Archive for June, 2010

Lock and Delete SSH Keys for user account

Lets think of a scenario that a user wa using all your critical resources on the remote server via ssh.Now for some reason he is leaving the company.So we need to take all tha access from the user as it is a security risk.So how to do that?please find below the commands to lock and delete a user account on various systems.

The first step is to disable user login using command as follows:

In Linux

# passwd -l userName

In FreeBSD

# pw lock userName

In Solaris / HP-UX UNIX

# passwd -l userName

The next step is to Remove SSH Keys

There are two ways to accompany this task.


in linux/unix environment the ssh keys are stored inside users home direcory.You will find it at


We can simply rename the directory or delete the directory:

#mv /home/userName/.ssh /home/userName/nosshlogin
# rm -rf /home/userName/.ssh 


You can also edit $HOME/.ssh/authorized_keys file and remove public key. This will delete login from user’s computer to your server. Finally, you can always delete user from your system using the pw (FreeBSD) or userdel (Linux / UNIX) command.

Categories: Linux Tags: , , ,

Managing multiple repositories in one subversion server

In my last post I have discussion how to setup a svnserver and create repository.Lets say the devolpers team in your company are working on different projects at the same time.So they need different repositories for different project.In this topic I will show you how to set up multiple repositories in single subvesrion server.

Scenario:-Lets say we have created a repository named repository for a project named project1 and repository name is also project1.Lets say the svn server has hostname svnserver and has user svn. So we can start the svn as

$ svnserve -d -r /project1

Now later project 2 and project 3 wanted to use subversion.These projects are unrelated to the project1 and therefore needs their own repository. So we have to setup multiple repositories.

How to Do?

I would recommend to backup the project1 repository before stepping further and then follow the steps mentioned below.

1.Create a new folder called repositories

$ ssh svn@svnserver
$ mkdir repositories
$ cd repositories

2.Inside the repositories folder create the repositories need for other projects.

$ svnadmin create roject2
$ svnadmin create project3

Now we should have a directory tree structure like below:

|   +---project2
|   |   +---conf
|   |   +---dav
|   |   +---db
|   |   +---hooks
|   |   \---locks
|   \---project3
|       +---conf
|       +---dav
|       +---db
|       +---hooks
|       \---locks

Now all we need to do is move the project1 repository alongside the newer ones. For that we have to stop all instances of svnserve first, and of course notifying everyone working on the project1 project — but the move really will only take a few seconds.

Moving the old repository and restarting the server

$ killall svnserve
$ mv project1 repositories/project1
$ svnserve -d -r /home/svn/repositories

Inetd mode

If you’re using svnserve in inetd mode, most of the above applies directly — you simply adjust the svnserve configuration file in the obvious way to reflect the new repository root.

Repository URLs

The new repository URLs are:

  • svn://svnserver/project1
  • svn://svnserver/project2
  • svn://svnserver/project3

Note that the old URL for the project1 project was svn://svnserver/. This means that anyone with a project1 working copy will have to svn switch it.

$ svn switch --relocate svn://svnserver svn://svnserver/project1

Few TIPS:-

There may be a few scripts kicking around which need to be changed to reflect the new layout:

  • the repository backup script
  • any personal build scripts

Nothing should be hard, but with a very little forwarded planning you’ll see no loss of service. Once you’ve adjusted (if necessary) your backup script, I’d suggest now would be a good time to rehearse the recover-from-backup procedure.

Setting up subversion on unix/linux machine

Subversion is a free/open-source version control system.That is, Subversion manages files and directories, and the changes made to them, over time. It is also known as time machine as you can revert back to any older verion of your data at any time.It has a very pivotal role in code development as it has many features like

1.It keeps track of copy move and delete of fils.

2.It comits the full project ,not the singlefile with commit logs like who comitted.

3.It works across network and all the users can keep their data in a centralized space

4.If some one losts his file or if there is any probem in local computer no need to worry as you can export all your commited work from subvesion.

5.It maintains revision of code in each commit so that you can revert back to your prevous versoin of code reffering to the revision and log.

6.It not only keeps track of your files ,it also keeps track of directories also.

And many more……

The above features I have discussed are basically to make you understand how subverion can help.To know the technical feuture you can refer subersion feature page here.

