Friday, March 31, 2006

How to extend Linear RAID device

How to extend Linear RAID
Hello All,
* Please do not try this on Production server. Make sure you can do this or not:)Read More
 Most of all you know that we use linear just like LVM.
 This is my server ...little small though:(
raiddev                 /dev/md0
raid-level              linear    # it's not obvious but this *must* be
persistent-superblock   1    # set this to 1 if you want autostart,
chunk-size              32
nr-raid-disks           2
device                  /dev/hdc3
raid-disk               0
device                  /dev/hda4
raid-disk               1

# Sample raid-1 configuration
raiddev                 /dev/md2
raid-level              0
nr-raid-disks           2
chunk-size              4
device                  /dev/hdc2
raid-disk               0
device                  /dev/hda3
raid-disk                1
Last week this RAID partition got full...suddenly i got mail from boss..:D
That wasnt much funny though.
So I have following procedures and belive me it works..
1. Unmount the raid partition
2. Stop the raid....raidstop /dev/md0
3. Update your /etc/raidtab file ...i have added new partition into it
device        /dev/hdb1
raid-disk    2
2. Dont forget to change nr-raid-disk line.
3. Now give the command
mkraid /dev/md0
It will create a raid can see the 3rd partition is added into a raid array
cat /proc/mdstat
But after this all procedure you have run one more command
resize2fs /dev/md0
Now after mounting that partition you will get know you can successfully extended the RAID partition.


Thursday, March 30, 2006

how to Protect files using encryption in linux

Protecting Files Using Encrypted Containers


Kernel version 2.6.4-rc2 or higher.

KDE version 3.3 or higher must be installed (optional)

Read More

root access for initial setup.

System Configuration

Enable the device-mapper module - this lets you create new logical block devices from portions of existing devices. The block devices then are "mapped" to devices that for our use are treated like normal drive partitions.

Enable dm-crypt – (Crypt Target Support in the kernel configuration menu). dm-crypt is the kernel module used to handle the encryption/decryption using the crypto API available in the 2.6 version kernels.

To use an encrypted container for our files instead of an entire drive or partition, loopback device support also needs to be enabled in the kernel. The loopback device kernel module allows us to use ordinary files as if they were real block devices.

Compile or use module for the encryption type you want to use - AES encryption algorithm is used here but others are available.

Modules needed if compiling:
Device Drivers -> Multi-Device Support (RAID and LVM) -> Device Mapper Support
Device Drivers -> Multi-Device Support (RAID and LVM) -> Crypt Target Support
Device Drivers -> Block Devices -> Loopback Device Support
Cryptographic Options ->

Enable the required modules, compile the kernel and install it.
If you want to use modules dm-mod, dm-crypt and aes-i586
modprobe dm-mod
modprobe dm-crypt
modprobe aes

Now install these two sets of utitlites:
device-mapper utilities – if already installed then /dev/mapper and /dev/mapper/control will already exist.

cryptsetup utility - if the package is already installed /bin/cryptsetup will exist

Creating the Encrypted Container
Reboot with the new kernel (or make sure needed modules are loaded)

Create the container for your files and mount it.
Select a partition with enough space to create the container and make the container large enough for all the files you want in it (including new files!!) – it isn’t possible to increase the container size once created.

Use dd to create the container file
dd if=/dev/random of=/crypt/data.crypt bs=1M count=1024

bs is block size (1MB) and count is size in blocks (1GB 1024 X 1MB Blocks)

Source for the dd command is /dev/random - this makes it impossible to determine how much of the container is being used. It will be stored on /crypt

Create a loopback device using the container file.
If multiple containers are used you have to use a different /dev/loopX device (where X is a unique number)

losetup /dev/loop0 /crypt/data.crypt

Create the encrypted device
I used /dev/random to generate a 32-character random string password that I stored in a file named /home/crypt.key

cat /dev/random > /home/tkey (hit control-c after a second)
cat /home/tkey | cut -b 0-31 > /home/crypt.key
rm /home/tkey
cryptsetup -c aes -d /home/crypt.key create data.crypt /dev/loop0

To mount and use create a filesystem. This creates the ext2 filesystem (others can be used).
Once created mount like a normal drive partition.

mke2fs -j /dev/mapper/data.crypt
mkdir /mnt/encrypted
mount /dev/mapper/data.crypt /mnt/encrypted

Your encrypted device should act the same way that a normal drive partition does.

