Linux Notes Archives

SSH Permission Denied on DD-WRT Router

Posted on August 4, 2020August 4, 2020 by Tony

DD-WRT is an OpenSource router firmware supported by most modern router systems. If you want to open the door to what you can do with your router, DD-WRT is the way to do it. It allows you to bypass the limitations your commercial router software introduces.

Ok, let’s cut to the chase..

Permission Denied Using SSH with DD-WRT

If you’re like me, you have probably hit a brick wall when trying to SSH into the router after it’s been imaged with DD-WRT.

Check All SSH Settings

There are two place you want to update SSHD settings. Navigate to the following location

Services > Services > Secure Shell

Here, you will enable the SSHD daemon.

Make note of the port you’re using, and select to use a password or key or both. This is pretty straight forward, in my scenario I selected to disable password login and use my public SSH key for security.

Snapshot of Secure Shell Panel on Services Page

Then, navigate here:

Administration > Management > Remote Access

Don’t ask me why, but here you will make sure that SSH Management is Enabled and that your port is set the same as the last page.

Snapshot of Remote Access Panel on Management Page

Now save, and reboot the machine to make sure the changes stick.

Verify Username is Correct

If you are still having an issue, and it looks something like this:

$ ssh admin@192.168.1.1

Release: 08/02/20

Board: Linksys WRT3200ACM

admin@192.168.1.1: Permission denied (publickey).

or, something like this:

$ ssh admin@192.168.1.1

ssh: connect to host 192.168.1.1 port 22: Network is unreachable

tony:public antonioperez$ ssh admin@192.168.1.1

Release: 08/02/20

Board: Linksys WRT3200ACM

admin@192.168.1.1’s password:

Permission denied, please try again.

admin@192.168.1.1’s password:

Permission denied, please try again.

admin@192.168.1.1’s password:

But you swear you are using the same username and password you log into the GUI with, then it might be something a little more frustrating.

The user.

Update the user to root instead of whatever user you were using. In my case, I was testing with admin.

After updating the username to ROOT:

$ ssh root@192.168.1.1

Release: 08/02/20

Board: Linksys WRT3200ACM

Enter passphrase for key ‘/Users/antonioperez/.ssh/id_rsa’:

Tada! Like magic, it started working. I have no idea why this is, but I have successfully used this on three DD-WRT installations and it works every time.

Cheers

How to remove .php / .html extension from URL slug

Posted on July 28, 2020July 28, 2020 by Tony

Was recently working on a project, not using a CMS like WordPress and Daniel was making fun of me for requiring “.php” in my URL.

Naturally, that could not go without a response.

Example of What I wanted to Do

Example of what I’m talking about:

https://defragged.org/somdirectory/somefile.php

I wanted to remove the “.php” extension from the URL, so that it reads:

https://defragged.org/somdirectory/somefile

If this is you, then here is the quick and dirty on how to get this done.

How To Remove .PHP / .HTML from URL Slug

I am working on Apache and the latest version of Ubuntu, but it should be the same for most of the latest versions.

Because this is a test server, I wanted to do a global deployment so that I don’t have to worry about it anymore. This saves me from having to remember to do this in each web directory via an .htaccess file.

Navigate to your apache config file, something like this:

# vim /etc/apache2/apache2.conf

Scroll to the bottom, and append this to your file:

<Directory /var/www/>
 <IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)/$ $1 [R,L]
  RewriteCond %{REQUEST_FILENAME}.php -f
  RewriteRule (.*) $1.php [L]
  RewriteCond %{REQUEST_FILENAME}.html -f
  RewriteRule (.*) $1.html [L]
 </IfModule>
</Directory>

Save the file, and restart the web server.

service apache2 restart

That should be it, clear your browser cache, and revisit the site. It should do the trick.

Sharing is caring!

Parse JSON Responses using Bash Scripts

Posted on July 16, 2020July 16, 2020 by Tony

I was working with the categorify.org site and I wanted to parse through the API’s response. The response was in JSON format.

There are a number of different ways you can do this, but if you want a quick, simple, way that uses existing tools you probably already have installed, this is for you.

To parse through the JSON response I used Python.