Setting up subvesion(single instance):-

step-1:Install subversion

You can download your copy of subversion as per your linux/unix distribution from here.

If you want to install from souce you can get the installation guide from here.

As I am using fedora distro I will install using yum

root@host# yum install subversion

Step -2 :Create a folder where your repository will stay.

root@host# $mkdir /repository

step-3:Use svnadmin command to create repo structure

Then we will issue the svnadmin command that creates the structure within this directory that allows us to use it as a repository for files

 root@host# $svnadmin create /repository

This should create a directory structure that looks similar to the following:

root@host# ls -al /repository
total 36
drwxrwxrwx   7 root root 4096 2006-05-19 17:18 .
drwxrwxrwx  14 root root 4096 2006-05-19 17:18 ..
drwxrwxrwx   2 root root 4096 2006-05-19 17:18 conf
drwxrwxrwx   2 root root 4096 2006-05-19 17:18 dav
drwxrwxrwx   2 root root 4096 2006-05-19 17:18 db
-rwxrwxrwx   1 root root    2 2006-05-19 17:18 format
drwxrwxrwx   2 root root 4096 2006-05-19 17:18 hooks
drwxrwxrwx   2 root root 4096 2006-05-19 17:18 locks
-rwxrwxrwx   1 root root  379 2006-05-19 17:18 README.txt

Now that we have a single repository created, we need to allow remote access to it so that users can import their files.

Step-5:- configure svnserve.conf

Go inside conf directory and open svnserve.conf . By deafult guest accounts are allowed write access.To remove the access you need to search for “anon-access”.comment the line by putting a “# ” in the begning.

Step-6:-assign password to the users

In svnserve.conf search for the line containing “password-db = passwd” and uncomment it if commented.Then save svnserve.conf and open the conf/passwd file.You will find a section like below

# harry = harryssecret
# sally = sallyssecret

Below these lines put your username and password like

 kirti = parida

where kirti is the username and parida is the the passwd file and exit.

Step-7:- start the subversion server

To start the subversion server execute the following command from your shell

root@host# svnserve -d -r /repository 

That’s it Your sub version server is up and ready.You can access it by the following link


Special Discussions:

1.If you need to access SVN remotely, by default it runs on port TCP port 3690, so you need to make sure it is open in your firewall.

2.To give different access to different users you can edit the svnserve.conf file and under the general section you can write your rules like below


kirti = write
srikant = read

Where kirti and srikant are users and write or read is their permissions
3.Start Subversion at Startup in quick way:-

In linux to manually start any program edit your /etc/rc.d/rc.local and add that program and the options you want to run on startup.So it will start after all thesystem services started.We can follw that way to start our subversion server .
Step-1:Edit your /etc/rc.d/rc.local file and put something like this in the end

 /usr/local/bin/svnserve -d -r /repository

Done…The next time you will start the server you will get the svn up and running withiut the need to start maually.
It works for sure. But this method have disadvanteges like

a. you can’t manually stop this program at any time just typing /etc/init.d/program stop, or by special Red Hat script – service: service program stop.

b. You can’t activate/deactivate such a program by system tools like chkconfig or setup Red Hat utility. This program will not run correctly according to system ‘run level’.

This method of running program at startup have exactly one advantage – it’s simple

4.Start subversion as a service.

On some systems (like Debian GNU/Linux) this requires us to write an init script so that the server starts up every time the system is rebooted. We would do this by creating a file called svnserve in the /etc/init.d directory, and then editing it to look like the following example file:

#! /bin/sh
DESC="SVN Repository Server Daemon"
test -x $DAEMON || exit 0
OPTIONS="-d -r /cvs/src"
# Get lsb functions
#. /lib/lsb/init-functions
. /etc/default/rcS
start() {
       echo "Starting $DESC... "
       #       echo "Starting $DESC: "
       if ! start-stop-daemon --start --quiet --oknodo --exec $DAEMON -- $OPTIONS
>/dev/null 2>&1; then
               echo $status
               return $status
       log_end_msg 0
       return 0
case "$1" in
       echo "Stopping $DESC: "
       start-stop-daemon --stop --quiet --oknodo --exec $DAEMON
       echo $?
       $0 stop
       sleep 1
       #echo "$NAME."
       echo "Usage: $N {start|stop|restart|force-reload}" >&2
       exit 1
exit 0

Once this file is created and edited to look like the above script, we need to chmod the script to be executable and also set it to startup at boot time:

root@host# chmod +x /etc/init.d/svnserve
root@host# update-rc.d svnserve defaults

Now simply start the service by issuing the following command:

root@host# /etc/init.d/svnserve start
Starting SVN Repository Server Daemon...

