We all know that one can configure SSH to login automatically by adding the client's public key to the server's ~/.ssh/authorized_keys file. But what if you need to run commands on 200 machines and don't want to login to every single machine to add the key? Search no more, this tutorial has the answer!

1. Installing sshpass

sshpass is a tool for non-interactivly performing password authentication with SSH's so called "interactive keyboard password authentication".

Here's a standard SSH connect command:


First you have to answer "yes" to accept the host key and then to enter the password.

With sshpass, you are able to specify the password on the command line and skip this step. Here's how to install it:


sshpass is now ready to be used!

2. Using sshpass

The sshpass' syntax is:


So instead of doing:


You can simply do:


You will be automatically logged in, without any password prompt:


3. Automatically accepting host keys

The last problem is this prompt:


When you're using sshpass to connect on a single machine that you use often, it's not a big deal because you will get the prompt once and never again after. But if you want to connect to 200 machines, you definitely don't want to type "yes" 200 times.

To fix this issue, simply add this line in /etc/ssh/ssh_config on the CLIENT machine:


With this setting enabled, SSH will automatically accept the host keys and will not prompt you about it.

4. Automating the process

This section will show you how to easily automate the process of running commands on any number of machines you want.

First you will need a file containing the hostname, username and password for each of the servers you want to run commands on, in a CSV format. For example:

ssh_magic.csv:

Then you will create this bash script:

ssh_magic.sh:

Simply place ssh_magic.csv and ssh_magic.sh together and run the script.

Conclusion

You now know how to run commands on any number of SSH machines, without any prompt! Make sure you check the other ways to pass the password to sshpass - they offer more secure ways than directly on the command line with the -p option.

View 3 Comment(s)

Software Projects, a New York based full-service Internet Marketing firm, is seeking a bright, articulate, detail-oriented, and technical applicant interested in joining our group of software professionals.

As a Technical Account Manager, you will work directly with clients, translating client vision into technical requirements, submit weekly plans, manage teams of engineers and oversee all software development work.

You will brain-storm with engineers, think outside the box, provide direction and leadership, while directly interacting with some of the best minds in our industry.

== Requirements:
* Excellent problem solving skills
* Leader, Motivator, Confidence, Energetic
* Superb communication skills with the know-how to verbalize ideas into technical requirements
* Minimum 2 years programming experience (PHP / C / Perl)
* Experience with FreeBSD/Linux a great plus

== Responsibilities:
* Translate client wants into requirements
* Plan projects, oversee software development
* Solve Problems
* Update clients on progress
* Maintain high client satisfaction

== Location:
You will be working from your home office for the first six months. After that time, you will have the option of relocating to one of our offices or continuing to work from home.

== Next steps:
Send an email to hr@softwareprojects.com with your resume and let us know when is a good time to chat.

Didn't update your resume in the last 2 years? That's fine. It's all about your experience and skills! Send us a quick cover-letter and we'll follow-up.

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.

This tutorial describes how to install a very simple implementation of Squid on your network.

1. Getting started

The first thing you want to do is to download Squid. In this tutorial, we're going to work in the /usr/local/src directory.


Then you want to extract Squid and change to its directory:


We're now ready to compile and install Squid!

2. Compiling/installing Squid

Compiling and installing Squid is very easy:


If the configure command fails because you don't have Perl, you can simply install it like this:


Then re-run the configure command.

3. Configuring Squid

First of all, you need to add the "visible_hostname" setting in your Squid configuration file. The main configuration file is:


Open it with your favorite editor and find this block:


At the end of the block (before the next "TAG" block), insert a new line and put something like this:


Replace "freebsd" with any hostname you want Squid to use - it can be a local hostname or a fully qualified domain name. Save the file.

Now you need to adjust some permissions before Squid can be initialized...


Squid can now be initialized. Use this command:


Squid is now ready to run!

4. Starting/stopping Squid

Starting Squid:


Stopping Squid:


You can start Squid automatically at boot time by creating the /usr/local/etc/rc.d/squid.sh file with this content:


You also need to allow execution of this file:


5. Using Squid with your browser

To use Squid with your browser, you simply need to set it as a proxy in your browser's settings. Squid is listening on TCP port 3128. So if your FreeBSD machine's IP is 1.2.3.4, you will configure your proxy to be 1.2.3.4, port 3128.

