CentOs 6.5 bind 9 hide version

To hide real bind 9 version add directive to /etc/named.conf configuration file.

Inside options { }; block add version directive:
version “BIND custom version”;

To check bind version using dig utility:

# dig chaos txt version.bind @NS_Server_IP

where NS_Server_IP your name server IP or host name

How to archive git repository to zip file

To archive master branch of git repository into zip file the following commands can be used:

# cd /path/to/repository
# git archive --format zip --output /path/to/backup/repository_backup.zip master

To view list of archived files use command:

# unzip -l /path/to/backup/repository_backup.zip

I have described viewing zip files in my post List files and folders inside Java jar archive.

OpenSSL how to decode SSL certificate file

To decode SSL certificate the following command can be used:

# openssl x509 -in shkodenko.crt -noout -text

Example command output:

# openssl x509 -in COMODORSADomainValidationSecureServerCA.crt -noout -text |more

Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:2e:6e:ea:d9:75:36:6c:14:8a:6e:db:a3:7c:8c:07
Signature Algorithm: sha384WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
Validity
Not Before: Feb 12 00:00:00 2014 GMT
Not After : Feb 11 23:59:59 2029 GMT
Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:8e:c2:02:19:e1:a0:59:a4:eb:38:35:8d:2c:fd:
01:d0:d3:49:c0:64:c7:0b:62:05:45:16:3a:a8:a0:
c0:0c:02:7f:1d:cc:db:c4:a1:6d:77:03:a3:0f:86:
f9:e3:06:9c:3e:0b:81:8a:9b:49:1b:ad:03:be:fa:
4b:db:8c:20:ed:d5:ce:5e:65:8e:3e:0d:af:4c:c2:
b0:b7:45:5e:52:2f:34:de:48:24:64:b4:41:ae:00:
97:f7:be:67:de:9e:d0:7a:a7:53:80:3b:7c:ad:f5:
96:55:6f:97:47:0a:7c:85:8b:22:97:8d:b3:84:e0:
96:57:d0:70:18:60:96:8f:ee:2d:07:93:9d:a1:ba:
ca:d1:cd:7b:e9:c4:2a:9a:28:21:91:4d:6f:92:4f:
25:a5:f2:7a:35:dd:26:dc:46:a5:d0:ac:59:35:8c:
ff:4e:91:43:50:3f:59:93:1e:6c:51:21:ee:58:14:
ab:fe:75:50:78:3e:4c:b0:1c:86:13:fa:6b:98:bc:
e0:3b:94:1e:85:52:dc:03:93:24:18:6e:cb:27:51:
45:e6:70:de:25:43:a4:0d:e1:4a:a5:ed:b6:7e:c8:
cd:6d:ee:2e:1d:27:73:5d:dc:45:30:80:aa:e3:b2:
41:0b:af:bd:44:87:da:b9:e5:1b:9d:7f:ae:e5:85:
82:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4

X509v3 Subject Key Identifier:
90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: X509v3 Any Policy
Policy: 2.23.140.1.2.1

X509v3 CRL Distribution Points:

Full Name:
URI:http://crl.comodoca.com/COMODORSACertificationAuthority.crl

Authority Information Access:
CA Issuers – URI:http://crt.comodoca.com/COMODORSAAddTrustCA.crt
OCSP – URI:http://ocsp.comodoca.com

Signature Algorithm: sha384WithRSAEncryption
4e:2b:76:4f:92:1c:62:36:89:ba:77:c1:27:05:f4:1c:d6:44:
9d:a9:9a:3e:aa:d5:66:66:01:3e:ea:49:e6:a2:35:bc:fa:f6:
dd:95:8e:99:35:98:0e:36:18:75:b1:dd:dd:50:72:7c:ae:dc:
77:88:ce:0f:f7:90:20:ca:a3:67:2e:1f:56:7f:7b:e1:44:ea:
42:95:c4:5d:0d:01:50:46:15:f2:81:89:59:6c:8a:dd:8c:f1:
12:a1:8d:3a:42:8a:98:f8:4b:34:7b:27:3b:08:b4:6f:24:3b:
72:9d:63:74:58:3c:1a:6c:3f:4f:c7:11:9a:c8:a8:f5:b5:37:
ef:10:45:c6:6c:d9:e0:5e:95:26:b3:eb:ad:a3:b9:ee:7f:0c:
9a:66:35:73:32:60:4e:e5:dd:8a:61:2c:6e:52:11:77:68:96:
d3:18:75:51:15:00:1b:74:88:dd:e1:c7:38:04:43:28:e9:16:
fd:d9:05:d4:5d:47:27:60:d6:fb:38:3b:6c:72:a2:94:f8:42:
1a:df:ed:6f:06:8c:45:c2:06:00:aa:e4:e8:dc:d9:b5:e1:73:
78:ec:f6:23:dc:d1:dd:6c:8e:1a:8f:a5:ea:54:7c:96:b7:c3:
fe:55:8e:8d:49:5e:fc:64:bb:cf:3e:bd:96:eb:69:cd:bf:e0:
48:f1:62:82:10:e5:0c:46:57:f2:33:da:d0:c8:63:ed:c6:1f:
94:05:96:4a:1a:91:d1:f7:eb:cf:8f:52:ae:0d:08:d9:3e:a8:
a0:51:e9:c1:87:74:d5:c9:f7:74:ab:2e:53:fb:bb:7a:fb:97:
e2:f8:1f:26:8f:b3:d2:a0:e0:37:5b:28:3b:31:e5:0e:57:2d:
5a:b8:ad:79:ac:5e:20:66:1a:a5:b9:a6:b5:39:c1:f5:98:43:
ff:ee:f9:a7:a7:fd:ee:ca:24:3d:80:16:c4:17:8f:8a:c1:60:
a1:0c:ae:5b:43:47:91:4b:d5:9a:17:5f:f9:d4:87:c1:c2:8c:
b7:e7:e2:0f:30:19:37:86:ac:e0:dc:42:03:e6:94:a8:9d:ae:
fd:0f:24:51:94:ce:92:08:d1:fc:50:f0:03:40:7b:88:59:ed:
0e:dd:ac:d2:77:82:34:dc:06:95:02:d8:90:f9:2d:ea:37:d5:
1a:60:d0:67:20:d7:d8:42:0b:45:af:82:68:de:dd:66:24:37:
90:29:94:19:46:19:25:b8:80:d7:cb:d4:86:28:6a:44:70:26:
23:62:a9:9f:86:6f:bf:ba:90:70:d2:56:77:85:78:ef:ea:25:
a9:17:ce:50:72:8c:00:3a:aa:e3:db:63:34:9f:f8:06:71:01:
e2:82:20:d4:fe:6f:bd:b1
[root@server ~]#