Here is an example of what I was doing:

curl -s https://categorify.org/api?website=pornhub.com

If you do this, the response is something like this:

$ curl -s https://categorify.org/api?website=pornhub.com

{“domain”:”pornhub.com”,”ip”:”31.192.120.36″,”country-code”:”NL”,”country”:”Netherlands”,”rating”:{“language”:true,”violence”:false,”nudity”:true,”adult”:true,”value”:”R & NSFW”,”description”:”Adult-only content and not safe for a work environment”},”category”:[“Adult\/Pornography”],”keyword_heatmap”:{“videos”:99,”free”:85,”pornhub”:61,”porn”:55,”models”:54,”premium”:45,”content”:45,”rated”:44,”photos”:44,”exclusive”:43,”party”:43,”gifs”:42,”sister”:39,”discover”:36,”online”:36,”video”:35,”albums”:34,”pornhubcom”:33,”cancel”:33,”subscribed”:30}}

What I specifically wanted was the category value: “category”:[“Adult\/Pornography”]

So I modified my command to pipe my output to python and ran the following:

$ curl -s https://categorify.org/api?website=pornhub.com | python -c ‘import json,sys;obj=json.load(sys.stdin);print obj[“category”]’

The section you’re most interested in is this: print obj[“category”]

You have to choose which object you want to print. In my case, I wanted the category object as it holds the value I am looking for.

You can use this to parse any JSON response, just update the print object with one that corresponds to your results. The beautiful part is that this should be available on most major OS platforms without additional installations.

Side note, here are two variations depending on which version of Python you have on your machine.

Python 3

python3 -c "import sys, json; print(json.load(sys.stdin)['category'])"

Python 2

python2 -c "import sys, json; print json.load(sys.stdin)['category']"

Use Bash Script to Monitor The Status of Service

Posted on June 9, 2020 by Tony

When you manage multiple servers it’s sometimes impossible to stay ahead of the various administrative tasks, which is why automation is so important.

If you’re working on a linux based server and want to monitor the status of a service, here is a quick an easy way to automate that process.

#!/bin/bash
# Script to find if a service is running

for i in ossec-monitord ossec-logcollector ossec-integratord;

do ps auwx | grep -v grep | grep $i >/dev/null 2>&1 ;

if [ $? = 0 ];

then

echo `date “+%Y-%m-%d %H:%M “`”$i Running…”;

else

echo `date “+%Y-%m-%d %H:%M “`”$i not running…”;

fi;

What we did above is create a simple loop looking for three distinct services:

ossec-monitord
ossec-logcollector
ossec-integratord

Those three services are assigned to the i variable, and that variable is then passed into the grep query here:

ps auwx | grep -v grep | grep $i >/dev/null 2>&1 ;

What we’re also doing above is cutting out any grep inquiries, because if you were to run a grep command it will show as a process as shown here in red:

root@server:~/scripts# ps auwx | grep ossec-logcollector

root 1260 0.0 0.0 4876 1784 ? S May19 0:03 /var/ossec/bin/ossec-logcollector

root 29353 0.0 0.0 14428 1116 pts/0 S+ 20:59 0:00 grep –color=auto ossec-logcollector

By cutting out the grep request you see this response:

root@server:~/scripts# ps auwx | grep -v grep | grep ossec-logcollector

root 1260 0.0 0.0 4876 1784 ? S May19 0:03 /var/ossec/bin/ossec-logcollector

This is important because this if [ $? = 0 ]; is looking for the grep exit value of 0, which states:

EXIT STATUS
The grep utility exits with one of the following values:

0 One or more lines were selected.
1 No lines were selected.
>1 An error occurred.

With this selection, if you run the grep and there are no service running it would still find the grep service itself. It’d give you a false positive response.

The echo command then prints the status of the service:

echo `date “+%Y-%m-%d %H:%M “`”$i Running…”;

It passes each argument through the loop. If the service is found to be running it prints:

2020-05-19 18:27 ossec-monitord Running…

2020-05-19 18:27 ossec-logcollector Running…

2020-05-19 18:27 ossec-integratord Running…

How To List UFW Rules When The Application is Inactive or Disabled

Posted on February 8, 2020May 20, 2020 by Tony

When working on your server you might need to disable the Uncomplicated Firewall (UFW). When doing so you’ll notice it doesn’t display your rules when the application is inactive.

How to Auto-Update CentOS 7 Packages with Yum-Cron

Posted on January 4, 2020April 10, 2020 by Tony

If you’re looking for a quick way to keep your CentOS machine patched at all times, become friends with yum-cron.

To install, in terminal, use:

#yum -y install yum-cron

The -y forces the install, answering any Yes / No “are you sure” questions.

