Grep Tips n Tricks

Search includes multiple file patterns

grep --include=*2015-10-06* --include=*20151005* -A5 "record\ product-id" * | grep -B5 value\>Out | grep record\ product-id* | awk -F\" '{print $2}' | sort | uniq
Read More

Random Posts

As the site is still getting redesigned/rebuilt, you may see a lot of random postings. Most of these are from my documentation notes. I may go back at a later time to make it more reader friendly.

Read More

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!

Read More

Locked Accounts

Show how many failures a single user has committed in the last 30 minutes
faillog –u username

Reset the failed login count
faillog –r username

Oracle Linux
pam_tally2 -r -u jvalero

Read More

Linux – X11 Forwarding

Windows

Install Xming

Setup Putty with the following:
Connection > SSH > X11
`-> [X] Enable X11 Forwarding
`-> (o) MIT-Magic_Cookie-1 (not sure if this does anything but it’s enabled for me)

Connection > SSH > Tunnels
`-> [X] Local ports accept connections from other hosts
`-> Remote ports do the same (SSH-2 only)

Once connected using your account, try to start up xclock from the shell. It should load in an Xming (be sure to have this installed) wrapper.

If you need to su to another user, you’ll need to bring your authorization to the other user

  1. Get your auth strings: xauth list
  2. su into the new user
  3. Try to run xclock again and it should give you an error with the display number it is expecting
    • ex: Error: Can’t open display: localhost:10.0
  4. From the list in step 1, enter
    • xauth add COPY-PASTE-STRNIG-HERE
    • ex: xauth add cablut1/unix:10 MIT-MAGIC-COOKIE-1 8158b00728563d71a9d8174a558859eb
  5. Try running xclock again and it should work this time

——Troubleshooting

If you’re getting an error opening the display or wrong authorization, check if the display number is in there twice. Delete any incorrect entries.

Read More

Linux – Restricting Use of Previous Passwords

http://www.puschitz.com/SecuringLinux.shtml#RestrictingUseOfPreviousPasswords

Restricting Use of Previous Passwords
The pam_unix module parameter remember can be used to configure the number of previous passwords that cannot be reused. And the pam_cracklib module parameter difok can be used to specify the number of characters hat must be different between the old and the new password.

In the following example I will show how to tell the system that a password cannot be reused for at least 6 months and that at least 3 characters must be different between the old and new password.

Remember that in the chapter Enabling Password Aging we set PASS_MIN_DAYS to 7, which specifies the minimum number of days allowed between password changes. Hence, if we tell pam_unix to remember 26 passwords, then the previously used passwords cannot be reused for at least 6 months (26*7 days).

Here is an example. Edit the /etc/pam.d/system-auth file and add/change the following pam_cracklib and pam_unix arguments:
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 difok=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow remember=26
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so

NOTE:
If the /etc/security/opasswd doesn’t exist, create the file.
# ls -l /etc/security/opasswd
-rw——- 1 root root 0 Dec 8 06:54 /etc/security/opasswd

Read More