Connect to remote MySQL server via SSH tunnel

To connect to remote MySQL server via SSH tunnel run commands:

# ssh -L 3307:1.2.3.4:3306 taras@1.2.3.4

Where 3307 local port, 1.2.3.4 remote MySQL server IP, 3306 remote MySQL port, taras – valid SSH user name.

To check if tunnel connection has been set up:

# lsof -i :3307

Connect to remove MySQL server using local SSH tunnel:

# mysql --port 3307 -h 127.0.0.1 -u db_user -p db_name

Debian 7 IPTables set up

To set up persistent IPTables rules on Debian GNU/Linux 7 (wheezy)
install package using command:

# apt-get install iptables-persistent

Save current IPTables rules using command:

# /etc/init.d/iptables-persistent save

Edit /etc/iptables/rules.v4 file for IPv4 and
/etc/iptables/rules.v6 for IPv6 rules.

To apply new rules run command:

# /etc/init.d/iptables-persistent reload

Loading iptables rules… IPv4… IPv6…done.

To view current IPTables rules:

# iptables -vnL --line-numbers |more

Git edit remote origin URL

To edit remote origin URL in Git configuration file can be edited:

# more /home/taras/.git/config

[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote “origin”]
url = ssh://git@bitbucket.org/podlom/example.git
fetch = +refs/heads/*:refs/remotes/origin/*

#

Where url = ssh://git@bitbucket.org/podlom/example.git new example path.

To check new settings use command:

# git remote -v

origin ssh://git@bitbucket.org/podlom/example.git (fetch)
origin ssh://git@bitbucket.org/podlom/example.git (push)

#

Create second MySQL database and give privileges to one user

To create second MySQL database and give privileges to the same user the following commands can be used:

# mysql -h localhost -u root -p
mysql> SHOW CREATE DATABASE `database_name`;
mysql> CREATE DATABASE `database_name2` /*!40100 DEFAULT CHARACTER SET utf8 */;
mysql> SHOW GRANTS FOR database_user;
mysql> GRANT ALL PRIVILEGES ON `database\_name2`.* TO 'database_user'@'%';
mysql> FLUSH PRIVILEGES;
mysql> SHOW GRANTS FOR database_user;
mysql> quit;

SHOW CREATE DATABASE `database_name`; will show first MySQL create database DDL SQL query.

CREATE DATABASE `database_name2` /*!40100 DEFAULT CHARACTER SET utf8 */; will create second MySQL database.

SHOW GRANTS FOR database_user; is used to view current user grants.

GRANT ALL PRIVILEGES ON `database\_name2`.* TO ‘database_user’@’%’; grant all privileges to newly created database;

FLUSH PRIVILEGES; will apply new user privileges.

SHOW GRANTS FOR database_user; is used to view updated user privileges;

quit; to exit MySQL client program.

Connect to remote host via ssh proxy

To connect to remote server via ssh proxy use can use the following sequence of commands:

# lsof -i :2222
# ssh -f proxy_user@proxy_host -L 2222:destination_host:22 -N
# ssh -p 2222 destination_user@localhost

If TCP port 2222 is free you will not see any output. So you can use it for SSH proxied connection.

proxy_user – SSH user on SSH proxy server proxy_host.

destination_host – IP or host name of remote server where should we connect using proxy_host server as SSH proxy.

destination_user – SSH user on destination_host server.