(tom) groups=1001(tom),10(wheel)

Locking the root user

usermod -L root

For unlocking, you will need access as the admin (tom) and issue the unlock command as follows:

sudo usermod -U root

Attempting to login will result in this screen.


2. Removing the password from shadow file

Now root cannot access the system by entering it’s username and password as before. To revert back to the previous settings, we need to access as a sudo user. There, you’ll have to assign a new password as below.

3. Changing the login shell to /sbin/nologin by editing the /etc/passwd file as below.

If you will need to reverse the process, login as sudo user and change back to login shell as “/bin/bash” as I have mentioned below.

Preventing root from accessing the server or Linux remotely.

Leave a reply

Accessing remotely as root is more vulnerable than locally accessing it. Let’s see how we can prevent remote access as root.

It is a very simple process, what we need to do is, access as root or sudo user and edit the “/etc/ssh/sshd_config” file as mentioned below.

Change the PermitRootLogin from “yes” to “no”, save configurations and exit.

Finally restart the sshd service and try to access as root from a remote machine. You will see it no longer works.

However, it won’t affect any sort of local access as root.

Reset Linux root password

Leave a reply

The single-user mode is the run level which lets us reset the root password for Linux and lets us access single-user mode.

Step 1

Reboot the OS and at the boot screen (as seen below) press the letter “e” to edit as follows.

Once you press the letter “e”, you will see the screen below.

Step 2

Scroll down the cursor to the beginning of “linux ($root)/v..)” and press ctrl+e to go to the end of the line. At the end of the line type “rd.break” and press ctrl+x to access the single-user mode.

Step 3

Then remount the /sysroot directory to “rw” and follow up the procedure as mentioned below. And finally, reboot. The next time you login, enter the new password to access root.

Linux automatic login (centos 8)

Leave a reply

Sometimes, one might require to access an account automatically without entering their username and password. In Linux (centos), it is just takes a little work.


Step 1


Login into a machine as root, and create a user (e.g. john) and assign a password as below. Now, when I restart the machine john appears on for logging in.

Step 2


Now, again login as a root user, edit the: “/etc/gdm/custom.conf” file as mention in below.

Add the “AutomaticLoginEnable=true” & “AutomaticLogin=john” as below.

Step 3


Reboot the machine. Then, it will automatically login without inquiring any sort of user name or password.

Update My Existing Repositories in Github via New Machine or Clone someone’s repository in GitHub using the command line.

Leave a reply

Downloading and uploading repositories is very easy, it is just a few clicks, but let see how do we do it in the command line.

Step 1

Install git one new machine.

[root@L2 ~]# yum install git

Step 2

Create a folder named: “stage2” under root.

[root@L2 ~]# mkdir stage2

[root@L2 ~]# tree /root/

/root/

├── anaconda-ks.cfg

├── original-ks.cfg

└── stage2

Step 3

Next, change the directory to “stage2” and run the git initialize command.

[root@L2 ~]# cd stage2/

[root@L2 stage2]# git init

Initialized empty Git repository in /root/stage2/.git/

Step 4

Clone the repository, my_linux_notepad, with a new machine.

Then it will copy all the content in my_linux_notepad (repository in GitHub) into a stage2 folder.

Step 5

Change directory to my_linux_notepad and make necessary changes to existing files or add or remove files from to it.


Step 6

Git adds, commits and pushes into the master branch.

An update can be seen in GitHub as follows.

Create Text Effect on Terminal Logging Screen.

Leave a reply

Creating a text effect on the terminal logging screen does not require you to have any software installed (on CentOS). However, “Figlet” can create an attractive text effect accordingly.

Step 1
Download the rpm package with one of the links below. For further reference, I have mentioned md5sum and sha1sum related RPMs.

  1. https://downloadib01.fedoraproject.org/pub/epel/8/Everything/x86_64/Packages/f/figlet-2.2.5-18 .20151018gita565ae1.el8.x86_64.rpm
  2. https://github.com/ade9alwis/my_linux_notepad/blob/master/figlet-2.2.5-18.20151018gita565ae1.el8.x86_64.rpm

Step 2

Check that the md5sum or sha1sum is compatible with the mentioned values below.

[root@Serv2020 ~]# md5sum figlet-2.2.5-18.20151018gita565ae1.el8.x86_64.rpm

00b039d3b1eab87ba5e20975f911f771

[root@Serv2020 ~]# sha1sum figlet-2.2.5-18.20151018gita565ae1.el8.x86_64.rpm

3606400f4624e000cb22c75cbb05a6576a6c1aae

Step 3

Install the software that has been download.

yum install figlet

Step 4

Creating and text effect using “figlet”.

Step 5

Copy the generated text above into /etc/motd and save it.

Step 6

Log onto the terminal window using your username and password.

NB:- For any further details, please read the man pages related to “figlet.”

What is the “whois” command in Linux?

Leave a reply

A whois command helps us to identify the domain details for a given domain or IP address. However, it is an optional command that we’ll have to install before we use.

Step1
Before installing the “whois” command, it is necessary to install EPEL repositories.
[root@Serv2020]# yum install epel-release

Step 2
To purge the old package information completely, execute the following command.

[root@Serv2020 ~]# yum clean all

46 files removed

[root@Serv2020 ~]# yum repolist

Step 3
Install “whois” rpm package for the deployment of “whois” command.

[root@Serv2020]# dnf install whois

Step 4


Find Domain Information

[root@Serv2020 ~]# whois google.com

Find IP Address Information

[root@Serv2020 ~]# whois 172.217.20.142

Why isn’t my USB flash drive able to mount onto my Linux PC (Centos 8)?