Once configured, all the traffic over the chosen protocols (usually your browser lets you choose for which protocols you want to use a proxy) will go through your Squid server.

6. "Overriding" Web sites addresses

The first place where Squid is looking when it comes to resolving URL's to IP addresses is in the /etc/hosts file. If you want to "override" Web sites addresses, simply add them in the /etc/hosts file along with the IP address where you want to redirect traffic.

For example, let's say that you want your Squid's users to be sent to 1.2.3.4 when they request www.google.com instead of to the real google.com. To do so, you will add this line in your /etc/hosts file:


Replace "1.2.3.4" with the IP of the machine where you want to redirect traffic. This isn't really a "redirect" as the users will never see 1.2.3.4 in their browser. For them, it will look like just as if they were really on www.google.com, not on 1.2.3.4.

NOTE: you NEED to restart Squid when you make changes in /etc/hosts.

Conclusion

Squid is very simple to install and use. Though, it's also VERY powerful and flexible: it has literally thousands of options! This tutorial only covered the very basic use - refer to the Squid users guide if you want to customize squid.conf.

Resources

* Squid
* Configuration guide
* Configuration examples
* Users guide

This weekend we converted all SPI mutlihomed hosting email mailboxes from the mbox format to maildir.

What is the difference between mbox and maildir?

Mbox is the traditional way of storing mail messages in the Unix world. In this format, a regular text file which serves as the mail user's mailbox file is created.

Pros: Format is universally supported, Appending a new mail into the mailbox file is fast, Searching text inside a single mailbox file is fast.

Cons: Has file locking problems, Has problems when used with network file systems, Format is prone to corruption.

Maildir is a new way of storing mail messages. In this format, a directory usually named Maildir is created for each mail user. Under this directory are three more directories named new, cur and tmp.

Pros: Locating, retrieving and deleting a specific mail is fast, Minimal to no file locking needed, Immune to mailbox corruption (assuming the hardware will not fail).

Cons: Some filesystems may not efficiently handle a large number of small files, Searching text, which requires all mail files to be opened is slow.

Why we chose Maildir

We've decided to upgrade to Maildir because its more reliable (entire mailbox never fully corrupts) and thanks to no locking it is noticeably much faster to access your mail over Maildir.

Ongoing mbox file locking issues were driving us nuts.

SPI is using the Dovecot mail server on all machines. Dovecot is one of the highest performing IMAP servers. Luckily it supports both mbox and maildir, so all we had to do was: Convert old email messages from mbox to maildir.

Mb2md

Mb2md is a Perl script that takes one or more Mbox format mailbox files in a directory and convert them to Maildir format mailboxes.

Replace USERNAME below with the unix username whose mailbox you are converting

Step 1: Set environment variables for Mb2md


Step 2: Convert the inbox folder and create Maildir folder


Step 3: Convert other folders the user created


Step 4: Copy IMAP subscriptions


Step 5: Tell sendmail to deliver new mail to the user's /Maildir


Step 6: Delete old mbox files


Testing & Troubleshooting

To test, use sendmail to send a test message to your user:


If all works well, your email message will be delivered to the user's Maildir.

If you see the mail appended to /var/mail/USERNAME (do a tail -f /var/mail/USERNAME), this means sendmail is failing to invoke .procmailrc and deliver the email message to Maildir.

This is usually due to the /home or /home/USERNAME folders not having the correct file permissions.

Run this command to troubleshoot:

In a recent post, we explained how to run FreeBSD on Windows using VirtualBox. Today we will show you how to achieve the same thing but using VMware Server. VirtualBox is a very nice application: it's fast, simple and lightweight; but VMware Server has some very interesting features to offer:

* It can run any number of virtual machines in the background. You don't need to keep any window opened and you can simply access your virtual machines using SSH if you wish.

* It supports any guest operating system, including 64-bit versions.

* All the administration is done via a great Web interface.

As VirtualBox, VMware Server is also 100% free. Another product that is competing VMware Server, and that is also free, is Microsoft VirtualServer. It has the same features but is harder to install, harder to use and is a lot more fragile. After months of testing, VMware Server proved to be the best on performance, stability and usability.

