• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Create a VM ($25 Credit)
  • Buy a Domain
  • 1 Month free Back Blaze Backup
  • Other Deals
    • Domain Email
    • Nixstats Server Monitoring
    • ewww.io Auto WordPress Image Resizing and Acceleration
  • About
  • Links

IoT, Code, Security, Server Stuff etc

Views are my own and not my employer's.

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

View all of my posts.

  • Cloud
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to buy a new domain and SSL cert from NameCheap, a Server from Digital Ocean and configure it.
    • Setting up a Vultr VM and configuring it
    • All Cloud Articles
  • Dev
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to setup pooled MySQL connections in Node JS that don’t disconnect
    • NodeJS code to handle App logins via API (using MySQL connection pools (1000 connections) and query parameters)
    • Infographic: So you have an idea for an app
    • All Development Articles
  • MySQL
    • Using the free Adminer GUI for MySQL on your website
    • All MySQL Articles
  • Perf
    • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 1 of 4
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Setting up a website to use Cloudflare on a VM hosted on Vultr and Namecheap
    • All Performance Articles
  • Sec
    • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
    • Using OWASP ZAP GUI to scan your Applications for security issues
    • Setting up the Debian Kali Linux distro to perform penetration testing of your systems
    • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
    • PHP implementation to check a password exposure level with Troy Hunt’s pwnedpasswords API
    • Setting strong SSL cryptographic protocols and ciphers on Ubuntu and NGINX
    • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
    • All Security Articles
  • Server
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All Server Articles
  • Ubuntu
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Useful Linux Terminal Commands
    • All Ubuntu Articles
  • VM
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All VM Articles
  • WordPress
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
    • How to backup WordPress on a host that has CPanel
    • Moving WordPress to a new self managed server away from CPanel
    • Moving a CPanel domain with email to a self managed VPS and Gmail
    • All WordPress Articles
  • All

terminal

MobaXterm tabbed SSH client (etc) for Windows

July 7, 2020 by Simon

After posting my last blog post (Goodbye Dropbox, One Drive, iCloud and Hello Nextcloud private cloud on UpCloud) I received comments from readers as to why I used Putty/WinSCP and not MobaXterm.  To be honest I had no idea MobaXterm existed.

I did a quick Google and checked out the pros and cons of Putty/WinSCP v MobaXTerm.  

MobaXterm Highlights

  • MobaXterm is a lot faster at uploading and downloading files over SSH connections
  • MobaXterm can connect to practically anything (SSH, Telnet, RDP, RSH, Xdmcp, VNC, FTP, SFTP, Serial, Shell etc)
  • Multiple terminals can either be in tabs or split horizontally or vertically.
  • Edit remote files via SSH and SFTP – Pro feature
  • Supports macro controls (multi commands in single screen) – Pro feature
  • MobaXterm has many plugins
  • MobaXterm can be run from a portable USB drive

Nice

MobaXterm Website

I visited https://mobaxterm.mobatek.net/

https://mobaxterm.mobatek.net/ website screenshot

I had an option to download the Free Version or to purchase a Professional Version.

Free v Pro version comparison

I will be reviewing the Pro version (you will see why later). I am reviewing Version 20.2 (Build 249). You can download the free version at https://mobaxterm.mobatek.net/download.html.

If you purchase the Pro version (with 12  months of updates) for $69 USD. Delivery is done by email within 24 hours after payment is received.

Download Home or Pro Version

Installing MobaXterm

I downloaded the 1.5MB Installer (the link was emailed to me after purchase)

installer exe

I opened the MobaXterm installer and entered my Pro serial number (emailed to me) then I clicked Next

Enter serial number

Customise Options (during the install)

I clicked Customise MobaXTerm Professional settings button

Advanced options button

The customizer options are impressive (Import and export settings, enable/disable features, generate a portable package etc)

Customizer options

I had an option to customise the banner or any server I connect to but I left the banner as the default banner.

Banner editing

I reviewed all options for the application. This is more in depth than Putty for sure.

Enable or disable just about everything.

I reviewed my default SSH settings.  SSH Keep alive will be turned on for sure.

SSH Settings Screen

I had an option to add plugins to MobXTerm

Dialog to save files to another folder.

I had the option to generate a portable of full installer 

generate Installer

Now I can resume the setup of MobaXterm, I clicked Next

Installer Click Next

I accepted the licence agreement and clicked Next

Licence Agreement

I installed MobaXterm to my C:\ Drive

Installer Choose destination folder.

I clicked Install

Installer Install

MobaXterm was now installed

Installer: Installed Screenshot

MobaXterm

I opened MobaXterm

Apologies in advance I setup Dark Mode in MobaXterm as soon as I opened the Configuration. All screenshots will be shown below in Dark Mode.

There are 12 colour themes to choose from.

I set the Dark theme.

Main Interface

The MobaXterm interface is more feature packed than Putty.

Menu Bar, Toolbar, Tabs and options are available

Windows prompted me to allowed access to MobaXTerm in my Windows firewall.

Time to create a connection to a server.

Adding a SSH Connection to a Server

I created a new SSH server connection to one of my existing servers.

  • I specified the IP address, username and protocol.
  • I set “SCP (enhanced speed)“
add server with options

I specified the path to my private key (for the server)

I specified my servers private key

I reviewed other terminal settings.

Other settings dialog

I changed the font to Courier New, Size 12 (I am sad). I also increased the initial size of the terminal (width and height)

Set terminal font and size

I reviewed network settings (all good)

network settings

I added a shortcut to the server onto my desktop

Save shortcut to the desktop

When I opened the connection to the server I was prompted to enter the Passphrase I set on my Public Key (nice).

Then I was prompted to put in my 2FA One Time Password (OTP) in the main terminal windows and a second time in a popup form (for the connection that builds the folder structure on the left).  This is how I configured my website. To get the OTP I need to insert my YubiKey and one the YubiCo Authenticator app and enter my keys password.

Some people say that having a passphrase on a public/private key and 2FA Authentication is a bit overkill but that is not everything I do.

enter passphrase

I need to enter two OTP’s to connect to my site.

If you are fast you can use the same OTP in both windows (but they expire in 30 seconds)

enter OTP

Nice I was able to connect to my Server just like Putty.  The cool thing is I can see files and folders without opening WinSCP.

folder list and a terminal side by side

This is way more convenient than using two programs. 