* You must remember to unmount the device and destroy the loopback setup when finished with the device!

umount /mnt/encrypted
cryptsetup remove data.crypt
losetup -d /dev/loop0

To recap – here’s how to remount the device:

losetup /dev/loop0 /crypt/data.crypt
cryptsetup -d /home/crypt.key create data.crypt /dev/loop0
mount /dev/mapper/data.crypt /mnt/encrypted

Generating ssh key+how to ssh without password

If you've administered any remote Linux machines, then you're probably already familiar with SSH. As you may know, SSH provides secure, encrypted network communication. Utilities like ssh and sftp, which are based on SSH, protect remote login sessions and file transfers, respectively, and have largely subsumed similar but insecure and unencrypted utilities such as ftp, rlogin, rsh, rcp, and telnet. (In fact, if any of your systems still use telnet, put down this magazine at once, go disable telnet, install and enable SSH, and then continue reading.)Read More

The ssh utility is easy to use, but typing passwords again and again is a hassle, and precludes scripting remote access. This month, let's explore a better way to use SSH, using OpenSSH ( and SSH protocol version 2. (If you're using a different SSH suite or protocol version 1, some of this month's instructions may not apply or may need to be modified to suit your version of the software.)

To connect to a remote machine, say, via ssh, simply type:

% ssh

Typically, the remote machine prompts for a password, but you can also configure the remote machine to use public key authentication.

Public key authentication involves a pair of keys: a private key and a public key. The private key is retained on your local system (where it's arguably very safe), and the public key is propagated to remote systems. When you attempt to login in to a remote machine, the (local) private key and the (remote) public key are "combined" by the remote server and verified. If the keys match, the remote server permits and establishes your login or file transfer session.

For SSH protocol version 2, the DSA algorithm is used to generate the private and public keys. The private key is generated into $HOME/.ssh/id_dsa, and the public key is created in $HOME/.ssh/, both on the local host. To use the public key with a remote host, you must append it to $HOME /.ssh/authorized_keys on that host.

Let's go ahead and set that all of that up. First, generate the public and private keys with ssh-keygen, using the command:

[cpde]% ssh-keygen -t dsa[/code]

The command prompts for a passphrase (a password to protect your keys), which you can leave blank for now, and then creates $HOME/.ssh/id_dsa and $HOME/.ssh/, the private and public key, respectively.

Make sure to keep your private key private by changing its mode to "read/write by user only" via:

% chmod 600 $HOME/.ssh/id_dsa

Next, copy the file to the remote server you'd like to log into and append it to $HOME/.ssh/authorized_keys2 on that server. (If that file doesn't exist, you can simply rename to authorized_keys2.) After that file's in place, be sure to set its permissions with chmod 600 authorized_ keys2. If authorized_keys2 is readable by anyone other than you, ssh will refuse to match keys.

You should now be able to login to the machine without a password. If you're unable to login, retry using ssh -v, which prints debugging information. In some cases, the remote server may not permit public-key authentication.

Logging in without a password can be very useful. For instance, it allows you to automate backups and script the execution of remote commands.

With this convenience, however, comes a risk. Since access to the remote machine is now tied to your private key, a compromised key can compromise the remote machine. For an extra level of security, protect your private key with a passphrase. To use a passphrase with public key authentication, follow the exact steps as above, except fill in a passphrase when prompted during the creation of your keys.

If your situation requires you to remember a large number of passphrases, you'll eventually get frustrated having to remember a multitude of machine/passphrase combinations. Luckily, OpenSSH comes with a program named ssh-agent to help manage your keys.

Typing ssh?agent starts the agent and puts it in the background. To add a key, which ssh-agent calls an identity, use ssh-add. By default, ssh-add tries to load $HOME/.ssh/id_dsa (and some others), or you can specify a filename. ssh-add prompts for the passphrase once and then remembers the passphrase until it shuts down. You can see a list of managed identities at any time by typing ssh-add -l.

One drawback to ssh-agent is that it is tied to a login session. To avoid this you may want to look into keychain, which was covered in the August 2002 issue of Linux Magazine (available online at, and works across an entire system.

Backup using rsync

Backup using rsync #!/bin/sh # -- backup to a local drive using rsync
# Directories to backup. Separate with a space. Exclude trailing slash! SOURCES="/home/wendy /home/daisy /var/mail"
Read More

