Config cleanup
A one liner to remove all stale pkg config files on a system after the main programs have been removed.
WARNING: There's no going back so make sure you do want all these config files removed and that they're not being used in any way.
1 | apt-get purge `dpkg -l | awk '/^rc/ {foo = foo $2 " "} END {print foo}'` |
Generating SSL certificates
Generate server private key
The first task is to create a server private key. In this example, a key of 1024 bits is created and the passphrase is encrypted using tripple DES:
openssl genrsa -des3 -out server.key 1024
To create a key without a passphrase (so there is no need to enter a passphrase when the Apache server starts for example):
openssl genrsa -out server.key 1024
or to remove a passphrase in an already existent file:
openssl rsa -in server.key -out server.key.insecure mv server.key server.key.secure mv server.key.insecure server.key
Generate certificate signed request (CSR)
The CSR is the file required by the certificate issuer to sign and issue a certificate and is generated as follows:
openssl req -new -key server.key -out server.csr
This requires certain bits of data to be entered:
Country Name (2 letter code) [AU]: GB State or Province Name (full name) [Some-State]: Yorks Locality Name (eg, city) []: York Organization Name (eg, company) [Internet Widgits Pty Ltd]: BSDnexus Organizational Unit Name (eg, section) []: IT Common Name (eg, YOUR name) []: www.bsdnexus.com Email Address []:
The completed file server.csr is ascii based and can be submitted to the CA in a variety of forms who will then issue the server.crt file
Self signed certificate
If the website is a private one, it is possible to self-sign a certificate, however, this leads to browsers complaining until an exception is applied. Currently, the following pages are displayed by two well known browsers:
Firefox and SSL cert issue
IE and SSL cert issue
SHould you still wish to sign your own CSR to generate the server.crt file, the following command can be used:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Install certificates
The files can be stored anywhere on the system, however, under /etc/ssl seems customary. Ensure the files are only readable by root. If a CA has signed your CSR they will provide two files (names may be slightly different) "server.crt" and "server.ca-bundle". If you have self-signed, merely omit the reference to the .ca-bundle file.
For apache a virtual host entry could look as follows (notice the references to the files):
<VirtualHost _default_:443>
ServerAdmin webmaster@bsdnexus.com
DocumentRoot /usr/local/apache/share/htdocs
ServerName www.bsdnexus.com
SSLEngine on
SSLCertificateKeyFile /etc/ssl/bsdnexus/server.key
SSLCertificateFile /etc/ssl/bsdnexus/server.crt
SSLCertificateChainFile /etc/ssl/bsdnexus/server.ca-bundle
</VirtualHost>Files without comments
Use *awk to remove comment lines that start with a '#' making it easier to view the actual configurations/settings
cat /path/to/file | awk '!/^#/ {print $0}'
[Edit]
To remove the blank lines as well as the comments, alter the awk command to
awk '!/^#|^$/ {print $0}'
Batch convert audio files
Simple one-liner to batch convert one type of audio file to another using ffmpeg. The example converts .ogg to .mp3 files:
for x in *.ogg; do ffmpeg -i "$x" "`basename "$x" .ogg`.mp3"; done
dpkg tips
dpkg is package manager for Debian, and found in most of its derivatives. Programs such as apt and aptitude are front-ends to dpkg. Following are some handy to know dpkg commands.
Package Listing
To display all currently installed packages (including version numbers) or a specfic package:
dpkg -l [package_name]
Package Querying
To show details about a specific package:
dpkg -p {package_name}
To find out which files are installed by a package:
dpkg -L {package_name}
To find out which package installs a particular file:
dpkg -S {/path/to/file | part_of_filename}
Package Removal
To remove a package but retain the configuration files:
dpkg -r {package_name}
To remove a package including the configuration files:
dpkg -P {package_name}
AcerAspireOne Touchpad on Debian
When installing Debian "Testing" on the AcerAspireOne the touchpad does not register a single tap of the pad as a left mouse click. To rectify this add the following line to the file /etc/modprobe.d/psmouse.conf
options psmouse proto=impsAccording to this Ubuntu source, some setups may be better with exps instead of imps.
apt autoclean
To have apt-get/aptitude auto-clean all the downloaded .deb files after running an "update" (to keep as much free space as possible) simply add the following to /etc/apt/apt.conf.d/00autoclean
Aptitude::Autoclean-After-Update;