I enabled the Remote Monitoring status bar in MobaXterm. Now I can see system resources on my server without running CLI commands.

Upload Speed to Singapore from Australia

I uploaded a 1GB file with to the same server from WinSCP and MobaXterm to simulate a restore.

winscp v mobaxterm at uploading

I was gobsmacked, WinSCP could only upload a file at 342KB/s, MobaXterm could upload at 4.42MB/s.

I was uploading a 1GB file from my house to a server in Singapore (within 5 minutes of each other). I did set “SCP (enhanced speed)” when Installing MobaXterm.

MobaXTerm is 12x faster than WinSCP at uploading for me. This is well worth upgrading to a Professional licence.

Download Speed (from USA/East Coast) to Australia

I ran a practical download test (this time from Chicago). In the right-hand side of MobaXterm I zipped up my entire website folder (1.66GB)

zip -r /temp/www-22-Jun-2020.zip /www-folder

Then in the left-hand side of MobaXterm I downloaded the file, this is as simple as right-click then download.

Right click download.

I was presented with a directory tree specify where to save the file to.

Specify download location

I noticed the file was downloading at 16Mbps then 18Mbps then 22Mbps within seconds.

The download speed settled down to 26Mbps after a few minutes.

This is amazing for a download from the other side of the world (200ms ping and on a VPN, 19 traceroute server hops away).

download speed

I downloaded the same file from the same server with WinSCP to compare and MobaXTerm was 10x faster at downloading. WinSCP could only manage 2.57/MB/s

winscp download speed

Plugins

I will look into plugins soon: https://mobaxterm.mobatek.net/plugins.html

Local Terminal

I can also start a local terminal (documentation here)

open terminal

I can run Linux commands on my Windows machine via Cygwin

“ls -al” on Windows anyone

ls -al screenshot

I noticed MobaXterm had found my WSL 2 Installation of Debian on my Windows 10 v2020.

I can now use MobaXterm to open my WSL Linux installations.

update wls linux

MobaXterm can easily connect to my local and online Linux servers with ease.

overview of the mobaxterm ui

Multiple Exec

I used the Multiple Exec (similar to the multiple cursors in Sublime Text Editor) to control 2 serves at once and run identical commands.

Multiple Exec sending keystrokes to multiple servers.

Import Putty Sessions

I did not notice until later but you can import existing Putty connections.

MobaXterm can import Putty sessions

Generate Public/Private Keys

Also, you can generate SSH Public and Private Keys from the Tools menu or the left-hand side (tab).

generate ssh key

Pros

  • File/Folder and Terminal window side by site
  • 13x faster file uploads over SSH
  • 10x faster downloads over SSH
  • Integration with WSL Linux Images
  • Import Putty Settings
  • Local Terminals/Cygwin

Cons

  • It would be nice to only have to enter my 2FA OTP once when connecting to one of my serves.
  • The user interface is full-on, I am still learning it

Conclusion

Honestly having faster uploads and downloads over SSH is a dream come true. I live in Australia and we have terrible latency and I have better things to do than to watch slow uploads/downloads.

I look forward to investigating MobaXterm plugins in the near future as I feel I I have just scratched the surface.

Links

MobaXterm Documentation: https://mobaxterm.mobatek.net/documentation.html

 

v.1.1 Plugin info fix

Filed Under: SSH, Uncategorized Tagged With: Linux, MobaXterm, ssh, terminal

Useful OSX Terminal Commands

December 11, 2017 by Simon

Following on my from Useful Linux Terminal Commands here is my Useful OSX Terminal Commands. This guide is handy for setting up a development OSX installation (e.g Apache, PHP, MySQL etc). I will update this post when I find new commands.

First, read my Useful Linux Terminal Commands post.

Normally I set up Ubuntu servers in the cloud on Vultr (read my guide here) or Ubuntu Servers on Digital Ocean (read my guide here) but this is how I can quickly set up a development environment locally on OSX.

Useful OSX Commands

Prevent your Mac from falling asleep

caffeinate

Prevent your Mac from falling asleep (for 1 minute)

caffeinate -t 60

Check Path

$PATH
/Library/Frameworks/Python.framework/Versions/3.4/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands

Compare files

opendiff index1.html index2.html

Show hidden files in Finder

defaults write com.apple.finder AppleShowAllFiles -bool TRUE

Find file on OSX

sudo find / -name "httpd-ssl.conf"

Find all listening ports

sudo lsof  | grep LISTEN
Password:
launchd      1               root   34u     IPv6 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   35u     IPv4 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   37u     IPv6 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   38u     IPv4 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
prl_pm_se  116               root   14u     IPv4 0xcd261b413removed        0t0        TCP *:55656 (LISTEN)
kdc        124               root    5u     IPv6 0xcd261b413removed        0t0        TCP *:kerberos (LISTEN)
kdc        124               root    7u     IPv4 0xcd261b413removed        0t0        TCP *:kerberos (LISTEN)
mysqld     127             _mysql   28u     IPv6 0xcd261b413removed        0t0        TCP *:mysql (LISTEN)
Dropbox    434              simon  127u     IPv6 0xcd261b413removed        0t0        TCP *:17500 (LISTEN)
Dropbox    434              simon  128u     IPv4 0xcd261b414removed        0t0        TCP *:17500 (LISTEN)
Dropbox    434              simon  150u     IPv4 0xcd261b414removed        0t0        TCP localhost:17600 (LISTEN)
Dropbox    434              simon  154u     IPv4 0xcd261b414removed        0t0        TCP localhost:17603 (LISTEN)
2BUA8C4S2  520              simon   12u     IPv4 0xcd261b414removed        0t0        TCP localhost:6258 (LISTEN)
2BUA8C4S2  520              simon   13u     IPv6 0xcd261b413removed        0t0        TCP localhost:6258 (LISTEN)
2BUA8C4S2  520              simon   14u     IPv4 0xcd261b414removed        0t0        TCP localhost:6263 (LISTEN)
2BUA8C4S2  520              simon   15u     IPv6 0xcd261b413removed        0t0        TCP localhost:6263 (LISTEN)
Adobe\x20  590              simon    9u     IPv4 0xcd261b414removed        0t0        TCP localhost:15292 (LISTEN)
node       640              simon   14u     IPv4 0xcd261b414removed        0t0        TCP localhost:49249 (LISTEN)
prl_clien 3428              simon   47u     IPv4 0xcd261b413removed        0t0        TCP localhost:51476 (LISTEN)
cupsd     3656               root    5u     IPv6 0xcd261b413removed        0t0        TCP localhost:ipp (LISTEN)
cupsd     3656               root    6u     IPv4 0xcd261b414removed        0t0        TCP localhost:ipp (LISTEN)
plugin_ho 5331              simon   26u     IPv4 0xcd261b415removed        0t0        TCP localhost:52698 (LISTEN)
iTunes    5478              simon   17u     IPv4 0xcd261b415removed        0t0        TCP *:daap (LISTEN)
iTunes    5478              simon   32u     IPv6 0xcd261b413removed        0t0        TCP *:daap (LISTEN)

