ssh scp without password

Issue: How to login (ssh or scp) from your homepc to your remote server without password.

Solution:

1, in your homepc

bob@homepc ~ $ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_dsa):     # Press 'enter' here
Enter passphrase (empty for no passphrase):     # Press 'enter' here
Enter same passphrase again:     # Press 'enter' here
Your identification has been saved in /home/user/.ssh/id_dsa.
Your public key has been saved in /home/user/.ssh/id_dsa.pub.

# Entering a password when asked during the key generation processes when prompted would require you to enter a  password each time you SSH/SCP to the server which defeats the purpose of this document.

DO NOT enter the password



You will find two files generated:
greg

@cm-test:~/.ssh$ ls

id_dsa  id_dsa.pub  known_hosts

Then scp  

id_dsa.pub to you remote server

scp  ~/.ssh/id_dsa.pub bob@yourserver.com:~/.ssh/

2, in your remote server
a, go to .ssh folder
cd ~/.ssh

b, add public key into this file  authorized_keys
run:
cat id_dsa.pub >> authorized_keys

If authorized_keys not exist, this command will create it.


c, change file permission
chmod 700 authorized_keys


You should be able to login to your server without password.




There are some tricks about the account:
In the home box, if your user name is bob, the public key and private key is on /home/bob/.ssh/ folder


If you want to log to remote server using account greg, then copy public key to remote server folder /home/greg/.ssh/


This case only allow home pc bob logon to remote server using greg account.

change host name without reboot - redhat

1, update hosts

vim /etc/hosts


# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       revolutionNew   localhost.localdomain localhost

2, update network

 cd /etc/sysconfig/
 vim network


NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=revolutionNew

3, run 

hostname revolutionNew

4, run
 hostname

5, restart network
  /etc/init.d/network restart

6, disconnect ssh and relogin

how to enable xmlwriter in php

By install php-xml, you may enable it.
[root@localhost html]# yum install php-xml

check:

[root@localhost html]# php -m

[PHP Modules]

bz2

calendar

ctype

curl

date

dbase

dom

exif

ftp

gettext

gmp

hash

iconv

libxml

mime_magic

mysql

mysqli

openssl

pcntl

pcre

PDO

pdo_mysql

pdo_sqlite

posix

pspell

Reflection

session

shmop

SimpleXML

sockets

SPL

standard

sysvmsg

sysvsem

sysvshm

tokenizer

wddx

xml

xmlreader

xmlwriter

xsl

zlib

how to redirect root to a specified path?

I want to redirect all incoming traffic from http://www.example.com https://www.example.com
to https://www.example.com/new

Step 1: enable overwrite in httpd.conf



    Options FollowSymLinks
    #AllowOverride None
    AllowOverride all

Step 2, generate .htaccess under root /

[root@localhost html]# pwd
vim /var/www/html/.htaccess

RewriteEngine On
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(/)?$  https://www.example.com/new/$1 [R,L]

error message - RewriteEngine not allowed here

If you try to redirect your root to a folder and got this error msg
for example:
redirect www.example.com/  www.example.com/new/

You may update https.conf


    Options FollowSymLinks
    #AllowOverride None
    AllowOverride all

mysql create use with read privilege

mysql> CREATE USER 'alice'@'localhost' IDENTIFIED BY 'passw0rd';
Query OK, 0 rows affected (0.07 sec)

mysql> GRANT SELECT ON mydb.* TO 'alice'@'localhost';
Query OK, 0 rows affected (0.01 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

ALL PRIVILEGES:
granT ALL PRIVILEGES on *.* to 'alice'@'localhost';

How to Password Protect a Directory on Your Website - linux apache

This is for linux apache only, if you use windows, iis, it doesn't  apply your case.

There are two way you can do it.
1, update httpd.conf file.
For example, if you want to protect download folder and your www path is /var/www/html/,
you can add following code into httpd.conf file:


=================================

  AuthType Basic
  AuthName "Restricted Files"
  AuthUserFile /var/password/downloadpassword
  Require valid-user

=================================

You need to use htpasswd command to generate a downloadpassword file

htpasswd -c downloadpassword   greg

After change the file, need to restart the httpd service.

/etc/init.d/httpd restart

You need to restart apache service after you update httpd.conf file every time. Sometimes, it is not easy to restart the service. So, you may use the other way - .htaccess file

2, use .htaccess
If you want to protect this folder /var/www/html/download
create a file .htaccess

vim .htaccess

AuthType Basic
AuthName "Password Required"
AuthUserFile /var/password/downloadpassword
Require valid-user
Options +Indexes

You need to use htpasswd command to generate a downloadpassword file

htpasswd -c downloadpassword   greg

No need to restart httpd service.

