Debian/Ubuntu Remote desktop – TightVNC & LXDE

So you want the most (could be wrong 😀 ) lightweight X remote system for your Debian – Ubuntu server.
Read on for Light desktop installation on Debian and remote control with TightVnc.

Installation
Update and upgrade the system
lol@rofl:~# apt-get update
lol@rofl:~# apt-get upgrade

Install X, LXDE  and VNC
lol@rofl:~# apt-get install xorg lxde-core tightvncserver

It will probably install some 200mb worth of packages on your hard drive, but nowadays that’s hardly a problem with Terra sized drives.
So answer yes when asked 🙂

Initialize the tightvnc server to create a new config file
lol@rofl:~# tightvncserver :1

You are then prompted for a new password in order to access your remote desktop.
Repeat your password and and don’t worry when (and if) you see a :
–Warning: password truncated to the length of 8–
VNC like servers truncate the hardcore password you supply it with to the first 8 characters you enter
VNC uses a DES-encrypted challenge-response scheme, where the password is limited by 8 characters!

Answer no when prompted for a view only password, unless you want such an option

Kill the VNC
lol@rofl:~# tightvncserver -kill :1

# Edit config file to start session with LXDE:
lol@rofl:~# vi ~/.vnc/xstartup

# Add this at the bottom of the file:
lxterminal &
/usr/bin/lxsession -s LXDE &

# Restart VNC
lol@rofl:~# tightvncserver :1

Install chromium if you don’t already have it
lol@rofl:~# apt-get install chromium-browser

Your browser is now ready!

Security
Take good note that the following command
lol@rofl:~# tightvncserver :1
Does actually allow the VNC daemon to listen to port 5901.
All traffic is unencrypted, except for the session password, which is a no – no (unless its the laptop on your basement with no outside access.

So in order to run securelly we shall employ the old faithful shh tunnelling

Start the VNC with listening only to localhost connections (eg. from the server inside only)
lol@rofl:~# tightvncserver -localhost :1

On your local machine open a tunnel while forwarding the port 5901 port at the same time
lol@local-rofl:~# ssh -f -N -L 5901:localhost:5901 [email protected]

Now on your local VNC client you invoke the connection to your newly created remote desktop, supply the password and Voilla you are in 😀
[email protected]:5901

NOTES
Have a pick on your system default “apps”
lol@rofl:~# update-alternatives --get-selections

NOT ADVISED
if you want to run root (commando mode) ont he interwebs here is how (at your own risk, you have been warned)

lol@rofl:~# chromium –user-data-dir %U
or update your short cut to include the –user-data-dir %U directive

What if, for some hideous reason you want to use your mobile or some other evil contraption to view your remote desktop.
You can change the the VNC resolution to match that of you device by issuing the following command
lol@rofl:~# vncserver -geometry 800×600

Resources :
LXDE FAQ – http://wiki.lxde.org/en/LXDE:Questions#Change_default_browser
TightNVC FAQ – http://www.tightvnc.com/faq.html#howsecure
How to port forward using PUTTY  – http://www.cs.uu.nl/technical/services/ssh/putty/puttyfw.html

That’s all Folks!

Downgrade PHP 5.4 to PHP 5.3

So you got your fresh Debian 7 installed and realized in terror that it ships with PHP 5.4!

Most of the popular CMS out there are not ready for the changes in php core yet so you actually need to downgrade php 5.4 to php 5.3.
Here is how :

Most of the commands are self explanatory so you could just just copy & paste them into cli.

Edit the /etc/apt/sources.list file

vi /etc/apt/sources.list

and add the old Debian 6 repositories

deb http://ftp.us.debian.org/debian/ squeeze main contrib non-free
deb-src http://ftp.us.debian.org/debian/ squeeze main contrib non-free

save the file

Create the /etc/apt/preferences.d/preferences file that will allow us to “pin” the older php packages to whatever we like.
vi /etc/apt/preferences.d/preferences

and insert the packages you need to have downgraded to previous version
usually the following are enough but modify further if needed

Package: php5*
Pin: release a=oldstable
Pin-Priority: 700

Package: libapache2-mod-php5
Pin: release a=oldstable
Pin-Priority: 700

Package: libapache2-mod-php5
Pin: release a=oldstable
Pin-Priority: 700

Package: php-pear
Pin: release a=oldstable
Pin-Priority: 700

Package: *
Pin: release a=stable
Pin-Priority: 600

Now remove the pre-installed php 5.4 and all its dependencies with the following command
aptitude remove `dpkg -l | grep php| awk '{print $2}' |tr "\n" " "`