Find process listening on port 80

sudo lsof -n -i4TCP:80 | grep LISTEN
Password:
httpd     8748 root    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8752 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8763 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8869 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)

Find a Process

which httpd
/usr/sbin/httpd

Find A File (e.g httpd.conf)

sudo find / | grep 'httpd.conf'
/private/etc/apache2/httpd.conf~previous
/private/etc/apache2/httpd.conf
/private/etc/apache2/original/httpd.conf
/private/etc/apache2/httpd.conf.pre-update
...

Note: OSX Apache Index file location is…

/Library/WebServer/Documents/index.html.en~orig

To edit the default HTML file

sudo nano /Library/WebServer/Documents/index.html.en~orig

Built-In Apache

Disable built-in OSX apache daemon

sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist

Restart built-in Apache daemon

sudo launchctl load -w /System/Library/LaunchDaemons/org.apache.httpd.plist

View other startup daemons

sudo ls -al /System/Library/LaunchDaemons/

View All Startup Daemons

sudo launchctl list
Password:
Sorry, try again.
Password:
PID	Status	Label
-	0	com.apple.storedownloadd.daemon
7245	-44	com.apple.CoreAuthentication.daemon
189	0	com.apple.coreservicesd
-	0	com.apple.touchbarserver
-	0	com.apple.avbdeviced
289	0	com.apple.cvmsServ
-	0	com.apple.FontWorker
-	-44	com.apple.applessdstatistics
-	0	com.apple.hdiejectd
-	0	com.apple.corestorage.corestoraged
-	0	com.apple.storagekitd
-	0	com.apple.EmbeddedOSInstallService
-	0	com.apple.wifid
-	0	com.apple.storereceiptinstaller
-	0	com.macpaw.CleanMyMac3.Agent
-	0	com.apple.seld
-	0	com.apple.emond
-	-44	com.apple.iconservices.iconservicesagent
-	0	com.apple.logkextloadsd
-	0	com.apple.bluetoothReporter
68	0	com.apple.syslogd
-	0	com.apple.symptomsd-diag
258	0	com.apple.WindowServer
-	0	com.apple.NetworkSharing
-	0	com.apple.afpfs_checkafp
-	0	com.parallels.mobile.kextloader.launchdaemon
-	0	com.apple.AppleFileServer
117	0	com.apple.securityd
8529	0	com.apple.auditd
...

Force network drives to automatically connect after each login (instead of manually connecting)

Go to System Preferences > Users & Groups (click your account on left) > Drag connected network drives (from your desktop) to the Login items list box.

More: https://www.tekrevue.com/tip/automatically-connect-network-drive/

Set PHP as default Web Server delivered file in local Apache

sudo nano /private/etc/apache2/httpd.conf

Set…

DirectoryIndex index.php

Install PHP 7.0 on to OSX

FYI: 7.1 and 7.2 are out but I find 7.0 is more stable with WordPress (read more here).

More: https://php-osx.liip.ch/

sudo curl -s https://php-osx.liip.ch/install.sh | bash -s 7.0
****
[WARNING]
Detected macOS High Sierra 10.13. As this is quite new, there may be issues still. Your mileage may vary.
****
Get packager.tgz
Unpack packager.tgz
Please type in your password, as we want to install this into /usr/local
Start packager (may take some time) using /usr/bin/python2.7
downloading https://s3-eu-west-1.amazonaws.com/php-osx.liip.ch/install/7.0-10.10-frontenddev-latest.dat
downloading https://s3-eu-west-1.amazonaws.com/php-osx.liip.ch/install/7.0-10.10/frontenddev/7.0-10.10-frontenddev-7.0.24-20171002-092027.tar.bz2

Installing package 7.0-10.10-frontenddev into root /
./pkg/pre-install
pkg/pre-install
Skipping existing directory 
Skipping existing directory usr/
Skipping existing directory usr/local/
Extracting usr/local/php5-7.0.24-20171002-092027/
Extracting usr/local/php5-7.0.24-20171002-092027/bin/
Extracting usr/local/php5-7.0.24-20171002-092027/entropy-php.conf
Extracting usr/local/php5-7.0.24-20171002-092027/etc/
Extracting usr/local/php5-7.0.24-20171002-092027/include/
Extracting usr/local/php5-7.0.24-20171002-092027/info/
Extracting usr/local/php5-7.0.24-20171002-092027/lib/
Extracting usr/local/php5-7.0.24-20171002-092027/libphp7.so
...
removed
...
Extracting usr/local/php5-7.0.24-20171002-092027/bin/tsql
Extracting usr/local/php5-7.0.24-20171002-092027/bin/uconv
Extracting usr/local/php5-7.0.24-20171002-092027/bin/vacuumdb
Extracting usr/local/php5-7.0.24-20171002-092027/bin/wrjpgcom
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xgettext
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xslt-config
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xsltproc
Executing post-install script /tmp/7.0-10.10-frontenddev-post-install
Create symlink /usr/local/php5/entropy-php.conf /etc/apache2/other/+php-osx.conf
Restarting Apache
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using removed.removed.com.au. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Finished.

