Translating Apache’s SSL Cipher Suite Directive

Posted on January 28, 2013 by vicki

You can translate that to a readable list of algorithms with this command: openssl ciphers -v ‘ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP’

Read more on this site: http://unhandledexpression.com/2013/01/25/5-easy-tips-to-accelerate-ssl/

Posted in Linux, OPENSSL and TLS | Comments Off on Translating Apache’s SSL Cipher Suite Directive

Timezones in MySQL

Posted on January 22, 2013 by vicki

Timezone
[root@server02 ~]# date 
Fri Feb 24 02:11:38 CST 2012
MySQL time-zone:
mysql> show global variables like ‘%time_zone%’;

+——————+——–+

| Variable_name | Value |

+——————+——–+ 

| system_time_zone | CST |

| time_zone | SYSTEM |

+——————+——–+

2 rows in set (0.00 sec)

mysql> show variables like ‘%time_zone%’;

+——————+——–+

| Variable_name | Value |

+——————+——–+

| system_time_zone | CST |

| time_zone | SYSTEM |

+——————+——–+

2 rows in set (0.00 sec)

The MySQL timezone is inherited from the server’s timezone.

PHP timezone is CST (also inherited from the server timezone).

[root@server02 ~]# php 2>/dev/null


< ?php 
echo date_default_timezone_get(); 
?>

America/Chicago

Posted in Linux | Comments Off on Timezones in MySQL

testing your site

Posted on January 17, 2013 by vicki

Here are a couple of websites you can use to verify whether the site slowness is common for most clients or just your local network.

http://host-tracker.com/
http://internetsupervision.com

Posted in Linux | Comments Off on testing your site

How to check sessions

Posted on January 16, 2013 by vicki

#Add this script to the DocRoot and browse to it. The session_id shouldn’t change if it is preserving sessions

< ?php
// DONT FORGET TO CHECK FOR VARNISH RUINING EVERYTHING
ini_set( ‘display_errors’, 1);
session_start();

echo ‘HOSTNAME: ‘ . gethostname() . ‘ ‘;
echo ‘SESSION: ‘ . session_id() . ‘ ‘;

if (isset($_SESSION[‘counter’])) {
$_SESSION[‘counter’]++;
} else {
$_SESSION[‘counter’] = 1;
}

echo ‘
DUMP SESSION:
‘;
echo ‘

';
print_r($_SESSION);
echo '

‘;

phpinfo();
?>

Posted in Linux | Comments Off on How to check sessions

SSH Agent stuff

Posted on January 10, 2013 by vicki

Use the -i option to specify a new key

ssh -i newkey root@108.166.84.188

How to strip a passphrase from an openssl key

cp filename.key filename.key.encrypted
openssl rsa -in filename.key -out filename.key.nopass
cp filename.key.nopass filename.key

How to add or change a passphrase to an openssl key

If you created an openssl key without a password or if you need to change the password:

ssh-keygen -p -f ~/.ssh/id_rsa

———————————————————————————————–

Starting the SSH Agent

There are two ways to start the ssh-agent. Either will do the trick.

Start the ssh-agent using backquotes to pass information about the agent back to the shell.

`eval ssh-agent` runs an ssh-agent by forking a process off your current
login shell. It outputs some commands to set environment variables:
SSH_AUTH_SOCK or SSH2_AUTH_SOCK and SSH_AGENT_PID or SSH2_AGENT_PID. The eval part causes the shell to interpret the commands output by
ssh-agent, thereby setting the environment variables. (If you leave off
the eval, you’ll see the output.) The problem is that, because it got
forked, it is inaccessible to the shell and keeps running until killed
manually. And even then the environment variables remain set until you
unset them.

Start the ssh-agent and spawn a subshell.

ssh-agent bash
(ssh-agent /bin/sh, ssh-agent /bin/csh, ssh-agent $SHELL, ssh-agent
my-shell-script all work too btw)

With this method, the ssh-agent process runs in the foreground, spawning
a subshell and setting the environment variables up automatically. The
rest of the login session runs in the subshell. When the shell is killed
the cleanup is done automatically. Of course, any background processes
run before initiating the ssh-agent in this way are not accessible from
within the subshell.