We should now be able to connect to the Subversion repository remotely so that we can import files

5.Access subversion using http protocol.

Some times the administers do not want to forward extra port like 3690 used by svn.For that we can access apache through http protocol suing the WebDAV module. From a basic Apache installation, getting WebDAV to work is fairly simple. First, you need to make sure that mod_dav and mod_dav_svn are being loaded in the configuration file for Apache:

LoadModule      dav_module        modules/
LoadModule      dav_svn_module    modules/

Note: In Debian GNU/Linux, the mod_dav is automatically loaded and a part of the Apache2 web server. One simply needs to install the mod_dev_svn module with apt:

root@host# apt-get install libapache2-svn

This will install and automatically configure the module for the Apache2 web server Next we will need to set up a Location directive to point to the repository. In our case, if we want the repository to be referenced with the URL http://IP-ADDRESS/repository, and the repository is located in /repository, you could use the following location directive in the apache2.conf file:

<Location /repository>
  DAV svn
  SVNPath /repository
  AuthType None

Afterwards, simply restart eh Apache2 webserver:

root@host# /etc/init.d/apache2 restart

This will allow us to access the repository remotely with the Subversion client via the webdav protocol. We simply would substitute the svn:// access method with http://.

Note:- Each additional repository that is setup and configured needs its own location directive in the Apache2 configuration file.

Categories: CVS Tags: , , , , ,

Set ,reset ,change or recover mysql passwords without worry

For system and database admins changing myssql password is a essential and risky task.It is very simple but yet very difficult sometimes. You may have the fear of data loss.Also sometimes you will get error like “ mysqladmin:  connect to server at ‘localhost’ failed error: ‘Access denied for user ‘root’@’localhost’ (using password: YES)’. “ So I will discuss in this topic on how to deal with mysql password problems.

There are 2 types of scenario you may face like

1.Changing Password for Normal user

2.Changing root password

To change password of a normal user:-

1.If you know the current password for a normal user then you can cahnge it by following command

 $mysqladmin -u username -p oldpassword password newpassword

EX:-To change password for a user called “kirti” and having password “parida” execute

$mysqladmin -u kirti -p  parida password ranjan

2.if you dont know the password of the normal user then login as root and follow the steps to reset the password.

Step-1:Login to the MySQL server, type the following command at the shell prompt:

$ mysql -u root -p 

Step-2: Use the mysql database (type commands at the mysql> prompt):

 mysql> use mysql; 

Step-3:Change password for a user:

 mysql> update user set password=PASSWORD("newpass") where User='username';

 EX:- mysql> update user set password=PASSWORD("parida123") where User='kirti';

step-4 Reload privileges:

 mysql> flush privileges;
mysql> quit

Note:So what we have done here is MySQL stores usernames and passwords in the user table inside the MySQL database. So we are updating a password using the above method to update or change passwords.

This method you need to use while using PHP or Perl scripting.

To Change the root password:-

N:B-Here I will discuss how to deal with root user.You have to remember that it is not the root user of your system it is root user of mysql database .Both are completely different.

1.If you know the current password for root user then you can cahnge it by using mysqladmin command from your shell

 $ mysqladmin -u root -p oldpassword newpass 

After changing the new password if you will encounter the following error

 Enter password:

 If you get...

 mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: YES)'

then you have to follow the instructions below on how to recover your MySQL password.

2.If you know the current password for root user then you can cahnge it by updating the mysql user table(Recommended as it works in all situation and easy )

step-1: Login to the MySQL server, type the following command at the shell prompt:

 $ mysql -u root -p

step-2 :Use the mysql database (type commands at the mysql> prompt):

 mysql> use mysql;

step-3: Change password for a user:

 mysql> update user set password=PASSWORD("newpass") where User='root';

step-4: Reload privileges:

 mysql> flush privileges;
mysql> quit

Recover root user Password

This is the most critical part of your learnin as this deals with the worst possible scenario in your work.So please carefully follow the instructions.