Create a diag file in your OSX Default Apache root

Edit your default index file

sudo nano /Library/WebServer/Documents/index.php

Contents

<?php

// Show all information, defaults to INFO_ALL
phpinfo();

// Show just the module information.
// phpinfo(8) yields identical results.
phpinfo(INFO_MODULES);

?>

Now load the file

Debug Info

Install MySQL on OSX

Download: https://dev.mysql.com/downloads/mysql/

Download MySQL

Help: https://dev.mysql.com/doc/refman/5.7/en/osx-installation-pkg.html

Uninstall MySQL OSX
Read: https://community.jaspersoft.com/wiki/uninstall-mysql-mac-os-x

Add MySQL to PATH

export PATH=$PATH:/usr/local/mysql/bin

Reboot and Check the MySQL Service

Service Status

Check MySQL Version

/usr/local/mysql/bin/mysql --version
/usr/local/mysql/bin/mysql  Ver 14.14 Distrib 5.7.20, for macos10.12 (x86_64) using  EditLine wrapper

Login to MySQL from the Command Line

/usr/local/mysql/bin/mysql -u root -p;
Enter password: 
...
mysql> 

Set a new root password (after logging in as root)

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('nUp!KGFi=*FI"2p:7mC3W<%bA_`}6Tcm^\*mS1VYp[d]dup16U\t5removed,
');
Query OK, 0 rows affected, 1 warning (0.01 sec)

fyi: You can obtain a good password here.

Bonus: Install MySQL (PHP) management tool  (in Apache)

Download: https://www.adminer.org/#download Save the file to /Library/WebServer/Documents/adminer.php

Load Adminer in your browser and log in with your root password

Login to Adminer (via Apache/PHP)

Adminer

Creating MySQL Tables in Adminer (via Apache/PHP)

Create Table

Adminer allows you to fully manage your MySQL (create databases, users, run queries, alter objects etc)

Adding Records to MySQL with Adminer

Adding Records

Remove MySQL:

Read more here: https://community.jaspersoft.com/wiki/uninstall-mysql-mac-os-x

Get your Mac Processor Name

sudo sysctl -n machdep.cpu.brand_string
Password:
Intel(R) Core(TM) i7-3720QM CPU @ 2.60GHz

Show All OSX System Settings

Command:

sysctl -a

Show Live File System Usage

sudo fs_usage

Show last 10 lines of the system log

tail -f /var/log/system.log
Dec 11 22:07:35 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:05 --- last message repeated 11 times ---
Dec 11 22:08:05 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:05 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:14 --- last message repeated 2 times ---
Dec 11 22:08:14 192-xxx-xx-xxx syslogd[68]: ASL Sender Statistics
Dec 11 22:08:16xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:46 --- last message repeated 11 times ---
Dec 11 22:08:46 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:46 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:09:03 --- last message repeated 6 times ---

Get Your Local WAN IP Address

ipconfig getifaddr en0
192.x.x.x

Get your Public IPV4 Address

curl icanhazip.com; echo
60.xxx.xx.xxx

More to come.

Hope this helps someone.

Donate and make this blog better

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.2 Find file (current version)

v1.1 Removed system info chunk (too big to format)

Filed Under: OSX Tagged With: commands, OSX, terminal, Useful

Useful Linux Terminal Commands

August 13, 2017 by Simon

Below are Ubuntu Linux commands I use often to setup, debug maintain servers.

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

I recently moved my domain from a C-Panel hosted domain (and Email to Google G Suite (my guide here)) to a self-managed Digital Ocean domain (my LetsEncrypt Guide here, my Digital Ocean guide here, my AWS setup guide here, my Vultr setup guide here) and needed to transfer my WordPress site. Setup your own Digital Ocean Ubuntu server form $5  a month (get the first 2 months free by clicking here) or setup your own Vultr Ubuntu server for as low as $2.5/month by clicking here.

How to Reboot (from time to time when prompted with *** system restart required ***” messages appear).

sudo shutdown -r now

How to set up a  bash file (*.sh) as Executable.

chmod +X filename.sh

The file will now be executable.

Viewing your crontab (Windows Task Scheduler equiv)

crontab -e

Ping a port

nmap -p 80 google.com

Rename a folder

mv /www/oldname /www/newname

Set the owner of a folder

sudo chown -R www-data:www-data /wwwfolder/wp-content/uploads/2017/11/

Check the rsync port

nmap -p 873 theserver.com

Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-19 10:34 AEST
Nmap scan report for theserver.com (xxx.xxx.xxx.xxx)
Host is up (0.00012s latency).
Other addresses for theserver.com (not scanned): xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
rDNS record for xxx.xxx.xxx.xxx: theserver.com
PORT    STATE SERVICE
873/tcp open  rsync

Run a file every 1 minute

*/1 * * * * /scripts/script1.sh

Show server name

hostname

How to verify patch status for Meltdown and Spectre

Read my guide here to install the patch here.

Verify Spectre and Meltdown patch status

dmesg | grep isolation && echo "patched :)" || echo "unpatched :("
[ 0.000000] Kernel/User page tables isolation: enabled
patched :)

or

sudo grep "cpu_insecure\|cpu_meltdown\|kaiser" /proc/cpuinfo && echo "patched :)" || echo "unpatched :("
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm invpcid_single kaiser fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt arat
patched :)

Restart network

sudo /etc/init.d/networking restart

More here.

Show Operating System Name

hostnamectl ! grep "Operating System"
 Operating System: Ubuntu 10.04.3 LTS

Show installed Packages

sudo apt-get install apt-show-versions

Show all packages with “PHP” in the name.

sudo apt-show-versions | grep php | more
 
libapache2-mod-php7.0:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
libapache2-mod-php7.0:i386 not installed
php-common:all/xenial 1:55+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:amd64/xenial 2.5.5-3+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:i386 not installed
php7.0:all/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:i386 not installed
php7.0-common:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-common:i386 not installed
php7.0-curl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-curl:i386 not installed
php7.0-dev:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-dev:i386 not installed
php7.0-fpm:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-fpm:i386 not installed
php7.0-gd:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-gd:i386 not installed
php7.0-imap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-imap:i386 not installed
php7.0-intl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-intl:i386 not installed
php7.0-json:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-json:i386 not installed
php7.0-ldap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-ldap:i386 not installed
php7.0-mbstring:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mbstring:i386 not installed
php7.0-mysql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mysql:i386 not installed
php7.0-opcache:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-opcache:i386 not installed
php7.0-pgsql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pgsql:i386 not installed
php7.0-phpdbg:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-phpdbg:i386 not installed
php7.0-pspell:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pspell:i386 not installed
php7.0-readline:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-readline:i386 not installed
php7.0-recode:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-recode:i386 not installed
php7.0-snmp:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-snmp:i386 not installed
php7.0-tidy:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-tidy:i386 not installed
php7.0-xml:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-xml:i386 not installed
php7.0-zip:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-zip:i386 not installed

Send Messages Other Logged In Users (CLI)

Show all user logged in

w
 20:11:51 up 1 day, 10:25,  2 users,  load average: 0.00, 0.04, 0.01
USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
root     tty1                      20:03   31.00s  0.24s  0.20s -bash
user1    pts/0    123.123.123.123  20:09    0.00s  0.08s  0.01s w

Sent a message to usr1

echo "Hello User1" > /dev/pts/0

Sent a message to the root console

echo "Hello Admin" > /dev/tty1

Messages will appear at the bottom of the user’s console.