# Directory to backup to. This is where your backup(s) will be stored.
# Exclude trailing slash! TARGET="/mnt/usb-harddrive/backup"
# Your EXCLUDE_FILE tells rsync what NOT to backup. Leave it unchanged if you want
# to backup all files in your SOURCES. If performing a FULL SYSTEM BACKUP, ie.
# Your SOURCES is set to "/", you will need to make use of EXCLUDE_FILE.
# The file should contain directories and filenames, one per line.
# An example of a EXCLUDE_FILE would be: # /proc/ # /tmp/ # /mnt/ # *.SOME_KIND_OF_FILE EXCLUDE_FILE="/path/to/your/exclude_file.txt"
# Comment out the following line to disable verbose output VERBOSE="-v" ########################### if [ ! -x $TARGET ]; then echo "Backup target does not exist or you don't have permission!" echo "Exiting..." exit 2 fi echo "Verifying Sources..." for source in $SOURCES; do echo "Checking $source..." if [ ! -x $source ]; then echo "Error with $source!" echo "Directory either does not exist, or you do not have proper permissions." exit 2 fi done if [ -f $EXCLUDE_FILE ]; then EXCLUDE="--exclude-from=$EXCLUDE_FILE" fi echo "Sources verified. Running rsync..." for source in $SOURCES; do
# Create directories in $TARGET to mimick source directory hiearchy if [ ! -d $TARGET/$source ]; then mkdir -p $TARGET/$source fi rsync $VERBOSE --exclude=$TARGET/ $EXCLUDE -a --delete $source/ $TARGET/$source/ done exit 0


USAGE of su command


Substitute user identity
Run a command with substitute user and group id, allow one user to
temporarily become another user. It runs a command
(often an interactiveshell)
with the real and effective user id, group id, and supplemental
groups of a given USER
Read More


su [*options*]... [*user* [*arg*]...]


`-c *COMMAND*'


Pass *COMMAND*, a single command line to run, to the shell
with a

`-c' option instead of starting an interactive shell.



Pass the `-f' option to the shell. This probably only makes
if the shell run is `csh' or `tcsh', for which the `-f' option

prevents reading the startup file (`.cshrc'). With Bourne-like

shells, the `-f' option disables file name pattern expansion

(globbing), which is not likely to be useful.




Make the shell a login shell. This means the following. Unset all

environment variables except `TERM', `HOME', and `SHELL'
(which are set as described above), and `USER' and
`LOGNAME' (which are

set, even for the super-user, as described above), and set `PATH'

to a compiled-in default value. Change to USER's home directory.

Prepend `-' to the shell's name, intended to make it read its

login startup file(s).




Do not change the environment variables `HOME', `USER',

or `SHELL'. Run the shell given in the environment variable

`SHELL' instead of the shell from USER's passwd entry, unless
user running `su' is not the superuser and USER's shell is

restricted. A "restricted shell" is one that is not listed in the

file `/etc/shells', or in a compiled-in list if that file does not

exist. Parts of what this option does can be overridden by

`--login' and `--shell'.

`-s *SHELL*'


Run *SHELL* instead of the shell from USER's passwd entry, unless

the user running `su' is not the superuser and USER's shell is

restricted (see `-m' just above).

If no USER is given, the default is `root', the super-user.

The shell to use is taken from USER's `passwd' entry, or `/bin/sh' if none
is specified there.

If USER has a password, `su' prompts for the password unless run by a user
with effective user id of zero (the super-user).

By default, `su' does not change the current directory. It sets the
environment variables `HOME' and `SHELL' from the password entry for
and if USER is not the super-user, sets `USER' and `LOGNAME' to USER.

By default, the shell is not a login shell. Any additional ARGs are passed
as additional arguments to the shell.

GNU `su' does not treat `/bin/sh' or any other shells specially (e.g., by
setting `argv[0]' to `-su', passing `-c' only to certain shells, etc.). `su'
can optionally be compiled to use `syslog' to report failed, and optionally
successful, `su' attempts. (If the system supports `syslog'.) However, GNU
`su' does not check if the user is a member of the `wheel' group; see
options above.

*"It was just like Romeo and Juliet, only it ended in tragedy" - Milhouse*

*Related Linux Bash commands*:

chroot <> - Run a command
with a
different root directory
id <> - Print user and group id's
logname <> - Print current
login name

*Equivalent Windows XP commands*:

SU <> - Switch User
In Windows 2000 - RUNAS /USER: CMD.
or in the GUI hold Shift, and right-click on an executable

Secure your server - How to block mac address using iptables

How to block mac address using iptables
to block mac address:-
ComputerName:~# iptables -A INPUT --mac-source 00:0B:DB:45:56:42 -j DROP

Secure you server - Using iptables block unwanted ssh hits

Using iptables block unwanted ssh hits

The iptables firewall has several useful extension modules which can be used to in addition to the basic firewall functionality. One of the more interesting of these extensions is the "recent" module which allows you to match recent connections, and perform simple throttling on incoming connections.

We've previously described keeping SSH access secure by limiting which users can connect, or just firewalling access so that only a small list of trusted IP addresses can connect. In most cases this is sufficient to protect your system.

However there are times when you have to allow arbitary incoming connections, when you are travelling for example.

In these situations you can open up your system to allow incoming connections and be the target of a dictionary attack - literally a machine trying to connect and login over and over again using usernames and passwords from a dictionary.