You can recover a MySQL database server password with the following five easy steps:

Step # 1: Stop the MySQL server process.

Step # 2: Start the MySQL (mysqld) server/daemon process with the –skip-grant-tables option so that it will not prompt for a password.

Step # 3: Connect to the MySQL server as the root user.

Step # 4: Set a new root password.

Step # 5: Exit and restart the MySQL server.

Here are the commands you need to type for each step.As the commands directly affect system services so you need to login as root user(system root user) in your system.

Step # 1 : Stop the MySQL service:

 # /etc/init.d/mysql stop


 Stopping MySQL database server: mysqld.

Step # 2: Start the MySQL server w/o password:

 # mysqld_safe --skip-grant-tables &


 [1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3: Connect to the MySQL server using the MySQL client:

 # mysql -u root


 Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: -fedora_12-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.


Step # 4: Set a new MySQL root user password:

 mysql> use mysql;
mysql> update user set password=PASSWORD("newpassword") where User='root';
mysql> flush privileges;
mysql> quit

Step # 5: Stop the MySQL server:

 # /etc/init.d/mysql stop


 Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/
mysqld_safe[6186]: ended

[1]+  Done                    mysqld_safe --skip-grant-tables

Start the MySQL server and test it:

 # /etc/init.d/mysql start
# mysql -u root -p

Quick way to Reset Forgotten MySQL Root Password

Have you ever forgotten the root password on one of your MySQL servers? If you have forgotten then read below how to reset it quickly..

Log in as root in the system and stop the mysql daemon. Now lets start up the mysql daemon and skip the grant tables which store the passwords.

 $mysqld_safe --skip-grant-tables 

You should see mysqld start up successfully. If not, well you have bigger issues. Now you should be able to connect to mysql without a password.

 $mysql --user=root mysql

 mysql>update user set password=PASSWORD('password') where user='root';
flush privileges;

Now kill your running mysqld, then restart it normally. You should be good to go. Try not to forget your password again.

Changing SSH keygen and SSH port perfectly without mistake

Now I am giong to discuss how to change the ssh keygen and port of your remote server.

It is important as setting of ssh keygen needs expertise and self confidense as it involves lots of risk.If you do it wrongly then you may lost connection to your remote server.Then your headache will start like contacting the hosting service provider or if you have a amazon cloud server you loose alla your data. Ok dont be afraid as now I am going to discuss step by step process on how to change your keygen.

Changing SSH Key:-

  • ssh to your server using good old user name and password
  • do check permissions on your ~/.ssh folder and make sure it is set to 700 or else execute

chmod 700 .ssh

  • do check permissions on your ~/.ssh/authorized_keys file and make sure it is set to 600 or else execute

chmod 600 authorized_keys

  • generate the keys on the server with something like

ssh-keygen -t dsa

(or rsa – read the man pages if your don’t know how to use ssh-keygen )

  • accept the file names it wants to use and give the correct path but make sure you type correct absolute path(/root/.ssh not .ssh)
  • enter a strong passphrase or no paraphrase
  • add the pub key to the authorized_keys file with something like

cat >> .ssh/authorized_keys

  • copy the private key (id_dsa) to your local windows machine (use winscp or sftp or some such tool)
  • NOW open puttygen.exe
  • under actions select “load” and load the id_dsa file
  • enter the passphrase you set when you generated the key on the server. Puttygen will now convert the key to something that putty will understand
  • save that file to something like


  • NOW change your putty settings under “connection > SSH > auth” to use


  • NOW try and connect
  • enter the passphrase when prompted
  • Hurray You’re now connected to the server

Changing SSH server port:-

If you won’t change your production server ssh port then you will find a lot of illegal logins to your server.This can expose your server to high security risk.So you need to change the server SSH key before putting your server online.To change the port please follow the steps as mentioned below.