Processor

List processes in a tree view (… = removed)

ps -e --forest
  PID TTY          TIME CMD
    2 ?        00:00:00 kthreadd
    3 ?        00:00:00  \_ ksoftirqd/0
    5 ?        00:00:00  \_ kworker/0:0H
    7 ?        00:01:56  \_ rcu_sched
    8 ?        00:00:00  \_ rcu_bh
    9 ?        00:00:00  \_ migration/0
   35 ?        00:00:00  \_ vmstat
   37 ?        00:00:00  \_ ecryptfs-kthrea
   54 ?        00:00:00  \_ acpi_thermal_pm
   55 ?        00:00:00  \_ vballoon
   65 ?        00:00:00  \_ scsi_eh_0
   66 ?        00:00:00  \_ scsi_tmf_0
   67 ?        00:00:00  \_ scsi_eh_1
   68 ?        00:00:00  \_ scsi_tmf_1
   74 ?        00:00:00  \_ ipv6_addrconf
   36 ?        00:00:00  \_ kpsmoused
  456 ?        00:00:00  \_ iscsi_eh
...
    1 ?        00:00:02 init
...
  452 ?        00:00:00 upstart-file-br
  453 ?        00:00:00 dbus-daemon
...
 1489 ?        00:00:00 cron
 1514 ?        00:00:06 irqbalance
 1518 ?        00:00:00 sshd
11855 ?        00:00:00  \_ sshd
11914 pts/4    00:00:00      \_ bash
12008 pts/4    00:00:00          \_ ps
 1523 ?        00:00:09 php-fpm7.0
 1785 ?        00:00:03  \_ php-fpm7.0
 1786 ?        00:00:02  \_ php-fpm7.0
...
 1692 ?        00:01:52 mysqld
 ...
 1891 ?        00:00:53 fail2ban-server
...
 1956 ?        00:00:00 nginx
 1957 ?        00:00:02  \_ nginx
 1958 ?        00:00:03  \_ nginx
 1959 ?        00:00:01  \_ nginx
 1978 ?        00:00:24 ntpd
 2000 ?        00:00:00 systemd-logind
 2011 ?        00:03:24 redis-server
 ...

View major processes by usage/memory

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head                                    Sat Sep 16 18:51:17 2017

  PID  PPID CMD                         %MEM %CPU
 1692     1 /usr/sbin/mysqld             5.0  0.0
 1523     1 php-fpm: master process (/e  1.0  0.0
 1662     1 /usr/bin/lxd --group lxd --  0.4  0.0
 1785  1523 php-fpm: pool www            0.4  0.0
 1786  1523 php-fpm: pool www            0.3  0.0
 1891     1 /usr/bin/python3 /usr/bin/f  0.3  0.0
 1957  1956 nginx: worker process        0.2  0.0
 1958  1956 nginx: worker process        0.2  0.0
11855  1518 sshd: [email protected]/4             0.1  0.0

Read more on ps here.

How big is a folder

du -hs ./foldername
412MB    ./foldername

Change FIle Create/Modify time’s

Change File Creation Date

SetFile -d '11/25/2019 23:00:00' ./file.doc

Change file modify/accessed time

touch -mt 201911282300 ./filename.doc

Tree

Tree needs to be installed first

sudo apt-get install tree

Show an ASCII representation of a folder structure

tree

Show files in a  structure

tree -a -h -v
.
├── [4.0K]  folder
├── [3.0K]  logfile.log
└── [1.7M]  zipfile.tgz

Show directories

tree -d
.
└── [4.0K]  subfolder

List all files and folders in a structure

tree -a -f -p -h  -l -R

Backup a  www folder

cp -rTv /www/ /backup/www

Common (Digital Ocean) Debugging commands

cat /etc/network/interfaces.d/50-cloud-init.cfg
cat /etc/network/interfaces
ip addr
ip route
uname -a
iptables -nvL --line-numbers
ls -l /lib/modules
cat /etc/udev/rules.d/70-persistent-net.rules

Networking

Display all TCP connections

netstat -at

Display all UDP connections

netstat -au

List all Listening Connections

netstat -l

Show all Network stats

netstat -s

Show all UDP Network stats

netstat -st

Show all TCP Network stats

netstat -su

Show network packets

netstat -i

Displaying raw info

netstat --statistics --raw

Show open ports

netstat -a | grep "LISTEN "

Upload a file to a remote server over ssh

scp /local/folder/local-file.zip [email protected]:/remote/server/destination-folder/

Zip files

Install zip

sudo apt-get install zip

Zip a  whole directory (with high compression)

zip -r -9 /folder/zipfile.zip /directory-to-zip

Zip a  whole directory (excluding *.tmp, *temp, *.bak and *.zip file types)

zip -r -9 /folder/zipfile.zip /directory-to-zip -x "*.tmp" -x "*.temp" -x"./backup/*.bak"-x "./backup/*.zip" -x "*promo*.mp4""

Zip Help

zip
Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
Zip 3.0 (July 5th 2008). Usage:
zip [-options] [-b path] [-t mmddyyyy] [-n suffixes] [zipfile list] [-xi list]
  The default action is to add or replace zipfile entries from list, which
  can include the special name - to compress standard input.
  If zipfile and list are omitted, zip compresses stdin to stdout.
  -f   freshen: only changed files  -u   update: only changed or new files
  -d   delete entries in zipfile    -m   move into zipfile (delete OS files)
  -r   recurse into directories     -j   junk (don't record) directory names
  -0   store only                   -l   convert LF to CR LF (-ll CR LF to LF)
  -1   compress faster              -9   compress better
  -q   quiet operation              -v   verbose operation/print version info
  -c   add one-line comments        -z   add zipfile comment
  [email protected]   read names from stdin        -o   make zipfile as old as latest entry
  -x   exclude the following names  -i   include only the following names
  -F   fix zipfile (-FF try harder) -D   do not add directory entries
  -A   adjust self-extracting exe   -J   junk zipfile prefix (unzipsfx)
  -T   test zipfile integrity       -X   eXclude eXtra file attributes
  -y   store symbolic links as the link instead of the referenced file
  -e   encrypt                      -n   don't compress these suffixes
  -h2  show more help

Backup NGINX

zip -r -9 /backup/nginx.zip /etc/nginx/ -x "*.tmp" -x "*.temp" -x"./backup/*.bak" -x "./backup/*.zip"

Unzip

Installing Unzip

sudo apt-get install unzip

Unzip a  file

unzip filename.zip

Updates

Setup Unattended Ubuntu Security updates

sudo apt-get install unattended-upgrades
sudo unattended-upgrades -d

At login, you should receive

0 updates are security updates.