Leave a reply

An “exfat” is the latest version or replacement of Windows FAT32 filesystem and, it can store files much larger than 4GB.

Step 1

When I accessed to my USB flash drive via Linux OS, it appeared in the OS, but it didn’t allow me to mount.

[root@Serv2020 ~]# df -h

Filesystem Size Used Avail Use% Mounted on

devtmpfs 394M 0 394M 0% /dev

tmpfs 411M 0 411M 0% /dev/shm

tmpfs 411M 6.6M 405M 2% /run

tmpfs 411M 0 411M 0% /sys/fs/cgroup

/dev/mapper/cl-root 6.2G 4.4G 1.9G 71% /

/dev/sda1 976M 192M 718M 22% /boot

tmpfs 83M 1.2M 81M 2% /run/user/42

tmpfs 83M 4.6M 78M 6% /run/user/1000

/dev/sr0 57M 57M 0 100% /run/media/alwis/VBox_GAs_6.1.6

tmpfs 83M 4.0K 83M 1% /run/user/0

[root@Serv2020 ~]# lsblk -f

NAME FSTYPE LABEL UUID MOUNTPOINT

sda

├─sda1 ext4 ca323c16-7e83-4be9-b606-41af0ad8e29f /boot

└─sda2 LVM2_member fJpnn4-YDqf-Y25Y-cuSt-CUEU-S7IT-RCm1Jl

├─cl-root xfs 76fdcca1-b2f5-4c3b-a42c-29c40342e383 /

└─cl-swap swap affd8701-a845-42a2-8ca5-eb08f96c6647 [SWAP]

sdb

└─sdb1 exfat 76E8-CACF

sr0 iso9660 VBox_GAs_6.1.6 2020-04-09-18-00-17-30 /run/media/alwis/Vbox_Gas_6.1.6

[root@Serv2020 ~]# mount /dev/sdb1 /mnt/

mount: /mnt: unknown filesystem type ‘exfat’.

[root@Serv2020 ~]# mount -t exfat /dev/sdb1 /mnt/

mount: /mnt: unknown filesystem type ‘exfat’.

Step 2

Then, I downloaded the “nux-dextop-release-0-1.el7.nux.noarch.rpm” rpm package from following the link below, and it is available on GitHub. It is the rpm package for centos 7, but also worked with centos 8.

[root@Serv2020 ~]# wget http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm

Or

[root@Serv2020 ~]# wget https://github.com/ade9alwis/exfat/blob/master/nux-dextop-release-0-1.el7.nux.noarch.rpm

[root@Serv2020 ~]# md5sum nux-dextop-release-0-1.el7.nux.noarch.rpm

b7f21c723bbee047d3be5dd7ca0e3161 nux-dextop-release-0-1.el7.nux.noarch.rpm

[root@Serv2020 ~]# sha1sum nux-dextop-release-0-1.el7.nux.noarch.rpm

fe72e7356faa08cd47bdc8d01935eeac2eebf796 nux-dextop-release-0-1.el7.nux.noarch.rpm

[root@Serv2020 ~]# yum install nux-dextop-release-0-1.el7.nux.noarch.rpm

Then, install “exfat-utils” and “fuse-exfat” rpm package respectively.

[root@Serv2020 ~]# yum install exfat-utils fuse-exfat

Step 3

[root@Serv2020 ~]# lsblk -f

NAME FSTYPE LABEL UUID MOUNTPOINT

sda

├─sda1 ext4 ca323c16-7e83-4be9-b606-41af0ad8e29f /boot

└─sda2 LVM2_member fJpnn4-YDqf-Y25Y-cuSt-CUEU-S7IT-RCm1Jl

├─cl-root xfs 76fdcca1-b2f5-4c3b-a42c-29c40342e383 /

└─cl-swap swap affd8701-a845-42a2-8ca5-eb08f96c6647 [SWAP]

sdb

└─sdb1 exfat 76E8-CACF

sr0 iso9660 VBox_GAs_6.1.6 2020-04-09-18-00-17-30 /run/media/alwis/Vbox_Gas_6.1.6

[root@Serv2020 ~]# mount /dev/sdb1 /mnt/

FUSE exfat 1.2.7

WARN: volume was not unmounted cleanly.

[root@Serv2020 ~]# ls /mnt/

Why are you blogging publicly, rather than keeping a personal journal?

What topics do you think you’ll write about?

Who would you love to connect with via your blog?

File upload and download to CentOS 8 from Windows 10

Leave a reply

Can we transfer files from Windows to Linux and vice versa using “SCP” command? Not really, but we can use “PSCP” instead of it. It does the file upload and downloads from Windows 10. Others might also be possible, but I haven’t tested.

Step 1
Download the PSCP.exe from one of the following links:

Download pscp.exe from following link:- https://github.com/ade9alwis/winscp/blob/master/pscp.exe

3145d4a197a3523253880e9e6e76f798 pscp.exe
ee1b5f3a7f9563a9e7575edda467794584555f97 pscp.exe
                                   or

https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Step 2

Copying files from Windows 10 to Cent OS 8 by issuing the command below.

C:\Users\User\Downloads>pscp -scp ChromeSetup.exe root@192.168.1.106:/root

In here, we need to issue a password of remote Linux machine to complete the transfers.

Step 3

Following process is for reverse back the transfers from Linux machine to Windows 10 from Windows 10.

C:\Users\User\Downloads>pscp -scp root@192.168.1.106:/root/anaconda-ks.cfg C:\Users\User\Downloads

NB:- If it is a large file or folder, convert it into a tar file and then transfer