1. Download VMware Server

The first step is obviously to download VMware Server. Go there: http://www.vmware.com/products/server/ and click on the "Download" button on the left. You will need to register to download the software. Once you're registered and logged in, copy the "VMware Server 2 for Windows" serial number displayed in the "Licensing" section of the page and paste it somewhere - you will need it later. Then grab the "VMware Server 2" EXE image under the "Binaries" section. The file is around 500MB.

2. Install VMware Server

Installing VMware Server is very straightforward: basically, you simply run the setup file and hit next, next, next, next... without changing anything. There's no real options except which shortcuts you want to create.

At the end of the setup, you will be asked to enter your serial number. Because of the virtual network adapters VMware Server installs, you will also be required to reboot: you need to do it immediately if you want to go further in this tutorial.

3. Download FreeBSD

In this tutorial, we'll be installing FreeBSD 7.2 minimal. If you have a 64-bit CPU, download this one (amd64 release):

ftp://ftp.freebsd.org/pub/FreeBSD/re...md64-disc1.iso

If you have a 32-bit CPU, download this one (i386 release):

ftp://ftp.freebsd.org/pub/FreeBSD/re...i386-disc1.iso

The ISO file is around 600MB.

4. Create the FreeBSD Virtual Machine

Start the VMware Server Web Access using the Start Menu shortcut (called "Web Access") or use your favorite browser and go to this URL: http://127.0.0.1:8308/ui/

Log into the VMware Server Web Access using your Windows account.

The first thing to do is to add a Datastore to your VMware Server configuration. To do so, click on your machine name on the left panel and click on the "Add Datastore" link on the right panel. The Datastore is a folder where everything about virtual machines will get created and stored. Simply give it a name and specify the directory (example: name: VM, directory: d:\VM).

Click on the "Create Virtual Machine" on the right panel:

* Name the virtual machine "FreeBSD", select the Datastore you've just created and hit next.

* Choose "Other operating systems", choose "FreeBSD" (32 or 64-bit, depending on your CPU) in the combo box and hit next.

* Assign the amount of memory you want your virtual machine to have (usually the recommended amount is quite good, unless you need a high-performance virtual machine). If you have a multi-core CPU (or many CPU's), you can choose the number of CPU's you want your virtual machine to use. Hit next when you're satisfied with your settings.

* Select "Create a New Virtual Disk" and hit next.

* Choose the size you want your virtual disk to have and hit next.

* Select "Add a Network Adapter" and hit next.

* Leave the settings to "Bridged" and hit next.

* In the CD/DVD section, select "Use an ISO Image" and hit next.

* Move the FreeBSD 7.2 ISO image you've just downloaded somewhere under the directory you're using as your Datastore. Then select it and hit OK. Then hit next.

* Select "Don't Add a Floppy Drive"

* Select "Don't Add a USB Controller"

* Check "Power on your new virtual machine now" and Hit "Finish"

5. Installing FreeBSD

Now that your FreeBSD virtual machine is created, it's time to install FreeBSD! First of all, in the VMware Server Web Access, click on the FreeBSD virtual machine on the left panel. Then click on the "Console" tab on the right, and click anywhere in the black screen. A small console window will popup: that's your FreeBSD machine, just like if you were sitting in front of a computer running FreeBSD.

NOTE: the console window "steals the focus"; at any time, press CTRL+ALT to release focus from this window. And simply click into the console window to use it.

It should boot from the ISO image you've specified in the setup: it's now time to install FreeBSD:

* Choose "United States" and hit enter.

* Choose "Standard" and hit enter.

* In the Disk Geometry screen, hit "a", then "q".

* Choose "BootMgr" and hit enter.

* In the Partition screen, hit "a", then "q".

* In the "Choose Distributions" screen, select "Minimal" and hit space to check it. Then hit tab, then enter on the OK button.

* Choose CD/DVD and hit enter. The base system will install.

* Network:

Hit "yes" to configure network.
Choose the "em0" network interface.
Hit "yes" to configure using DHCP.
Enter an hostname and hit enter many times.
Choose "no" to use this machine as a gateway.
Hit "no" to enable inetd.
Hit "yes" to enable SSH.
Hit "no" to anonymous FTP.
Hit "no" to NFS server.
Hit "no" to NFS client.