1. From your terminal session, edit /etc/ssh/sshd_config

            bash-2.05b# vi /etc/ssh/sshd_config

2. Look for the following line:

              #Port 22

3. Change the line so it looks like this:

                Port 2995

4. Save and close the file

5. Load the new configuration by using the RedHat service command

         service sshd reload

Note: you will immediately lose connectivity to your server on the open ssh session you are currently running as the port get changed.

6. Test the connection

              (comp@kirti)(~/Desktop) $ ssh -p 2995

Take note of the -p 2995 flag used when connecting to the server. If you are using OS X or a Linux desktop system like Mandriva or Ubuntu, you’ll need to specify the port number when connecting. If you’re using PuTTy on Windows, you can specify the port number in the profile for you connection and then re-save the profile using the new port.

7.If you have enabled ssh service at startup then please check this also.

vi /etc/xinetd.d/sshd

              service ssh
                disable = no
                socket_type  =  stream
                 type               =  UNLISTED
             port                = 22
             protocol         = tcp
             wait                = no
                user                = root
                server             = /usr/sbin/sshd
                server_args   = -i

Change “port = 22” for the new port 2295 and restart. Now You are safe from hackers those who use port 22 to get illegal entry to your server.

Categories: Linux Tags: , , , ,

Write contents of one file into another using single program……Its beauty of perl

Write contents of one file into another using single program……Its beauty of Perl

Yesterday I was learning Perl file I/O and noticed one magical thing about Perl.Yes its magical as I feel this little program has a lot of capability.I am writing below a small program which can take one file content as input and will push the content to another file.Later I will show how to varriablise the program.

Let’s say I have a file called data1.txt located at C:\test\data1.txt.



 #This is a tutorial to show file handling in perl


 open(INFILE, "C:\\test\\data1.txt") or die "ERROR:canont open file $!";

 open(OUTFILE, ">C:\\test\\data2.txt") or die "ERROR:cannot create file $!"; 



 print OUTFILE  $_;



Now when you will run this program you will find that the contents of data1.txt will be copied to data2.txt.

N:B:-If you want to append the content of a file then you can write the second open() statement as

open(OUTFILE, “>>C:\\test\\data2.txt”);

Now lets say varriablise the program

Modified Program:-


 #This is a tutorial for file handling in Perl with varriablise file-handles


 my $IN = "INFILE";

 my $OUT = "OUTFILE";


 $filename1 = "C:\\test\\data1.txt";

 $filename2 = "C:\\test\\data2.txt";

 open($IN, "$filename1" ) or die "ERROR:cannot open file $!";

 open($OUT, ">$filename2") or die "ERROR:cannot create file $!"; 


 my @totalcount = <$IN>;




 print $OUT $_;



N:B:-Here you can not declare the variable @totalcount before opening the file handle $IN.

Categories: Perl Tags: , , ,

Epic:The most powerfull opensource perl editor

EPIC with Eclipse

Are you looking for a good Perl editor? Gone are the days when Perl programmer have to face tough situations like writing programs either in notepad or vi editor or Emacs .These editors neither have compile option nor have run option and also you have to spend to spend most of your day switching between editor and the command line. Now a lots of editors are there which are dedicated to Perl but I like Eclipse. There are some reasons to like as

1. It’s absolutely free(open source)

2. Its like one editor for multiple languages (You can run java,php,perl etc )

3. You can debug your programs

4. No need to install (runs from source)

You may be wondering how can I edit Perl in eclipse as most of the people know that this editor is used for java only.Yes that’s true but you can install the EPIC plug-in for Eclipse which supports Perl .After installing EPIC you can get all the feature you want to be in a editor like Syntax highlighting,  Source formatter, Perldoc support etc .For more details on features you can refer to the EPIC website here

I will be guiding you through the installation process.

Installation of EPIC:


You will need the following tools before you can make good use of EPIC:

  • Eclipse(I would recommend Eclipse Classic  version)
  • Java (jdk or jre)
  • Perl V5.8.6 or higher (on Windows, use ActivePerl)
  • PadWalker Perl module at CPAN.
  • EPIC (Eclipse Perl Integration), an open source Perl IDE for the Eclipse platform

Installing the EPIC plug-in in Eclipse

Step-1:-Before looking at EPIC,make sure you have perl installed in your system.To know that you can type in your shell or command prompt perl –v.perl interpreter comes with most  UNIX/Linux host. On Windows, you can use the ActivePerl interpreter and set the environmental variable(see below how to set environment varriable).