1) Add root’s identity
ssh-agent bash
(ssh-agent /bin/sh, ssh-agent /bin/csh, ssh-agent $SHELL, ssh-agent
my-shell-script all work too btw)
2) Add the ssh key to the agent
ssh-add ~/.ssh/id_root_dsa
3) Log onto a machine setup to use ssh-keys
ssh -2 -A root@$MACHINENAME

Copying data from one machine to a tape drive on another.

1) Add root’s identity
ssh-agent bash
(ssh-agent /bin/sh, ssh-agent /bin/csh, ssh-agent $SHELL, ssh-agent
my-shell-script all work too btw)
2) Add the ssh key to the agent
ssh-add ~/.ssh/id_root_dsa
3) Pipe the output of tar to a machine setup to use ssh-keys

tar zcvf – /scratch/vickistan/cl-pdk/ |ssh -A root@$MACHINENAME “cat > /dev/nst2″

 

Posted in Linux, SSH | Comments Off on SSH Agent stuff

Webmin foo

Posted on January 9, 2013 by vicki

to change the password, use this command:

which changepassword.pl
/usr/libexec/webmin/changepass.pl /etc/webmin root PASSWORD

http://www.webmin.com/faq.html

Posted in Linux | Comments Off on Webmin foo

Using traceroute

Posted on January 7, 2013 by vicki

/Users/vick4522 ==> traceroute vickistan.com
traceroute to vickistan.com (108.166.91.129), 64 hops max, 52 byte packets
1 72.32.115.226 (72.32.115.226) 172.771 ms 83.839 ms 89.278 ms
2 67.192.56.50 (67.192.56.50) 95.320 ms 95.043 ms 92.113 ms
3 coreb.dfw1.rackspace.net (74.205.108.26) 94.737 ms
corea.dfw1.rackspace.net (74.205.108.10) 109.197 ms
coreb.dfw1.rackspace.net (74.205.108.26) 116.713 ms
4 core3.dfw1.rackspace.net (74.205.108.7) 117.443 ms
core3.dfw1.rackspace.net (74.205.108.23) 121.774 ms
core3.dfw1.rackspace.net (74.205.108.7) 134.359 ms
5 108-166-91-129.static.cloud-ips.com (108.166.91.129) 136.568 ms !Z 141.209 ms !Z 149.034 ms !Z

Since Linux uses UDP for trace-routes, this can originate from a –reject-with icmp-host-prohibited rule in the destination host’s firewall. Some Linux distros have this as a default configuration. To fix this you need to reply with –reject-with icmp-port-unreachable on UDP ports 33434 through 33534 instead.

If a packet is not acknowledged within the expected timeout, an asterisk is displayed.

Posted in Linux | Comments Off on Using traceroute

Percona XtraDB Cluster on cloud

Posted on January 3, 2013 by vicki

http://www.percona.com/software/percona-xtradb-cluster

Posted in Linux | Comments Off on Percona XtraDB Cluster on cloud

Cool curl commands

Posted on January 3, 2013 by vicki

Using curl to GET a page

The simplest and most common request/operation made using HTTP is to get a
URL. The URL could itself refer to a web page, an image or a file. The client
issues a GET request to the server and receives the document it asked for.
If you issue the command line

curl http://vickistan.com

you get a web page returned in your terminal window. The entire HTML document
that that URL holds.

curl -w %{time_total},%{size_download}\\n -o /dev/null http://vickistan.com
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 25969 100 25969 0 0 14135 0 0:00:01 0:00:01 –:–:– 25509
1.837,25969

curl –form upload=@testfile –form press=OK https://vickistan.com/wp-admin/post-new.php

If you need to pass credentials:

curl -u username:password http://URL

http://curl.haxx.se/docs/httpscripting.html

Posted in Linux | Comments Off on Cool curl commands

WordPress database error MySQL server has gone away for query blah

Posted on January 2, 2013 by vicki

Edit the php file “wp-db.php” (in the “wp-include/” folder of your WordPress installation) and add

$this->query(“set session wait_timeout=600”);

somewhere in the function “___construct” after the $this->dbhost = $dbhost; and before the $this->dv_connect()
statement.

Reference this link if you need more:

http://dev.mysql.com/doc/refman/5.0/en/gone-away.html

Posted in Linux | Comments Off on WordPress database error MySQL server has gone away for query blah