Update the apt-get so we it can find the older php version
apt-get update

Tell the system to install the version we want and previously pinned in the preferences file
apt-get -t oldstable install `dpkg -l | grep php5| awk '{print $2}' |tr "\n" " "`

Confirm success with the following
dpkg -l | grep php

Restart apache
/etc/init.d/apache2 restart

And there you have it! Brand old php 5.3 in Debian 7 :
Greeeat succeeeess!

borat_great_success

SSH με χρήση κλειδιών – Passwordless SSH

SSH με χρήση κλειδιών

Για να συνδεόμαστε σε ενα σύστημα με SSH χώρις να χρειάζετε να πληκτρολογούμε καθε φορά κωδικό(remote backup πχ), κανουμε τα παρακάτω :

  • Το  σύστημα απο το οποίο κάνουμε/ξεκινάμε την συνδεση θα αναφέρεται απο εδω κ στο εξης ως client.
  • Ομοίως το συστημα στο οποίο συνδεόμαστε θα αναφέρεται ως server.
  • Οι παρακάτω πληροφορίες λειτουργούν μόνο σε  OpenSSH.
  • Στο παράδειγμα χρησιμοποιούμε DSA keys. Αν θέλουμε RSA keys αντικαθιστούμε το  ‘rsa’ με ‘dsa’.
  • Για να πετύχει  η διαδικασία πρέπει να δωθούν οι εντολές σε Bourne-like κέλυφος (sh, ksh or bash)

Βήματα:

  1. Στον  client εκτελούμε τις παρακάτω εντολές:
  1. $ mkdir -p $HOME/.ssh
  2. $ chmod 0700 $HOME/.ssh
  3. $ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ”

Αυτο θα μας δημιουργήσει 2 αρχεία,

1)      $HOME/.ssh/id_dsa (private key) και

2)      $HOME/.ssh/id_dsa.pub (public key).

  1. Αντιγράφουμε το  $HOME/.ssh/id_dsa.pub στον  server.
  2. Εκτελούμε τα παρακάτω στον server :
  1. $ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
  2. $ chmod 0600 $HOME/.ssh/authorized_keys2

Αναλόγως την έκδοση του που έχουμε OpenSSH ίσως να χρειαστούν και οι παρακάτω εντολές:

$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys

$ chmod 0600 $HOME/.ssh/authorized_keys

  1. Ελέγχουμε την ορθή λειτουργία στον  client δοκιμάζοντας την σύνδεση με τον  server ώς εξής :
  1. $ ssh -i $HOME/.ssh/id_dsa server
  2. Host server
  3. IdentityFile ~/.ssh/id_dsa
  1. (Προεραιτικά) Προσθέτουμε τις παρακάτω γραμμές στο αρχείο $HOME/.ssh/config στον client:

Αυτο μας επιτρέπει να καλουμε το ssh χωρις την χρήση του διακόπτη –i και την διαδρομη του κλειδιού.πχ : ssh root@server

That’s all folks 😀

Mysql Backup – The simple script

There is only ONE  “Golden Rule of IT” : BACK IT UP OR LOOSE IT..

1)There is no such thing as security, be it firewalls, hard drives that spin in the speed of light and have 324 years guarantee or even a pact with western digital’s CEO…When it comes to crucial data stored in databases the only thing you can rely on is a : BACKUP.

2)Testing that the precious backup, you are hiding away in the swiss vault somewhere, is ACTUALLY working will prove beneficial in the long run.

And thats it.

Here is a really simple script that works in virtually every linux distro have come across and produces nice gziped backups of MySql databases.

Enjoy!

################################################################
#!/bin/bash
#18/12/2003
#Simple script to backup a specific database
#Backup script by datetime
#USE AT YOUR OWN RISK
### MySQL Server Login Info ###

DB=”Important_DB_Name_Here”

MUSER=”root”
MPASS=’mypasswd’
MHOST=”localhost”
MYSQL=”$(which mysql)”
MYSQLDUMP=”$(which mysqldump)”
BAK=”/mysqlbackups”
GZIP=”$(which gzip)”
NOW=$(date +”%d-%m-%Y”)

[ ! -d $BAK ] && mkdir -p $BAK

##ACTUAL WORK TAKES PLACE HERE##
FILE=$BAK/Desired_static_namepart-$NOW.gz
$MYSQLDUMP -u $MUSER -h $MHOST –password=$MPASS $DB1 | $GZIP -9 > $FILE

#########################################################################
# Uncomment the following line to delete files older than 10 days in the backup directory
#find  /mysqlbackups/* -mtime +10 -exec rm -f {} \;

#########################################################################