* Last settings:

Hit "no" to customize console.
Hit "yes" to timezone and choose your timezone.
Hit "no" to PS/2.
Hit "no" to package collection.
Hit "no" to create a user.
Set the "root" password.
Hit "no" to visit the options menu.

At the main menu, hit tab to go to the "Exit Install" option, hit enter and then hit "yes". Close the console. In the VMware Server Web Access, select the FreeBSD Virtual Machine on the left panel and hit the red "stop" sign at the top. Then hit the green "play" sign and return in the console. Your FreeBSD system should boot normally.

6. Mounting a shared folder using Samba

It's very convenient to be able to easily and quickly share files between your Windows and FreeBSD machine.

First of all, share a folder on your Windows machine (ex: share). It can be any folder, just share it normally. Then choose a mount point for that folder on your FreeBSD (ex: /mnt/share). We're now going to configure your FreeBSD machine so the shared folder will be automatically mounted at boot time.

Here's the sample informations (replace with yours):

Windows machine: win
Windows IP addr: 192.168.0.100
Windows share: share
Windows user: administrator
Windows password: mypass
FreeBSD mount point: /mnt/share (do not forget to create the directory!)

In /etc/nsmb.conf, add:
NOTE: the caps are important


Then in /etc/fstab, add:


NOTE: before rebooting FreeBSD to test, I recommend testing the mounting manually with a command like this:


Finally, reboot your FreeBSD machine and then go check in your mount point (like /mnt/share) if it works! Try creating folders from FreeBSD and from Windows and verify if it's working correctly. If it's not, the problem is probably on the authentication side.

7. Starting the virtual machine automatically

One other great VMware Server feature is the ability to start virtual machines automatically when you boot Windows.

To configure this, in the VMware Server Web Access, click on your Windows machine name on the left panel, and then click on "Edit Virtual Machine Startup/Shutdown Settings". Select your FreeBSD virtual machine and click "Move Up" to put it in the "Any Order" category.

Conclusion

You now have a FreeBSD virtual machine, acting just like if it was a real server sitting somewhere in your house! Virtual machines are great for development and testing. Please let me know if you have any problems getting this tutorial working!

View 1 Comment(s)

Step 1 - Download and install VirtualBox

VirtualBox is a general-purpose full virtualizer for x86 hardware. It allows running any flavor Unix system on a Windows box.

You can download the latest version of VirtualBox for Windows Hosts here

Step 2 - Download FreeBSD 6

Download the single-file dvd iso here FreeBSD 6.4 download repository

Download 7-zip and extract the 6.4-RELEASE-i386-dvd1.iso.gz file to a folder on your machine

Step 3 - Create a new FreeBSD VirtualBox machine

Create a new VirtualBox machine, selecting BSD as the operating system and FreeBSD as the version.



Click Next to accept all defaults, but when you get to the 'Virtual Disk Location and Size' screen, change the disk size to 50GB.

Double-click the new machine to start it.

Step 4 - Install FreeBSD on new Virtual Machine

You will be greeted with a 'Welcome to the first run' wizard.

A 'Select Installation Media' screen will then popup. Pick the 'Image File' option, click the icon and locate the folder on your machine where you previously saved the FreeBSD iso file.



Click next a few times, keeping all default options.

FreeBSD install will boot in the VirtualBox

Select OK for United States
Select Standard Installation
Click A for 'Use Entire Disk', followed by Q
Click Enter for BootMgr
Click A for 'Auto Defaults', followed by Q
Select option 4 (Developer) and Yes to install ports
Select 1 for Install from CD

You will see a message saying All file information saved successfully. FreeBSD install will then begin running.

Step 5 - Configuration

Select YES to configure Ethernet network devices and pick your Ethernet card on the next screen

Select YES for DHCP

Select NO for network gateway and NO for iNetD

Select YES to enable SSH login

Select NO for FTP and NFS server/client

Select NO for all remaining questions

Pick a password for your root user

From the VirtualBox menu, select Devices - then Unmount CDRom

Enter X to exit install and reboot the FreeBSD virtual machine

View 1 Comment(s)