Once installed, be sure to start the service using:

# systemctl start yum-cron.service

You can verify the status (make sure it’s running) using:

# systemctl status yum-cron.service

Output should look something like:

yum-cron.service – Run automatic yum updates as a cron job
Loaded: loaded (/usr/lib/systemd/system/yum-cron.service; enabled; vendor preset: disabled)
Active: active (exited) since Mon 2016-11-07 19:16:01 UTC; 2s ago
Process: 5385 ExecStart=/bin/touch /var/lock/subsys/yum-cron (code=exited, status=0/SUCCESS)
Main PID: 5385 (code=exited, status=0/SUCCESS)

Last step is to make sure it’s enabled, this will make sure it restarts in the event the machines reboots later.

# systemctl enable yum-cron.service

Sharing is caring!

How do you add color or bold the echo outputs in a shell script?

Posted on December 28, 2019April 10, 2020 by Tony

If you’re working in linux you will be introduced to writing shell scripts at some point. When you do, you’ll become very familiar with the echo.

If you open your terminal, and run an echo command it’ll literally echo whatever you put after the echo:

$ echo "Hello World" Hello World

Tar (Compress) a Directory without Images via Terminal

Posted on December 21, 2019April 10, 2020 by Tony

Sometimes you need to compress an entire directory, but sometimes you want to ignore specific file types.

Here is a basic command that you can use to remove specific file types before you compress it. In this example we use the find command to look for, and ignore, all image file types. That then gets piped into the tar command:

How do you enable SFTP on your Ubuntu server?

Posted on November 23, 2019April 10, 2020 by Tony

SFTP is a file transfer protocol. It wraps the File Transfer Protocol (FTP) inside the Secure Shell (SSH) protocol. This allows the communication to be protected as it moves from one point to another.

PSA: Using FTP is considered an insecure transfer protocol and should be avoided.

This article assumes you are trying to create new SFTP users on your linux machine. In this example we’ll be using Ubuntu 18.04.

Enabling and Creating SFTP users:

To enable SFTP you have to enable it inside your SSH configuration file. It’s often located here: /etc/ssh/sshd_config. Open the file and add the following to the end of the configuration file:

# override default of no subsystems
Subsystem       sftp    /usr/lib/openssh/sftp-server
Match group sftp
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp

Options explained:

Option	Description
Subsystem	An abstraction layer that allows you to invoke remote commands. In this instance, we’re invoking sftp-server.
Match	Allows you to limit actions in shell, in this instance we’re limiting the actions to a specific group – sftp. Only those users inside the SFTP group will be able to SFTP into the server.
X11Forwarding	This is a special case for remote tunneling. Unfortuantely it can be used maliciously by a bad actor, so it’s recommended your disable unless you know what you’re doing.
AllowTCPForwarding	“TCP Forwarding” allows you to encapsulate any other protocol (based on TCP of course) inside an already established SSH connection. There are a lot of reasons for this, but we don’t want to allow SFTP users to use this without appropriate planning.
ForceCommand	The remote system can only execute a set of statically defined commands. Specifying a command of internal-sftp will force the use of an in-process SFTP server that requires no support files when used with ChrootDirectory.

Once you add this to the SSH config file you need to restart OpenSSH:

service ssh restart

Now you need to add new SFTP users, and apply the user to the right group.

useradd -m [newsftpuser] -g sftp

Set the password:

passwd [newsftpuser]

Now you can test your SFTP connection, from a different server:

sftp [newsftpuser]@[serverIPaddress]

Happy SFTP’ing!

Sharing is caring!

Can you move files types from one location to another in linux?

Posted on November 9, 2019April 10, 2020 by Tony

There are instances where you want to quickly locate and move specific file types from point A to Point B.

Example:

Move all PHP files from /home/$user/php-files/ to /home/$user/php-mv-files

Easiest way to do this is to use the Find command in terminal.

$ find ./ -name "*.php"

./php-files/file3.php
./php-files/file2.php
./php-files/file1.php

This lists all the PHP files in the /php-files directory.

To move the files, you run the following command:

$ find ./php-files/ -name "*.php" -exec mv {} ./php-mv-files/ \;

This will move all files from ./php-files to ./php-vmv-files. Running the original Find command will get you the following:

$ find ./ -name "*.php"
./php-mv-files/file3.php
./php-mv-files/file2.php
./php-mv-files/file1.php

In this instance, -exec mv {} says, run the MV command on the files selected from the original find, that’s what the {} implies. You then escape, and close the command using \;. This final piece is critical to stopping the command.

Sharing is caring!