These attempts will be logged in your /var/log/auth.log file like this:

sshd[x]: Illegal user admin from

sshd[x]: Illegal user test from

sshd[x]: Illegal user guest from

In this situation you can create a collection of firewalling rules which will deny access from remote clients who attempt to connect "too many" times.

If you have an existing firewall in place, using iptables, then adding the rules is very straightforward.

The way the recent module works is fairly straightforward, you basically add IP addresses to a list, which can then be used in the future to test connection attempts against. This allows you to limit the number of connections against either a number of seconds, or connection attempts. In our example we'll do both.

An example is probably the simplest way to illustrate how it works. The following two rules will limit incoming connections to port 22 to no more than 3 attemps in a minute - an more than that will be dropped:

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \


iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \

  --update --seconds 60 --hitcount 4 -j DROP

The --state flag takes a comma seperated list of connection states as an argument, by using " --state NEW" as we did we make sure that only new connections are managed by the module.

The --set parameter in the first line will make sure that the IP address of the host which initiated the connection will be added to the "recent list", where it can be tested and used again in the future i.e. in our second rule.

The second rule is where the magic actually happens. The --update flag tests whether the IP address is in the list of recent connections, in our case each new connection on port 22 will be in the list because we used the --set flag to add it in the preceeding rule.

Once that's done the --seconds flag is used to make sure that the IP address is only going to match if the last connection was within the timeframe given. The --hitcount flag works in a similar way - matching only if the given count of connection attempts is greater than or equal to the number given.

Together the second line will DROP an incoming connection if:

  • The IP address which initiated the connection has previously been added to the list and
  • The IP address has sent a packet in the past 60 seconds and
  • The IP address has sent more than 4 packets in total.

You can adjust the numbers yourself to limit connections further, so the following example will drop incoming connections which make more than 2 connection attempts upon port 22 within ten minutes:

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \


iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \

  --update --seconds 600 --hitcount 2 -j DROP

If you wish to test these rules you can script a number of connection attempts from an external host with the netcat package.

The following script attempts to connect to the IP address 5 times. The first couple of attempts you should see a welcome banner such as "SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4" - after that the script will hang as it's packets are dropped and no response is sent:


for i in `seq 1 5` ; do

  echo 'exit' | nc 22 ;


There's a lot of documentation on the netfilter/iptables firewall, and it's available modules which you can find in the Netfilter Extension HOWTO .

This HOWTO contains documentation on many different modules, along with examples. A recommended read if you're interested in Linux firewalling.

If you wish to experiment with rules and testing it's worth remembering how to remove all active rules. The following commands will flush your iptables filewall, and remove all currently active rules:

iptables -F

iptables -X

Wednesday, March 29, 2006

Guide to WinModem

I. Introduction to Winmodems
II. How do I know I have a WinModem?
III. Drivers
VI. Conclusion
VII. Links

I. Introduction to WinModems

A winmodem is a piece of hardware that is commonly found in notebooks and computers designed for a Windows OS. A winmodem is not a modem! It is much more CPU heavy, and relies on Windows to function. But if you are reading this, I assume you want to get your winmodem working under Linux. This can be done, and there are lots of different ways to do it. In this less-than-complete HOW-TO, I'll outline how I got my Lucent WinModem on my Dell Inspiron 7500 working under Red Hat. Lucent is the most common chipset, so I hope this will be useful to many of you. Of course, these steps can be followed by anyone with any winmodem or distribution (but not with guaranteed results).

II. How do I know that I have a WinModem?

I was still running Windows 98SE when I started on my quest to "cleanse" my notebook of Microsoft, and I simply went to the Control Panel and checked my modem name there. However, I understand this may not be possible for everyone. You can use the Linux command 'dmesg' and look for a line that may resemble your modem. If you do not see one there, then it is probable that you are the owner of a WinModem. Now you should become familiar with the term LinModem, because a WinModem under Linux is what we are working towards in this HOW-TO.

III. Drivers

The first step in getting a functional LinModem is getting a driver. If you are using a distribution that supports RPMs or DEBs then you can take a shortcut. However, under RH9 the RPM drivers never did work for me, so that may be a good start, but there is always a more sound backup: source drivers. Just some notes before I move onto them, when choosing a driver take note of the kernel version and chipset associated with the driver, and make sure they match your system.

Determining chipset: (look for scanModem tool)

Here is a great list of LinModem drivers:

So I headed to the above referenced link, and chose the latest Source driver ( ltmodem-8.26a9.tar.gz at the time of writing this). After downloading it on my Windows machine and transferring it via Memory Key to my Linux notebook (Red Hat 9) I pointed my IE browser to . This is a wonderful page and helped me a great deal. I would recommend following the given instructions, but here I will rundown them in "Reader's Digest" form:

(please read the README, and also make sure you have your kernel source on the harddrive)

cd /home/peace
tar -zxvf ltmodem-8.26a9.tar.gz
insmod lt_modem
insmod lt_serial

Now hopefully that went OK without trouble. If anything did go wrong, check the site and make sure you read everything carefully and followed the directions exactly. If you got an error about kernel headers, than you need to make sure you have the kernel source. This is done in Red Hat by making sure the "Kernel Development" box is checked off under Preferred Applications.