Some security hints
1, you should put the password in a different folder, not www public folder
2, if you have to put password file in the same folder, name it with dot ., like .htmypasswd.

htaccess password not working

Make sure Apache is configured to use .htaccess file

Here is the /etc/httpd/conf/httpd.conf
=============================

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride AuthConfig

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all

===============================

After save the file, restart apache httpd service:

[root@localhost try]# /etc/init.d/httpd restart

access tomcat on port 80 using mod_proxy

Apache 2 introduces the mod_proxy module. It is a standard module in most modern distros. This module pretty much deprecates the need for mod_jk2. Full documentation for mod_proxy is available.

To setup mod_proxy_ajp add something like the following inside of your Apache config file /etc/httpd/conf/httpd.conf


vim /etc/httpd/conf/httpd.conf

add two lines to the end.

ProxyPass /AMP ajp://127.0.0.1:8009/AMP
ProxyPassReverse /AMP ajp://127.0.0.1:8009/AMP

centos install https web server

1, Install the required software
yum install mod_ssl openssl

2, Generate a self-signed certificate
cd /home/greg/
ls
mkdir certificate
cd certificate/
openssl genrsa -out localhost.key 1024
ll
less localhost.key
openssl req -new -key localhost.key -out localhost.csr
ll
openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt
ll

3, copy the files to the correct locations
mv localhost.crt /etc/pki/tls/certs/
ll
mv * /etc/pki/tls/private/
ll
ll /etc/pki/tls/private/

4, Then, update the Apache SSL configuration file
vim /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/localhost.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key


5, restart apache
/etc/init.d/httpd restart

centos open port number 80 for apache in iptables

[root@localhost ~]# vim /etc/sysconfig/iptables
# add this line
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

centos install http php

yum -y install httpd php php-mysql

cent os DNS configuration

Can ping ip address, couldn't ping host name, like google.com

vim /etc/resolv.conf

nameserver 192.168.0.1

a easy way to find mysql slow query

There are several ways to find mysql slow query in your scripts.
The easies way is 'show full processlist' in your mysql terminal.

Here is example:

mysql> show full processlist;
+----+--------+----------------------+------+---------+------+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+--------+----------------------+------+---------+------+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 10 | amp | revolution:54088 | amp | Sleep | 9 | NULL | NULL |
| 9 | amp | revolution:54089 | amp | Sleep | 9 | NULL | NULL |
| 11 | amp | revolution:54090 | amp | Query | 1 | Sorting for group | select bottuples0_.sensor_id as col_0_0_, sensor2_.sensorName as col_1_0_, organizati3_.name as col_2_0_, count(distinct bottuples0_.id) as col_3_0_, count(distinct boteventse1_.id) as col_4_0_, max(bottuples0_.day_index) as col_5_0_ from bot_tuples bottuples0_ left outer join bot_events boteventse1_ on bottuples0_.id=boteventse1_.bot_tuple_id, sensors sensor2_, groups organizati3_ where sensor2_.sensorID=bottuples0_.sensor_id and sensor2_.organizationID=organizati3_.organizationID group by bottuples0_.sensor_id order by count(bottuples0_.id) desc |
| 22 | amp | localhost | amp | Sleep | 0 | NULL | NULL |
|
| 40 | amp | localhost | amp | Sleep | 2889 | NULL | NULL |
|
+----+--------+----------------------+------+---------+------+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
7 rows in set (0.00 sec)

mysql>

How to backup gmail using another gmail account?

1, Create a backup email account, for example backup@gmail.com

2, login backup@gmail.com and click "Settings"

3, Click "Accounts", you will see "Get mail from other accounts:
(Download mail using POP3)"

4, click "Add a mail account you own"

5, a popup window will be opened

6, enter your gmail address

7, enter your pop server info
If you use gmail, your user name is full email address
pop server : pop.gmail.com
port :995
check checkbox: Always use a secure connection (SSL) when retrieving mail.

8, click save

That is it.

You may backup other email using gmail too.

Cross Table Update with MySQL

update a table with data from another table

UPDATE compounds AS c , excel AS e
SET c.Price_1 = e.price
WHERE c.catalog_no = e.cno;



update webcas.all_cas as wac, webcas.compounds as wc, pubchem.compounds as pc
set wc.smiles=pc.smiles
where wc.mol_id=wac.id and pc.pub_id=wac.source_id ;

softlink Symbolic link ln linux

ln -s /htdocs/piano/ newpiano

-s soft link
/htdocs/piano/ target folder - real folder
newpiano - logical folder

linux send attachement email using mutt

mutt -s 'here is subject' -a kl.sql yourmail@gmail.com < yourmailcontent.txt

backup mysql and zip it

mysqldump -u username -ppasswd -h reloaded DBName --ignore-table=tablename | bzip2 -c > /var/backup/mysql/db.sql.bz2