Search ldap database:
view everything anonymously authenticated
ldapsearch -x -b 'dc=example,dc=com'
-x : unauthenticated
-b : baseDN
-h : host
-p : port (389 normal; 636 secure)
Same as above but more explicit
ldapsearch -x -b 'dc=example,dc=com' '(objectclass=*)'
The test in the parens can be used to restrict the search and return only records for which that test is true. For example, the following will only return the record whose uid is set to joeuser.
ldapsearch -x -b 'dc=example,dc=com' '(uid=joeuser)'
Friday, January 12, 2007
Sunday, January 07, 2007
dm-crypt filesystem encryption
Dependencies needed:
Kernel Setup:
Device Drivers > Multi-device support (RAID and LVM) > Device Mapper Support (dm-mod)
Device Drivers > Multi-device support (RAID and LVM) > Crypt Target Support (dm-crypt)
Cryptographic Options > (Select cyphers .. ex. aes, twofish)
Userspace tools needed:
cryptsetup.sh
libdevmapper
cryptsetup.sh Syntax:
Create crypto physical device (sized by existing partition):
cryptsetup.sh -c aes -h plain -y -b `blockdev --getsize \
/dev/hdb2` create cryptvol1 /dev/hdb2
Copy over data:
http://www.linux.com/article.pl?sid=04/06/07/2036205
http://www.saout.de/misc/dm-crypt/
Kernel Setup:
Device Drivers > Multi-device support (RAID and LVM) > Device Mapper Support (dm-mod)
Device Drivers > Multi-device support (RAID and LVM) > Crypt Target Support (dm-crypt)
Cryptographic Options > (Select cyphers .. ex. aes, twofish)
Userspace tools needed:
cryptsetup.sh
libdevmapper
cryptsetup.sh Syntax:
Syntax: cryptsetup [<OPTIONS>] <action> <name> [<device>]
<OPTIONS>:
-c <cipher> (see /proc/crypto)
-h {plain/<hash>} (see hashalot)
-y (verifies the passphrase by asking for it twice)
-d <file> (read key from file
e.g. /dev/urandom; useful for swap devices.
If set, the parameters -h and -y will be ignored)
-s <keysize> (in bits) (WARNING: in bytes for cryptsetup.sh)
-b <size> (in sectors)
-o <offset> (in sectors)
-p <skipped> (in sectors)
<action> is one of:
create - create device
remove - remove device
reload - modify active device
resize - resize active device
status - show device status
<name> is the device to create under /dev/mapper/
<device> is the encrypted device
Create crypto physical device (sized by existing partition):
cryptsetup.sh -c aes -h plain -y -b `blockdev --getsize \
/dev/hdb2` create cryptvol1 /dev/hdb2
Copy over data:
dd if=/dev/hdb2 of=/dev/mapper/cryptvol1 bs=4khttp://www.linux.com/article.pl?sid=04/06/07/2036205
http://www.saout.de/misc/dm-crypt/
Saturday, January 06, 2007
rsync
Syntax:
-v: verbose
-r: recursive
-a: archive - maintain perms, ownership
-H: Maintain hard links
-x: no recursion into other filesystems
--progress: shows progress info
--numeric-ids: don't translate UID/GIDs; important for backups.
--delete: delete from backup files that no longer exist on server
--exclude-from=file.txt: specifies a file to exclude paths. One path per line.
--delete-excluded: delete files previous backup which are now within exclude list
username@: username on remote host
host:: name of host
/home/userdir: path to backup
Example of simple copy:
rsync -r -e ssh --delete /home/user/ user@host:/backups/
http://www.sanitarium.net/golug/rsync_backups.html
http://linuxgazette.net/104/odonovan.html
rsync -vaHx --progress --numeric-ids --delete \Common options:
--exclude-from=asylum_backup.excludes --delete-excluded \
username@host:/home/userdir/ /backupdir/
-v: verbose
-r: recursive
-a: archive - maintain perms, ownership
-H: Maintain hard links
-x: no recursion into other filesystems
--progress: shows progress info
--numeric-ids: don't translate UID/GIDs; important for backups.
--delete: delete from backup files that no longer exist on server
--exclude-from=file.txt: specifies a file to exclude paths. One path per line.
--delete-excluded: delete files previous backup which are now within exclude list
username@: username on remote host
host:: name of host
/home/userdir: path to backup
trailing slash: backup contents of dir/backupdir: location to backup files
no trailing slash: backup dir
Example of simple copy:
rsync -r -e ssh --delete /home/user/ user@host:/backups/
http://www.sanitarium.net/golug/rsync_backups.html
http://linuxgazette.net/104/odonovan.html
Subscribe to:
Posts (Atom)