PPP is point-to-point protocol, and it is how you connect to the internet using a dial-up connection. In Red Hat, it is easy to setup; you go to System Settings then Internet Configuration Wizard.

PLEASE NOTE: Your LinModem is /dev/ttyLT0 (that is a zero)!

If you do not have Red Hat, I would recommend testing your new LinModem with minicom. Type 'minicom -s' at the terminal and set your Serial device to /dev/ttyLT0. Then, connect to your ISP and you should hear a nice little success tune when it gets through. After, use this PPP-HOWTO to
get fully connected and setup:

If you cannot for some reason get your LinModem to connect using minicom, please make sure you have the device set to /dev/ttyLT0. This is the most common mistake made by far.

VI. Conclusion

This guide is a exact recreation of how I managed to get my WinModem working under Linux. Hopefully it will help you in some way or another. If it hasn't, than please post a concern/question to the LQ forum associated with this guide, and the community will do it's best to assist you. Also, there is a much more in depth LinModem HOW-TO in the links section. This is too long to read in one sitting, but it is very useful.

VII. Links


PPP: (note chapter 7)

Related LQ Threads:


How to mount an ISO Image

To mount the ISO images, you'll need to have root access. Login as root or use sudo, and execute:

mount -t iso9660 -o loop,user image.iso /wheretomount

Drop ,user if you don't want users to access the iso files.

Hint: You can use cdemu to mount BIN images (It's in portage).

Hint 2: You can use mdf2iso to convert MDF/MDS files to ISO (It's in portage).
(is there a way to mount MDF/MDS without converting it to ISO?)

Hint 3: You can use nrg2iso to convert Nero's .nrg files to ISO (It's in portage). Or you can mount a .nrg file with:

mount -o loop,offset=307200 image.nrg /wheretomount

Monday, March 27, 2006

Resetting Windows Passwords with Knoppix

Inspired by/Information from KNOPPIX HACKS O'REILY book, using captive-ntfs and chntpw utility.

Resetting Lost Windows NT
Passwords with KNOPPIX Linux

You have forgotten a local user password on a Microsoft Windows NT, 2000, XP, 2003 computer. This is especially useful if the forgotten password if for the ?Administrator? account.

What you?ll need:
A copy of KNOPPIX Linux. Any version should do fine, in my example I am using KNOPPIX 3.4 which is actually slightly outdated, but we don?t need any of the newer KNOPPIX features for this example.

User accounts have an interesting history in Windows. The Windows 9x series did offer usernames and passwords, but every user could overwrite every other user?s files, and the system did not offer any real security, If you forgot your password in Windows 9x, resetting it is as simple as deleting a .pwd file with a DOS disk. With Windows NT, 2000, and XP, Microsoft has increased its user security by creating different user accounts on the same system and password that protect them. However, unlike in Windows 9x, if you forget your Administrator password, your only resource is to purchase a tool to reset your Windows password or to reinstall Windows to create a new administrator account. If you have a Knoppix disc, you can download and use the ?chntpw? tool, which is a small program that lets you eset the local passwords on a Windows system, and return to your system.

First step is, obviously, to boot the computer with Knoppix. There are multiple ways to get chntpw, but luckily for us, it?s now part of Debian?s ?unstable? repositories. Since Knoppix is Debian based, we can get the latest .deb file from Download the file to your /home/Knoppix folder. Since most of the Knoppix system is read-only, we can?t directly install the .deb package. Instead, you must convert it to a tar file, and then extract out the chntpw utility. Open up a terminal and run the following commands:

Knoppix@ttyp1[knoppix]$ alien ?to-tgz chntpw_.deb
Knoppix@ttyp1[knoppix]$ tar xvzf chntpw.tgz ./usr/sbin/chntpw
Knoppix@ttyp1[knoppix]$ mv ./usr/sbin/chntpw ./

Once you have finished with these commands, the chntpw utility is in /home/Knoppix and ready to use. Now let?s reset the password!

To reset the password, you must have write permissions on the Windows partition. If you have a FAT or FAT32 Windows partition, this is easy. However, the standard and common file system for Windows NT, 2000, and XP is NTFS. So now I will explain how to mount your Windows partition using ?captive-ntfs?. As of Knoppix 3.4, Captive NTFS is included on the CD. Captive NTFS is actually a process that uses the NTFS drivers that Windows itself uses.
Though it has worked for many people, it is still considered somewhat experimental, and anything of great importance should be backed up prior to use.