  • In the next step install  PadWalker module for Perl.
  • Now lunch Eclipse and follow the steps to install the EPIC plugin.

1. Choose Help > check for updates, as shown in Figure 1.

Figure 1. The Software Update window

2.Now you will get the sotware update window like this.

Figure 2. The Software Update window 2

3.Enter the following URL (, as shown in Figure 2 and click on Add.

4.Then select EPIC Main Components and click Next.

5.If any warning comes about security or anything go ahead and say yes.No need to worry.

6. Then follow the on-screen process and install the plug-in.

7.After installation gets over you have to restart eclipse.

Quick configuration

  • After installation you have to know on how you use and work with EPIC plug-in  Before that we will have a look at the preferences panel to get an idea of the sort of facilities that are available when using the plug-in.
  • To access the preferences for EPIC, open the standard Eclipse Preferences Window(Goto Window->Preferences) and choose the Perl EPIC folder from the navigation panel on the left, as shown here in Figure 3.

Figure 3. EPIC Preferences

The preferences are split into sections, starting with the general preferences for the

  • General Preferences — Sets the location of the Perl executable, interpreter, execution model, and the period to wait before the code is checked in the background.
  • Editor — Sets editor preferences, including the colors used for highlighting different components, annotation formats, and so on.
  • Content Assist — Sets the characters that trigger auto-completion.
  • Folding:- The editor supports folding of POD comments and subroutines. On big files source folding can decrease performance. So if you experience slowdowns, disabling source folding might help.
  • Templates — Sets up templates of code that can be inserted directly into your code to speed development time.
  • Source Formatter — Sets formatting preferences.
  • Task Tags — Sets task tags, which are quick notes that take you back to a specific location.

Windows notes

  • When using the EPIC plug-in within Eclipse under Windows, there are some tricks that will improve your interaction between components.
  • If you are using ActiveState’s ActivePerl distribution, change the Perl executable (asset in the General Preference panel) to the absolute path of perl executable(C:\Perl\perl.exe) instead of  wperl.exe(C:\Perl\ wperl.exe) executable. This will prevent a command prompt window being displayed each time when you request for perldoc.
  • If you are using the Cygwin version of Perl, ensure that the mount command, part of the standard Cygwin installation, is available through your system path. You canverify this by checking the values of environment variables.

To check or set environmental variable on window

1. Open the System Control Panel (usually in Start > Control Panels >System, or right-click on My Computer and select Properties).

2. Switch to the Advanced panel.

3. Click Environment Variables. You should be presented with a window like that shown in Figure 4.


Figure 4. System and user environment variables in Windows

4.Check the value of the PATH variable. If the Perl or Cygwin binary directories are not listed, add them to the path value. Individual directories are separated by a semicolon.

Creating projects and files

Creating a new project

Let’s create a new Perl project. Because EPIC provides a new nature, you can

create a new project to build your Perl application.

Create a new project by selecting it from the list of available project types. Choose

File >New > Perl Project. You can see the resulting window in Figure 5.

Figure 5. Creating a new Perl project

Give the project a name and specify the workspace for the project, or simply use the default workspace.

Eclipse should change to the Perl perspective automatically when you create a new

Perl project. The Perl perspective includes a number of specific panels that will help

you as you start to write Perl script.

  • If Eclipse does not automatically switch to the Perl perspective, you can switch to it using Window > Open Perspective and selecting Perl from the list of perspectives.

You can see an example of this perspective in Figure 6, here with some open and

active files and views.

Figure 6. The Perl perspective

You can see from Figure 6 that the perspective includes many different panels

(called Views in Eclipse), including:

Package explorer view — This shows the layout of your project (files,

modules, and scripts).

Outline view for the current file — This shows the list of modules

imported and the list of functions defined within the current file.

Standard editor/file interface — This will show the source individual files

in the project.

Tasks view — This shows a list of registered tasks.

Console view — This is the standard output from your application.

Problems — This view highlights and provides links to errors in your code

within the current project.

Categories: Perl Tags: , , , ,