Show Configured NGINX server names

grep "server_name" /etc/nginx/sites-available/default
server_name www.servername.com myservername.com localhost;

Services

Reload daemon services

systemctl daemon-reload

Verify the MongoDB service file exists

ls /etc/systemd/system | grep servivename

View the status of services

systemctl list-unit-files --type=service
UNIT FILE                                  STATE
accounts-daemon.service                    enabled
acpid.service                              disabled
[email protected]                    static
apt-daily-upgrade.service                  static
apt-daily.service                          static
...

Local Dump

locale -a
C
C.UTF-8
en_AG
en_AG.utf8
en_AU.utf8
en_BW.utf8
en_CA.utf8
en_DK.utf8
en_GB.utf8
en_HK.utf8
en_IE.utf8
en_IN
en_IN.utf8
en_NG
en_NG.utf8
en_NZ.utf8
en_PH.utf8
en_SG.utf8
en_US
en_US.iso88591
en_US.utf8
en_ZA.utf8
en_ZM
en_ZM.utf8
en_ZW.utf8
POSIX

Show All Defined Ports

cat /etc/services

Show defined rsync ports

cat /etc/services | grep rsync

Show listening ports (active connections)

netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1707/mysqld
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      2023/redis-server 1
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1968/nginx
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      2097/pure-ftpd (SER
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1525/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1968/nginx
tcp6       0      0 fe80::1:13128           :::*                    LISTEN      1708/lxd-bridge-pro
tcp6       0      0 :::80                   :::*                    LISTEN      1968/nginx
tcp6       0      0 :::21                   :::*                    LISTEN      2097/pure-ftpd (SER
tcp6       0      0 :::22                   :::*                    LISTEN      1525/sshd
udp        0      0 10.99.0.10:123          0.0.0.0:*                           1990/ntpd
udp        0      0 45.77.48.141:123        0.0.0.0:*                           1990/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1990/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           1990/ntpd
udp6       0      0 fe80::1:123             :::*                                1990/ntpd
udp6       0      0 ::1:123                 :::*                                1990/ntpd
udp6       0      0 :::123                  :::*                                1990/ntpd

Show service status

service --status-all

View your bash history for a past command (e.g “openssl”).

grep "openssl" ~/.bash_history
openssl req -new -newkey rsa:4096 -nodes -keyout fearby.key -out fearby.csr

View last 1 line of a file.

tail -n 1 index.html
</body></html>

Ping a server

ping -c 2 fearby.com

How to check system uptime (and load average)

uptime
> 12:18:48 up 1 min,  1 user,  load average: 0.30, 0.18, 0.17

Uptime in friendly format

uptime -p
up 23 hours, 42 minutes

The load averages at the end are the last 1, 5 min and 15 minutes.

The w command is handy for showing uptime information as-well as logged in users (The ‘w -i’  parameter -i is handy for seeing what IP people are logged in from).

w -i
> 12:22:41 up 5 min,  1 user,  load average: 0.00, 0.07, 0.05
USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
root     pts/0    123.123.123.123    12:18    1.00s  0.07s  0.00s w

How to download a file

curl -o localfile.zip http://www.serverwhereiuploadedthefile.com/remotefile.zip

How to edit NGINX configuration

sudo nano /etc/nginx/nginx.conf

and

sudo nano /etc/nginx/sites-available/default

How to find a file

find / -name filename.ext

also

locate php.ini

Find contents in files (recursive)

grep -r "ahref" *

Find files by name and run a command on each

find -iname "index.html" -exec md5sum {} \;

Show differences in files

diff index.html index2.html
< <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>
---
> <body>Loading <a href="https://www.fearby.com/blog/">https://www.fearby.com/blog/</a></body></html>

Show contents of file (e.g urls.txt)

cat urls.txt
http://www.server1.com
http://www.server2.com
http://www.server3.com
http://www.server4.com
http://www.server5.com

Download all files mentioned in a text file.

cat urls.txt | xargs wget –c
.. download 4 files ...
cat urls.txt | xargs wget –c

View all packages with updates

sudo /usr/lib/update-notifier/apt-check -p

Output:

cryptsetup-bin
libdns-export162
libisccfg140
mongodb-org-mongos
linux-libc-dev
libgdk-pixbuf2.0-0
tcpdump
bind9-host
dnsutils
nodejs
libpython3.5
python3.5
python3.5-minimal
libisc160
grub-legacy-ec2
libapparmor1
libplymouth4
mongodb-org-shell
ntp
libtidy5
libapparmor-perl
libisc-export160
liblwres141
libcryptsetup4
libgdk-pixbuf2.0-common
libdns162
apache2-bin
apparmor
libisccc140
mongodb-org
libpython3.5-stdlib
libbind9-140
libpython3.5-minimal
cryptsetup
mongodb-org-server

or (on ubuntu 16.04)

apt list --upgradable

Updates

Always backup your server’s configuration before updating.

Backup MySQL

mysqldump --all-databases > /backup/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -p

Crontab

Add this to crontab -e to backup at 1 am every day

0 1 * * * /usr/bin/mysqldump --all-databases > /backup/mysql/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -pmysqlpassword

/scripts/shrinkmysql.sh  script to shrink SQL files

sudo nano /scripts/shrinkmysql.sh
#!/bin/bash

tar -zcf /backup/mysql-$( date '+%Y-%m-%d_%H-%M-%S' ).tgz /backup/mysql/
rm /backup/mysql/*.sql

I had to add this to crontab

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin/:/sbin:/usr/sbin:/scripts/:

Cron job to shrink SQL dumps at 2am every day

0 2 * * * /bin/bash /scripts/shrinkmysql.sh > /dev/null 2>&1

Write to a single log file from the crontab at 2 am every day.

todo

Query a package (e.g. siege package)

sudo dpkg-query -l | grep siege *

How to set up a free SSL certificate (see my guide here).

