Steps to Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id

ssh-keygen creates the public and private keys. ssh-copy-id copies the local-host’s public key to the remote-host’s authorized_keys file. ssh-copy-id also assigns proper permission to the remote-host’s home, ~/.ssh, and ~/.ssh/authorized_keys.

Step 1: Create public and private keys using ssh-key-gen on local-host

jsmith@local-host$ [Note: You are on local-host here]

jsmith@local-host$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is:
33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith@local-host

Step 2: Copy the public key to remote-host using ssh-copy-id

jsmith@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
jsmith@remote-host's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Note: ssh-copy-id appends the keys to the remote-host’s .ssh/authorized_key.

Step 3: Login to remote-host without entering the password

jsmith@local-host$ ssh remote-host
Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
[Note: SSH did not ask for password.]

jsmith@remote-host$ [Note: You are on remote-host here]


The above 3 simple steps should get the job done in most cases.

How to create custom service for Centos 7

Create a script like :

[Unit]

 

Description = FaradCrmService

 

After = network.target

 

[Service]

 

ExecStart = /var/opt/jdk1.8.0_91/bin/java -jar /root/software/fia/farad-1.5.4.RELEASE.jar

 

[Install]

 

WantedBy = multi-user.target

 

Put the script into -> /usr/lib/systemd/system/farad.service

or in /etc/systemd/system/ (change the symbolic link)

create a symbolic link like this : ln -s /usr/lib/systemd/system/farad.service /etc/systemd/system/multi-user.target.wants/farad.service

enable the service : systemctl enable farad.service

start the service : service farad start

if modify the script, reload it with : systemctl daemon-reload

check it status : systemctl status farad.service

Apache not start : device: AH01760: failed to create lock (client_lock)

This’s very likely that Apache leaving a bunch of stray semaphore sets
lying around after an attempted restart of apache.

you can use the following commands to check:
#ipcs -s | grep apache

and use the following to kill:
ipcs -s | grep apache | awk ‘ { print $2 } ‘ | xargs -n 1 ipcrm -s

use the username you starts apache (e.g., specified by “User” directive)
instead of ‘apache’ in the commands.

Device: AH01760: failed to create lock (client_lock) – all nonce-count checking, one-time nonces, and MD5-sess algorithm disabled

Now, in almost all cases, Apache should start properly. If it doesn’t, you may just be completely out of available semaphores. You may want to increase your available semaphores, and you’ll need to tickle your kernel to do so. Add this to /etc/sysctl.conf:

And then run sysctl -p to pick up the new changes.

 

Apache Httpd web page authentication

this command for create user and password access file:
htpasswd -c /etc/httpd/conf/.htpasswd xxxx

chown root:apache /etc/httpd/conf/.htpasswd
chmod 640 /etc/httpd/conf/.htpasswd

Is possible generate the row to add to the file /etc/httpd/conf/.htpasswd from here

htpasswd [ -c ] [ -i ] [ -m | -B | -d | -s | -p ] [ -C cost ] [ -D ] [ -v ] passwdfile username

htpasswd -b [ -c ] [ -m | -B | -d | -s | -p ] [ -C cost ] [ -D ] [ -v ] passwdfile username password

htpasswd -n [ -i ] [ -m | -B | -d | -s | -p ] [ -C cost ] username

htpasswd -nb [ -m | -B | -d | -s | -p ] [ -C cost ] username password

 

In my vhost configuration file:

ServerName sm.saic.it
RewriteEngine On
DocumentRoot /usr/local/sendmailanalyzer/www
Options ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex sa_report.cgi
<Directory “/usr/local/sendmailanalyzer/www”>
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/httpd/conf/.htpasswd
Require valid-user

# Apache 2.4
# Require all granted
#Require host example.com

# Apache 2.2
Order deny,allow
#Allow from all
#Allow from 127.0.0.1
#Allow from ::1
# Allow from .example.com

 

How to test if the email address exists

Source Link

To check if user entered email mailbox.does.not.exist@webdigiapps.com really exists go through the following in command prompt on windows / terminal on mac. The commands you type in are in green and the server response is in blue. Please refer to MAC & PC screenshots towards the end of this post.

Step 1 – Find mail exchanger or mail server of webdigiapps.com

COMMAND:
nslookup -q=mx webdigiapps.com
RESPONSE:
Non-authoritative answer:
webdigiapps.com mail exchanger = 0 mx2.sub3.homie.mail.dreamhost.com.
webdigiapps.com mail exchanger = 0 mx1.sub3.homie.mail.dreamhost.com.

Step 2 – Now we know the mail server address so let us connect to it. You can connect to one of the exchanger addresses in the response from Step 1.

COMMAND:
telnet mx2.sub3.homie.mail.dreamhost.com 25
RESPONSE:
Connected to mx2.sub3.homie.mail.dreamhost.com.
Escape character is ‘^]’.
220 homiemail-mx7.g.dreamhost.com ESMTP

COMMAND:
helo hi
RESPONSE:
250 homiemail-mx8.g.dreamhost.com

COMMAND:
mail from: <youremail@gmail.com>
RESPONSE:
250 2.1.0 Ok

COMMAND:
rcpt to: <mailbox.does.not.exist@webdigiapps.com>
RESPONSE:
550 5.1.1 <mailbox.does.not.exist@webdigiapps.com>: Recipient address rejected: User unknown in virtual alias table

COMMAND:
quit
RESPONSE:
221 2.0.0 Bye

Screenshots – MAC Terminal & Windows

MAC email verification
Windows email verification

NOTES:

1) the 550 response indicates that the email address is not valid and you have caught a valid but wrong email address. This code can be on the server and called on AJAX when user tabs out of the email field.  The entire check will take less than 2 seconds to run and you can make sure that the email is correct.
2) If email was present the server will respond with a 250 instead of 550
3) There are certain servers with a CATCH ALL email and this means all email address are accepted as valid on their servers (RARE but some servers do have this setting).
4) Please do not use this method to continuously to check for availability of gmail / yahoo / msn accounts etc as this may cause your IP to be added to a blacklist.
5) This is to supplement the standard email address javascript validation.