Category Archives: Centos

ssh-keygen

Scenario; set up ssh keys to machine so that you do not require a password for use with something like scp.

First you need a slave user. If you ‘adduser’ on both machines and pick a user name. Make sure they have a shell account but do not require authentication using a password.

On the remote machine you need to run ssh-keygen when you have logged in as that user. You can do something like – su username. Once you run that you will see in /home/username/.ssh/id_rsa.pub you now have a public key, which you need to copy onto the following file on the remote machine –

/home/username/.ssh/authorized_keys

You then need to ensure permissions are set properly on all the files to the user you created. chmod -R username /home/username/.ssh

Do this on both machines.

You can then – su username on the local machine and try a scp command and it should not prompt you for the password.

 

You can either then run a script via the crontab as that user, or if you like something like this should work –

su username -c “scp -B remotehost:/etc/somefile /tmp”

Move MySQL datadir to new partition

I had to move a mysql datadir to a new partition as it was stored in /var/lib/mysql but df -h showed the main partition being /data and the / partition was now full up. This was a Centos machine.

I stopped mysql –

/etc/init.d/mysqld stop

I copied the mysql databases over to the new directory I created –

mkdir /data/mysql && cp -R /var/lib/mysql/* /data/mysql/

Changed the owndership –

chown -R mysql:mysql /data/mysql

I ensured the permissions were set properly and matched on both old and new directories by checking them with ls -l on the folder and inside them. They are usually 700 I believe on mysql.

 

I then edited the startup script –

vi /etc/init.d/mysqld

I changed the datadir line to the new directory.

I then changed the /etc/my.cnf file to use the new directory (it was hard set here too, so you should check that).

I tried starting mysql and checking it was using the new datadir –

/etc/init.d/mysqld start

ps ax | grep sql

I then stopped mysql and removed the old databases in /var/lib/mysql (to free up the space)

I started mysql again – /etc/init.d/mysql but when looking at the logs I saw it was crashed, so I ran mysqlcheck -A (but with -u myuser -p -A). Once this finished I restarted mysqld and it started without any errors in the logs.

I also needed to change the socket file directory, which I defined in the my.cnf file accordingly –
socket=/data/mysql/mysql.sock

 

Remove the passphrase from the certificate.

I installed a certificate for apache to enable SSL on a website. To create the CSR for the authority it asks for a passphrase.

When you install the certificate and restart the httpd service it asks for the passphrase, so it needs to be removed from the private key.

 

 

To do this use the following command:

openssl rsa -in securesite.domain.net.uk.key -out securesite.domain.net.uk.nopass.key

It should ask for the pass phrase again but it will save it as the nopass version.

Make sure you change your ssl.conf file to use the new file:

SSLCertificateKeyFile “/path/to/certficates/securesite.domain.net.uk.nopass.key”