How to set your timezone.

dpkg-reconfigure tzdata

How to restart PHP

sudo systemctl restart php7.0-fpm

How to show the time on the server

sudo hwclock --show

Reload and restart the NGINX configuration and web server.

sudo nginx -t
sudo nginx -s reload
sudo /etc/init.d/nginx restart

JSON viewing program

Installing

sudo apt-get install jq

Using

wget wget https://downloads.wordpress.org/plugin/genesis-enews-extended.2.0.2.zip

or

curl 'https://api.github.com/repos/stedolan/jq/commits?per_page=5' | jq .

output from json tool

Below are utilities I use a lot.

ncdu file size utility

Installing

sudo apt-get install ncdu

Using

sudo ncdu /

pydf disk checking utility

Installing

sudo apt-get install pydf

Using

pydf

output from pydf tool

ntp timezone service

Installing

sudo apt-get install ntp

Using

ntp

Displaying startup processes

Installing

sudo apt-get install rcconf

Using

sudo rcconf

htop process manager.

Installing

sudo apt-get install htop

Using

htop

output from htop tool

Network Benchmarking (between two servers)

I use iperf to measure total bandwidth between two servers. You will need to allow port 5001 (TCP IPV4 and TCP IPV6 in and out) in any local firewalls and hosts GUIs.

Allow port 5001 on an ufw firewall (IN and OUT)

sudo ufw allow 5001

#I Set port 5001 firewall on my hosts (Digital  Ocean and Vultr GUI)

Deny IP

sudo ufw deny from 123.123.123.123

Allow port 22 access to known IP

sudo ufw allow from 123.123.123.123/24  to any port 22

Deny Outgoing Port

sudo ufw deny out 22

Allow out on port to known IP

sudo ufw allow out from 123.123.123.123 to any port 22

More securing Ubuntu in the cloud here.

Install iperf on the target and source Ubuntu server.

sudo apt-get install iperf

Run this on the listening server.

iperf -s

Run this on benchmarking server (and add the IP of the listening server).

iperf -c 123.123.123.123

Results

Screen dump of ipref -c ip
iperf benchmarking output

Testing concurrent connections to a web server with siege.

Install siege

sudo apt-get install siege

Benchmarking a HTTP server

./siege -t1m c10 'https://fearby.com'

#10 Concurent users

Benchmarking HTTPS sites

Install siege 4.0.2 ( steps here ).

Verify siege 4.0.2 is installed by running

siege -v

Now can benchmark https sites

./siege -t1m c10 'https:/thedomain.com'

View incoming connections on the target server

sudo netstat -tupn

I always increase my history size and tell it not to store duplicates.

Viewing your typed terminal history

history

Increasing your history size

HISTSIZE=10000
HISTCONTROL=ignoredups

How to Update Ubuntu

sudo apt-get update
sudo apt-get dist-upgrade

or

sudo apt-get update && sudo apt-get upgrade

Edit SSH authorized keys

sudo nano ~/.ssh/authorized_keys

Search file and show lines where text matches

grep -i "href" index.html
> <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>

View packages with updates

/usr/lib/update-notifier/apt-check --human-readable
35 packages can be updated.
15 updates are security updates.

View Boot Text

dmesg

Automatic Monitoring (ever 1 second)

Active network connections

watch -n 1 'netstat -at'

Network Packets

watch -n 1 'netstat -i'

Free memory

watch -n 1 'free -m'

Memory breakdown

watch -n 1 'cat /proc/meminfo'

or

watch -n 1 'vmstat -s'

Monitor NGINX memory

watch -n 1 'ps axu |grep nginx'

more soon…

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

50 most useful Linux commands (view here).

View other Linux command informing sites here, here and here.

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v1.8 Show users and senda messages to other users

v.71 Show Operating System Name

v1.7 added Meltdown and Spectre patch information

v1.6 Removed -x fom zip directory

V1.5 Restart Network

v1.4 added Useful OSX Commands

Filed Under: Terminal, Ubuntu, VM Tagged With: commands, Linux, terminal

Connecting to an AWS EC2 Ubuntu instance with Cloud 9 IDE as user ubuntu and root

September 1, 2016 by Simon Fearby

Recently I setup an Amazon EC2 Ubuntu Server instance and wanted to connect it to the awesome Cloud 9 IDE. I was sick of interacting with a server through terminal windows.

Use this link and get $19 free credit with Cloud 9: https://c9.io/c/DLtakOtNcba

c9io15-004

Cloud 9 IDE (sample screenshot)

C9 IDE

Previously I was using Digital Ocean (my Digital Ocean setup guide here) and this was simple, you get a VM and you have a root account and you do what you want.  Amazon AWS however, have extra layers of security that prevent logging in as root via SSH and that can be a pain with Cloud 9 as your workspace tree is restricted to the ~/ (home) folder.

Below are the steps you need to connect to an AWS instance with user “ubuntu” and “root” with Cloud 9.

Connecting to an AWS instance with Cloud 9 as user “ubuntu”

1. Purchase and set-up your AWS instance (my guide here).

2. You need to be able to login to your AWS server from a terminal prompt (from OSX).  This may include opening port 22 the AWS Security Group panel. Info on SSH logins here.

ssh -i ~/.ssh/yourawsicskeypair.pem [email protected]

3. On your AWS server (from step 2) Install NodeJS.

You will know node is installed if you get a version returned when typing the following bash command.

node -v

tip: If node is not installed you can run the Cloud 9 pre-requisites script (that includes node).

curl -L https://raw.githubusercontent.com/c9/install/master/install.sh | bash

4. Ensure you have created SSH key on Cloud 9 (guide here).

5. Copy your Cloud 9 SSH key to the clipboard.

6. On your AWS server (in step 2) edit the ~/.ssh/authorized_keys file and paste in the Cloud 9 SSH key (after you AWS key pair that was added from the setup of AWS) to a new line and save the file.

7. Log in to Cloud 9 and click create Workspace then Remote SSH Workspace.

  • Name your workspace (all lowercase and no spaces).
  • Username: ubuntu
  • Hostname: Add your AWS ec2 server hostname.
  • Initial Path: This has to be ~/

c9io15-000

8. Click Create Workspace

c9io15-002

9. If all goes well you will have a prompt to install the prerequisites.

c9io15-001

If this fails check out the Cloud 9 guide here.