Knoppix includes an easy-to-use Captive NTFS wizard which will scan the hardrives for the necessary NTFS .dlls. Access the wizard by K-Menu -> KNOPPIX -> Utilities -> Captive NTFS. Click forward to see a list of the system files that Captive NTFS has already located on your Knoppix system. Click forward again, and the wizard mounts and scans your hard drives for the essential files it needs.

Once Captive NTFS has the module it needs, it activates the OK button even though it continues to scan other directories and partitions for drivers. If you are in a hurry, you can click OK to immediately mount the NTFS partitions. If you wait for the scan to finish, you are prompted with an option to specify locations for drivers, such as a USB flash drive, or click forward to download the drivers from the Windows XP service Pack 1.

Once you are finished with the wizard, you are ready to mount an NTFS partition. Open up a terminal and use the following command:

Knoppix@ttyp1[knoppix]$ sudo mount ?t captive-ntfs ?o uid=Knoppix,gid=Knoppix /dev/hda1 /mnt/hda1

Obviously, replace the name of the partition, if it is not correct. The ?t option is used to specify file-system type, use captive-ntfs to use the NTFS drivers that the captive ntfs wizard previously found. The ?o argument tell mount to make user and group ?knoppix? the owner of this drive. Now that this drive is mounted, you have full read/write access to the drive and the possibly to do unlimited good and evil to your drive.

Make sure to unmount the drive after you?re done to be sure that changes are synced!!!!
Knoppix@ttyp1[knoppix]$ sudo umount /mnt/hda1

Now to continue resetting the password. Once the partition is mounted, we must find the directory containing the SAM file. For Windows 2000 and XP systems, this should be under /winnt/system32/config and /windows/system32/config, respectively. In this example, navigate to /mnt/hda1/windows/system32/config directory. You should see a number of files, including SAM, SYSTEM, and SECURITY that may or may not be in all caps. Now, to reset the ?Administrator? password, do the following:

Knoppix@ttyp1[config]$ /home/Knoppix/chntpw SAM

You will see a few messages, and at the end should be prompted with an option to enter the new password. It is my strong recommendation that you simple reset(blank) the password by using the asterisk(*). I have not had good luck changing the password to something new, but blanking it works all the time from my experience. So, do the following:

Please enter new password: *

Hit [Enter]

There you go! You should now have a blank password on the local Administrator account of that Windows installation. If you want to reset the password for any account other than ?Administrator? you can use the following commands:

Knoppix@ttyp1[config]$ /home/knoppix/chntpw ?l SAM
To view all user accounts on the system

Knoppix@ttyp1[config]$ /home/knoppix/chntpw/ -u username SAM
To reset the account password for the username of your choice.

Once you have changed the password and saved your changes, unmount the filestem and reboot:

Knoppix@ttyp1[config]$ cd
Knoppix@ttyp1[knoppix]$ sudo umount /dev/hda1
Knoppix@ttyp1[knoppix]$ sudo reboot

How to mount Windows NTFS Partition on Linux

ntfsprogs - several tools for doing neat things with NTFS partitions

ntfsprogs is a suite of NTFS utilities based around a shared library. The tools are available for free and come with full source code.

mkntfs(8) - Format a partition using NTFS.

ntfscat(8) - Dump a file’s contents to the standard output.

ntfsclone(8) - Efficiently clone, create, restore or rescue an image of an NTFS partition.

ntfscluster(8) - Locate the owner of any given sector or cluster on an NTFS partition.

ntfscp(8) - Overwrite file on an NTFS partition.

ntfsfix(8) - Check and fix some common errors, clear the LogFile and make Windows perform a thorough check next time it boots.

ntfsinfo(8) - Show some information about an NTFS partition or one of the files or directories within it.

ntfslabel(8) - Show, or set, an NTFS partition’s volume label.

ntfsls(8) - List information about files in a directory residing on an NTFS partition.

ntfsmount(8) - NTFS module for FUSE.

ntfsresize(8) - Resize an NTFS partition without losing data.

ntfsundelete(8) - Recover deleted files from an NTFS partition.

The tools were written by Anton Altaparmakov, Carmelo Kintana, Cristian Klein, Erik Sornes, Giang Nguyen, Holger Ohmacht, Lode Leroy, Matthew J. Fanto, Per Olofsson, Richard Russon, Szabolcs Szakacsits, Yura Pakhuchiy and Yuval Fledel.

The ntfsprogs can be downloaded from:

These manual pages can be viewed online at:

See Also
Note: Only ntfs-related man-pages are to be found on this server.
If you are looking for other man-pages, please try man on your own computer or search an online-repository like

To download the ntfs-prog go to this following link:-

Unix Power Tools

What Can you do with a Empty File?

It isn't a file, actually, though you can use it like one. /dev/null is a UNIX device. (Well, okay. It's a device file.) It's not a physical device. /dev/null is a special device that "eats" any text written to it and returns "end-of-file" (a file of length 0) when you read from it. So what the heck can you use it for?
  • Empty another file. Just copy /dev/null "on top of" the other file .
  • Make another program "quiet" by redirecting its output there. For instance, if you're putting a program into the background and you don't want it to bother you, type:

% progname > /dev/null &

That redirects standard output but leaves standard error hooked to your terminal, in case there is an error.

  • Answer a program that asks a lot of questions-you know you'll just press RETURN at each prompt. In a lot of cases, you can redirect the program's standard input from /dev/null:
  • % progname < /dev/null
  • Want the default setup? If yes, press RETURN:
  • Enter filename or press RETURN for default:


You should test that with each program, though, before you assume this trick will work. (If it doesn't work, try yes

  • Where a program needs an extra filename but you don't want it to read or write an actual file. For instance, the grep programs won't give the name of the file where they find a match unless there are at least two filenames on the command line. When you use a wildcard in a directory where maybe only one file will match, use /dev/null to be sure that grep will always see more than one :

% grep "whatever" * /dev/null

You're guaranteed that grep won't match its regular _expression in /dev/null. :-)

Another interesting device (mostly for programmers) is /dev/zero. When you read it, you'll get ASCII zeros (NUL characters) forever. There are no newlines either. For both of those reasons, many UNIX commands have trouble reading it. If you want to play, the command below will give you a start (and head will give you a stop!):

% fold -20 /dev/zero | od -c | head

On some UNIX versions, the head program may not terminate after it's printed the first ten lines. In that case, use sed 10q instead of head.

Apche+SSL Howtos

If you ever do online banking and notice all the URL's start with https:// and have a lockpad symbol on the browser, well thats SSL.

In order to tell Apache to include SSL support we need to edit the /etc/apache/httpd.conf file and scroll ALL the way to the bottom. This is where we will uncomment the following line.

change this:
#Include /etc/apache/mod_ssl.conf

to this:
Include /etc/apache/mod_ssl.conf

NOTE: The above assumes that your distribution has shipped with mod_ssl and httpd installed. If you installed from source or your distribution does not contain both of these, this LinuxAnswer will not apply to you.

Once that is done you need to make a simple edit to the /etc/rc.d/rc.httpd file so that the apache server knows you want to startup with SSL support.

change this:
/usr/sbin/apachectl start ;;
to this:
/usr/sbin/apachectl startssl ;;

Now all thats left is to setup the SSL Certs. If you really don't care about having official certs, Slackware comes with pre-made ones, I use these, but if you ran a legit production webserver you would probably want to spend the money and have real certs made. You also have the option to create your own self-signed certs and if you are interested in that, jump all the way to the bottom of this Howto. Anyway, to use the premade certs run the following commands and say yes to overwrite:

cp /etc/apache/ssl.crt/snakeoil-rsa.crt /etc/apache/ssl.crt/server.crt
cp /etc/apache/ssl.key/snakeoil-rsa.key /etc/apache/ssl.key/server.key

Now all thats left to do is restart the apache server:

/etc/rc.d/rc.httpd restart

If you want to make sure that SSL is working correctly run this command:

netstat -tpan | grep 443

If everything is working correctly, you should get output that looks like the following:

tcp 0 0* LISTEN 27426/httpd

If you don't get any output whatsoever then something went wrong and you need to look at your /var/log/apache/error_log file.

Now that SSL is all set up, you are going to want to tell Apache what to serve up when somebody connects using https://. This is done by the VirtualHost directive and the one pertaining to SSL connections can be found in the /etc/apache/mod_ssl.conf file. The default looks like this and you will certainly need to change some of the settings.

# General setup for the virtual host
DocumentRoot "/var/www/htdocs"
ServerAdmin you@your.address
ErrorLog /var/log/apache/error_log
TransferLog /var/log/apache/access_log

And finally if you want to create your own self-signed certs and not use the ones that come with Slackware thats easy to do as well. I got the following commands from

Step one - create the key and request:

openssl req -new > new.cert.csr

Step two - remove the passphrase from the key (optional):

openssl rsa -in privkey.pem -out new.cert.key

Step three - convert request into signed cert:

openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 1825

Step four - copy the cert and key to the appropriate places

cp new.cert.cert /etc/apache/ssl.crt/server.crt
cp new.cert.key /etc/apache/ssl.key/server.key

A few things to note:

When asked for Common Name in step one, be sure to enter the FQDN of your webserver ie

When asked for A challenge password in step one, go ahead and just press enter

If you don't remove the passphrase from the key in Step two, you will be prompted to enter a password every time you run /etc/rc.d/rc.httpd start. This means if your box reboots for some reason, your webserver won't start unless you are there to provide the passphrase.

Sunday, March 26, 2006

History of Linux

UNIX is one of the most popular operating systems worldwide because of its large support base and distribution. It was originally developed at AT&T as a multitasking system for minicomputers and mainframes in the 1970's, but has since grown to become one of the most widely-used operating systems anywhere, despite its sometimes confusing interface and lack of central standardization.

Many hackers feel that UNIX is the Right Thing--the One True Operating System. Hence, the development of Linux by an expanding group of UNIX hackers who want to get their hands dirty with their own system.

Versions of UNIX exist for many systems, from personal computers to supercomputers like the Cray Y-MP. Most versions of UNIX for personal computers are expensive and cumbersome. At the time of this writing, a one-machine version of UNIX System V for the 386 runs about US$1500.

Linux is a free version of UNIX developed primarily by Linus Torvalds at the University of Helsinki in Finland, with the help of many UNIX programmers and wizards across the Internet. Anyone with enough know-how and gumption can develop and change the system. The Linux kernel uses no code from AT&T or any other proprietary source, and much of the software available for Linux was developed by the GNU project of the Free Software Foundation in Cambridge, Massachusetts, U.S.A. However, programmers from all over the world have contributed to the growing pool of Linux software.

Linux was originally developed as a hobby project by Linus Torvalds. It was inspired by Minix, a small UNIX system developed by Andy Tanenbaum. The first discussions about Linux were on the Usenet newsgroup, comp.os.minix. These discussions were concerned mostly with the development of a small, academic UNIX system for Minix users who wanted more.

The very early development of Linux mostly dealt with the task-switching features of the 80386 protected-mode interface, all written in assembly code. Linus writes,

``After that it was plain sailing: hairy coding still, but I had some devices, and debugging was easier. I started using C at this stage, and it certainly speeds up development. This is also when I started to get serious about my megalomaniac ideas to make `a better Minix than Minix.' I was hoping I'd be able to recompile gcc under Linux someday...

``Two months for basic setup, but then only slightly longer until I had a disk driver (seriously buggy, but it happened to work on my machine) and a small file system. That was about when I made 0.01 available (around late August of 1991): it wasn't pretty, it had no floppy driver, and it couldn't do much of anything. I don't think anybody ever compiled that version. But by then I was hooked, and didn't want to stop until I could chuck out Minix.''

No announcement was ever made for Linux version 0.01. The 0.01 sources weren't even executable. They contained only the bare rudiments of the kernel source and assumed that you had access to a Minix machine to compile and experiment with them.

On October 5, 1991, Linus announced the first ``official'' version of Linux, which was version 0.02. At that point, Linus was able to run bash (the GNU Bourne Again Shell) and gcc (the GNU C compiler), but not much else. Again, this was intended as a hacker's system. The primary focus was kernel development--user support, documentation, and distribution had not yet been addressed. Today, the Linux community still seems to treat these issues as secondary to ``real programming''--kernel development.

As Linus wrote in comp.os.minix,

``Do you pine for the nice days of Minix-1.1, when men were men and wrote their own device drivers? Are you without a nice project and just dying to cut your teeth on an OS you can try to modify for your needs? Are you finding it frustrating when everything works on Minix? No more all-nighters to get a nifty program working? Then this post might be just for you.

``As I mentioned a month ago, I'm working on a free version of a Minix-look-alike for AT-386 computers. It has finally reached the stage where it's even usable (though may not be, depending on what you want), and I am willing to put out the sources for wider distribution. It is just version 0.02...but I've successfully run bash, gcc, gnu-make, gnu-sed, compress, etc. under it.''

After version 0.03, Linus bumped up the version number to 0.10, as more people started to work on the system. After several further revisions, Linus increased the version number to 0.95 in March, 1992, to reflect his expectation that the system was ready for an ``official'' release soon. (Generally, software is not assigned the version number 1.0 until it is theoretically complete or bug-free.). Almost a year and a half later, in late December of 1993, the Linux kernel was still at version 0.99.pl14--asymptotically approaching 1.0. At the time of this writing, the current stable kernel version is 2.0 patchlevel 33, and version 2.1 is under development.

Most of the major, free UNIX software packages have been ported to Linux, and commercial software is also available. More hardware is supported than in the original kernel versions. Many people have executed benchmarks on 80486 Linux systems and found them comparable with mid-range workstations from Sun Microsystems and Digital Equipment Corporation. Who would have ever guessed that this ``little'' UNIX clone would have grown up to take on the entire world of personal computing?