SSH passwordless login in OpenSSH

Posted on April 21, 2017 by Andy

You can login to a remote Linux server without entering password in 3 simple steps:

create public and private keys on the source/local server:
```
# ssh-keygen
```
copy the public key from local to destination/remote host:
```
# ssh-copy-id -i ~/.ssh/id_rsa.pub <remote ip>
```
test passwordless login:
```
# ssh <remote ip>
```

If all went well you should not be asked for a password. You can find your key on the remote system in ~/.ssh/authorized_keys

Thie above commands were executed as root user and the mechanism is done for root@local -> root@remote.

OpenDKIM with Postfix (Centos 7)

Posted on March 31, 2017 by Andy

First install OpenDKIM:

# yum install opendkim

Configure OpenDKIM (please read the comments inside the original config file):

# vim /etc/opendkim.conf

PidFile /var/run/opendkim/opendkim.pid
Mode    sv
Syslog  yes
SyslogSuccess   yes
LogWhy  yes
UserID  opendkim:opendkim
Socket  inet:8891@localhost
Umask   002
SendReports     yes
SoftwareHeader  yes
Canonicalization        relaxed/simple
Selector        default
MinimumKeyBits  1024
KeyTable        /etc/opendkim/KeyTable
SigningTable    refile:/etc/opendkim/SigningTable
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts   refile:/etc/opendkim/TrustedHosts
OversignHeaders From
SignatureAlgorithm      rsa-sha256

Generate a domain key + domain cert:

# cd /etc/opendkim/keys
# opendkim-genkey -d mydomain.com
# mv default.private mydomain.private
# mv default.txt mydomain.txt
# chown opendkim:opendkim mydomain.*

Add the key to the keytable:

# vim /etc/opendkim/KeyTable
>> default._domainkey.mydomain.com mydomain.com:default:/etc/opendkim/keys/mydomain.private

Add the cert to the SignTable

# vim /etc/opendkim/SignTable
>> *@mydomain.com default._domainkey.mydomain.com

Edit postfix config and add OpenDKIM to the milters:

# vim /etc/postfix/main.cf
>> smtpd_milters = inet:localhost:8891
>> non_smtpd_milters = inet:localhost:8891

Start OpenDKIM:

# systemctl start opendkim
# systemctl enable opendkim

Restart postfix:

# systemctl restart postfix

Add DKIM TXT record to DNS (Bind9):

# vim /var/named/mydomain.com
>> default._domainkey.mydomain.com. 3600      TXT        "v=DKIM1; k=rsa; p=<very long string taken from /etc/opendkim/keys/mydomain.txt>"

Restart Bind:

# systemctl restart named

Well, that should be it, wokring DKIM on your mydomain.com!

Install and mount HGFS share with open-vm-tools in Ubuntu 16.04 LTS

Posted on February 27, 2017 by Andy

First install the right open-vm-tools package:

# sudo apt-get install open-vm-tools-dkms

then you can mount the shared folder with following command:

# sudo mount -t fuse.vmhgfs-fuse .host:/ <mount point> -o allow_other

please make sure that the mount point exists. to make this permanent and mount at boot, edit your /etc/fstab file and add

.host:/ /mnt/hgfs fuse.vmhgfs-fuse allow_other 0 0

Important: FUSE can only be used with kernel >4 and open-vm-tools >10, otherwise the simplest solution is to install VMware Tools

YAIB

Yet Another IT Blog

Linux/Unix

SSH passwordless login in OpenSSH

OpenDKIM with Postfix (Centos 7)

Install and mount HGFS share with open-vm-tools in Ubuntu 16.04 LTS