Troubleshooting: I had errors like “Project directory does not exist or is not writable and “Unable to change File System Path in SSH Workspace” because I was trying to set the workspace path as “/” (this is not possible on AWS with the “ubuntu” account.

10. Now you should have a web-based IDE that allows you to browse your server, create and edit files, run termials instances that will reconnect if your net connection or browser tab drops out (you can even go to a different machine and continue with your session).

c9io15-003

Connecting to an AWS instance with Cloud 9 as user “root

Connecting to your server as the “ubuntu” server is fine if you just need to work in your “ubuntu” home folder.  As soon as you want to start changing other settings outside of your home folder you are stuck.  Granting “ubuntu” higher privileges server wide is a bad idea so here is how you can enable “root” login via SSH access.

WARNING: Logging in as ROOT IS BAD, you should only allow Root Login for short periods and it is advisable to remove root login abilities as soon as you do not need them or in production.

Having root access while developing or building a new server saves me bucket loads of time so lets allow it.

1. Follow step 1 to 5 in the steps above (setup AWS, ssh access via terminal, install node, create cloud 9 ssh key, copy the cloud 9 ssh key to the clipboard).

2. SSH to your AWS server and edit the following file:

sudo nano /etc/ssh/sshd_config
# -- Make the following changes
# PermitRootLogin without-password
PermitRootLogin = yes

Save.

3. Backup your root authorised keys file

sudo cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak

4. Edit the root authorized_keys file and paste in your Cloud 9 SSH Key.

c9io15-005

5. Now you can create a Cloud 9 Connection to your server with root

  • Name your workspace (all lowercase and no spaces).
  • Username: root
  • Hostname: Add your AWS ec2 server hostname.
  • Initial Path: This has to be /

c9io15-007

tip:  If you have not added you SSH key correctly you will receive this error when connecting.

c9io15-006

6. You should now be able to connect to AWS ec2 instances with Cloud 9 as root and configure/do anything you want without switching to shell windows.

c9io15-009

Security

As a precaution, do check your website often in https://www.shodan.io and see if it has open software or is known to hackers.
Enjoy

If this guide has helped please consider donating a few dollars.

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

V1.6 security

Filed Under: Cloud, Domain, Hosting, Linux, NodeJS, Security, ssl Tagged With: AWS, c9, cloid, ssh, terminal

Primary Sidebar

Poll

What would you like to see more posts about?
Results

Support this Blog

Create your own server today (support me by using these links

Create your own server on UpCloud here ($25 free credit).

Create your own server on Vultr here.

Create your own server on Digital Ocean here ($10 free credit).

Remember you can install the Runcloud server management dashboard here if you need DevOps help.

Advertisement:

Tags

2FA (9) Advice (17) Analytics (9) App (9) Apple (10) AWS (9) Backup (21) Business (8) CDN (8) Cloud (49) Cloudflare (8) Code (8) Development (26) Digital Ocean (13) DNS (11) Domain (27) Firewall (12) Git (7) Hosting (18) HTTPS (6) IoT (9) LetsEncrypt (7) Linux (20) Marketing (11) MySQL (24) NGINX (11) NodeJS (11) OS (10) PHP (13) Scalability (12) Scalable (14) Security (44) SEO (7) Server (26) Software (7) SSH (7) ssl (17) Tech Advice (9) Ubuntu (39) Uncategorized (23) UpCloud (12) VM (44) Vultr (24) Website (14) Wordpress (25)

Disclaimer

Terms And Conditions Of Use All content provided on this "www.fearby.com" blog is for informational purposes only. Views are his own and not his employers. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. Never make changes to a live site without backing it up first.

Advertisement:

Footer

Popular

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Add Google AdWords to your WordPress blog

Security

  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • Setting up DNSSEC on a Namecheap domain hosted on UpCloud using CloudFlare
  • Set up Feature-Policy, Referrer-Policy and Content Security Policy headers in Nginx
  • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
  • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
  • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
  • Beyond SSL with Content Security Policy, Public Key Pinning etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Run an Ubuntu VM system audit with Lynis
  • Securing Ubuntu in the cloud
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider

Code

  • How to code PHP on your localhost and deploy to the cloud via SFTP with PHPStorm by Jet Brains
  • Useful Java FX Code I use in a project using IntelliJ IDEA and jdk1.8.0_161.jdk
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider
  • How to setup PHP FPM on demand child workers in PHP 7.x to increase website traffic
  • Installing Android Studio 3 and creating your first Kotlin Android App
  • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
  • How to use Sublime Text editor locally to edit code files on a remote server via SSH
  • Creating your first Java FX app and using the Gluon Scene Builder in the IntelliJ IDEA IDE
  • Deploying nodejs apps in the background and monitoring them with PM2 from keymetrics.io

Tech

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • US v Huawei: The battle for 5G
  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Is OSX Mojave on a 2014 MacBook Pro slower or faster than High Sierra
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • The case of the overheating Mac Book Pro and Occam’s Razor
  • Useful Linux Terminal Commands
  • Useful OSX Terminal Commands
  • Useful Linux Terminal Commands
  • What is the difference between 2D, 3D, 360 Video, AR, AR2D, AR3D, MR, VR and HR?
  • Application scalability on a budget (my journey)
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.

Wordpress

  • Replacing Google Analytics with Piwik/Matomo for a locally hosted privacy focused open source analytics solution
  • Setting web push notifications in WordPress with OneSignal
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Wordfence Security Plugin for WordPress
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
  • Moving WordPress to a new self managed server away from CPanel
  • Moving WordPress to a new self managed server away from CPanel

General

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • US v Huawei: The battle for 5G
  • Using the WinSCP Client on Windows to transfer files to and from a Linux server over SFTP
  • Connecting to a server via SSH with Putty
  • Setting web push notifications in WordPress with OneSignal
  • Infographic: So you have an idea for an app
  • Restoring lost files on a Windows FAT, FAT32, NTFS or Linux EXT, Linux XFS volume with iRecover from diydatarecovery.nl
  • Building faster web apps with google tools and exceed user expectations
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..

Copyright © 2023 · News Pro on Genesis Framework · WordPress · Log in

Some ads on this site use cookies. You can opt-out if of local analytics tracking by scrolling to the bottom of the front page or any article and clicking "You are not opted out. Click here to opt out.". Accept Reject Read More
GDPR, Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT