book

Linux Cookbook, 2nd Edition

Name: Linux Cookbook, 2nd Edition
Author: Carla Schroder
ISBN: 9781492087168

by Carla Schroder

August 2021

Intermediate to advanced

542 pages

11h 16m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Who Should Read This BookWhy I Wrote This BookNavigating This BookConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
1. Installing Linux
Booting from Installation MediaWhere to Download LinuxBest Linux for Newbies1.1. Entering your System BIOS/UEFI Setup1.2. Downloading a Linux Installation Image1.3. Creating a Linux Installation USB Stick with UNetbootin1.4. Creating a Linux Installation DVD with K3b1.5. Using the wodim Command to Create a Bootable CD/DVD1.6. Creating a Linux Installation USB Stick with the dd Command1.7. Trying a Simple Ubuntu Installation1.8. Customizing Partitioning1.9. Preserving Existing Partitions1.10. Customizing Package Selection1.11. Multibooting Linux Distributions1.12. Dual-boot with Microsoft Windows1.13. Recovering an OEM Windows 8 or 10 Product Key1.14. Mounting Your ISO Image on Linux
2. Managing the GRUB Bootloader
2.1. Rebuilding Your GRUB Configuration File2.2. Unhiding a Hidden GRUB Menu2.3. Booting to a Different Linux Kernel2.4. Understanding GRUB Configuration Files2.5. Writing a Minimal GRUB Configuration File2.6. Setting a Custom Background for Your GRUB Menu2.7. Changing Font Colors in the GRUB Menu2.8. Applying a Theme to Your GRUB Menu2.9. Rescuing a Nonbooting System from the grub> Prompt2.10. Rescuing a Nonbooting System from the grub rescue> Prompt2.11. Reinstalling Your GRUB Configuration
3. Starting, Stopping, Restarting, and Putting Linux into Sleep Modes
3.1. Shutting Down with systemctl3.2. Shutting Down, Timed Shutdowns, and Rebooting with the shutdown Command3.3. Shutting Down and Rebooting with halt, reboot, and poweroff3.4. Sending Your System into Sleep Modes with systemctl3.5. Rebooting Out of Trouble with Ctrl-Alt-Delete3.6. Disabling, Enabling, and Configuring Ctrl-Alt-Delete in the Linux Console3.7. Creating Scheduled Shutdowns with cron3.8. Scheduling Automated Startups with UEFI Wake-Ups3.9. Scheduling Automated Startups with RTC Wake-ups3.10. Setting Up Remote Wake-Ups with Wake-on-LAN over Wired Ethernet3.11. Setting Up Remote Wake-Ups over WiFi (WoWLAN)
4. Managing Services with systemd
4.1. Learning if Your Linux Uses systemd4.2. Understanding PID 1, the Mother of All Processes4.3. Listing Services and Their States with systemctl4.4. Querying the Status of Selected Services4.5. Starting and Stopping Services4.6. Enabling and Disabling Services4.7. Stopping Troublesome Processes4.8. Managing Runlevels with systemd4.9. Diagnosing Slow Startups
5. Managing Users and Groups
5.1. Finding a User’s UID and GID5.2. Creating a Human User with useradd5.3. Creating a System User with useradd5.4. Changing the useradd Default Settings5.5. Customizing the Documents, Music, Video, Pictures, and Downloads Directories5.6. Creating User and System Groups with groupadd5.7. Adding Users to Groups with usermod5.8. Creating Users with adduser on Ubuntu5.9. Creating a System User with adduser on Ubuntu5.10. Creating User and System Groups with addgroup5.11. Checking Password File Integrity5.12. Disabling a User Account5.13. Deleting a User with userdel5.14. Deleting a User with deluser on Ubuntu5.15. Removing a Group with delgroup on Ubuntu5.16. Finding and Managing All Files for a User5.17. Using su to Be Root5.18. Granting Limited Root Powers with sudo5.19. Extending the sudo Password Timeout5.20. Creating Individual sudoers Configurations5.21. Managing the Root User’s Password5.22. Changing sudo to Not Ask for the Root Password
6. Managing Files and Directories
6.1. Creating Files and Directories6.2. Quickly Creating a Batch of Files for Testing6.3. Working with Relative and Absolute Filepaths6.4. Deleting Files and Directories6.5. Copying, Moving, and Renaming Files and Directories6.6. Setting File Permissions with chmod’s Octal Notation6.7. Setting Directory Permissions with chmod’s Octal Notation6.8. Using the Special Modes for Special Use Cases6.9. Removing the Special Modes in Octal Notation6.10. Setting File Permissions with chmod’s Symbolic Notation6.11. Setting the Special Modes with chmod’s Symbolic Notation6.12. Setting Permissions in Batches with chmod6.13. Setting File and Directory Ownership with chown6.14. Changing Ownership on Batches of Files with chown6.15. Setting Default Permissions with umask6.16. Creating Shortcuts (Soft and Hard Links) to Files and Directories6.17. Hiding Files and Directories
7. Backup and Recovery with rsync and cp
7.1. Selecting Which Files to Back Up7.2. Selecting Files to Restore from Backups7.3. Using the Simplest Local Backup Method7.4. Automating Simple Local Backups7.5. Using rsync for Local Backups7.6. Making Secure Remote File Transfers with rsync over SSH7.7. Automating rsync Transfers with cron and SSH7.8. Excluding Files from Backup7.9. Including Selected Files to Backup7.10. Managing Includes with a Simple Include File7.11. Managing Includes and Excludes with an Exclude File7.12. Limiting rsync’s Bandwidth Use7.13. Building an rsyncd Backup Server7.14. Limiting Access to rsyncd Modules7.15. Creating a Message of the Day for rsyncd
8. Managing Disk Partitioning with parted
Overview8.1. Unmounting Your Partitions Before Using parted8.2. Choosing the Command Mode for parted8.3. Viewing Your Existing Disks and Partitions8.4. Creating GPT Partitions on a Nonbooting Disk8.5. Creating Partitions for Installing Linux8.6. Removing Partitions8.7. Recovering a Deleted Partition8.8. Increasing Partition Size8.9. Shrinking a Partition
9. Managing Partitions and Filesystems with GParted
9.1. Viewing Partitions, Filesystems, and Free Space9.2. Creating a New Partition Table9.3. Deleting a Partition9.4. Creating a New Partition9.5. Deleting a Filesystem Without Deleting the Partition9.6. Recovering a Deleted Partition9.7. Resizing Partitions9.8. Moving a Partition9.9. Copying a Partition9.10. Managing Filesystems with GParted

10. Getting Detailed Information About Your Computer Hardware
10.1. Collecting Hardware Information with lshw10.2. Filtering lshw Output10.3. Detecting Hardware, Including Displays and RAID Devices, with hwinfo10.4. Detecting PCI Hardware with lspci10.5. Understanding lspci Output10.6. Filtering lspci Output10.7. Using lspci to Identify Kernel Modules10.8. Using lsusb to List USB Devices10.9. Listing Partitions and Hard Disks with lsblk10.10. Getting CPU Information10.11. Identifying Your Hardware Architecture
11. Creating and Managing Filesystems
Filesystem Overview11.1. Listing Supported Filesystems11.2. Identifying Your Existing Filesystems11.3. Resizing Filesystems11.4. Deleting Filesystems11.5. Using a New Filesystem11.6. Creating Automatic Filesystem Mounts11.7. Creating Ext4 Filesystems11.8. Configuring the Ext4 Journal Mode11.9. Finding Which Journal Your Ext4 Filesystem Is Attached To11.10. Improving Performance with an External Journal for Ext411.11. Freeing Space from Reserved Blocks on Ext4 Filesystems11.12. Creating a New XFS Filesystem11.13. Resizing an XFS Filesystem11.14. Creating an exFAT Filesystem11.15. Creating FAT16 and FAT32 Filesystems11.16. Creating a Btrfs Filesystem
12. Secure Remote Access with OpenSSH
12.1. Installing OpenSSH Server12.2. Generating New Host Keys12.3. Configuring Your OpenSSH Server12.4. Checking Configuration Syntax12.5. Setting Up Password Authentication12.6. Retrieving a Key Fingerprint12.7. Using Public Key Authentication12.8. Managing Multiple Public Keys12.9. Changing a Passphrase12.10. Automatic Passphrase Management with Keychain12.11. Using Keychain to Make Passphrases Available to Cron12.12. Tunneling an X Session Securely over SSH12.13. Opening an SSH Session and Running a Command in One Line12.14. Mounting Entire Remote Filesystems with sshfs12.15. Customizing the Bash Prompt for SSH12.16. Listing Supported Encryption Algorithms
13. Secure Remote Access with OpenVPN
OpenVPN Overview13.1. Installing OpenVPN, Server and Client13.2. Setting Up a Simple Connection Test13.3. Setting Up Easy Encryption with Static Keys13.4. Installing EasyRSA to Manage Your PKI13.5. Creating a PKI13.6. Customizing EasyRSA Default Options13.7. Creating and Testing Server and Client Configurations13.8. Controlling OpenVPN with systemctl13.9. Distributing Client Configurations More Easily with .ovpn Files13.10. Hardening Your OpenVPN Server13.11. Configuring Networking
14. Building a Linux Firewall with firewalld
firewalld Overview14.1. Querying Which Firewall Is Running14.2. Installing firewalld14.3. Finding Your firewalld Version14.4. Configuring iptables or nftables as the firewalld Backend14.5. Listing All Zones and All Services Managed by Each Zone14.6. Listing and Querying Services14.7. Selecting and Setting Zones14.8. Changing the Default firewalld Zone14.9. Customizing firewalld Zones14.10. Creating a New Zone14.11. Integrating NetworkManager and firewalld14.12. Allowing or Blocking Specific Ports14.13. Blocking IP Addresses with Rich Rules14.14. Changing a Zone Default Target
15. Printing on Linux
Overview15.1. Using the CUPS Web Interface15.2. Installing a Locally Attached Printer15.3. Giving Printers Useful Names15.4. Installing a Network Printer15.5. Using Driverless Printing15.6. Sharing Nonnetworked Printers15.7. Correcting the “Forbidden” Error Message15.8. Installing Printer Drivers15.9. Modifying an Installed Printer15.10. Saving Documents by Printing to a PDF File15.11. Troubleshooting
16. Managing Local Name Services with Dnsmasq and the hosts File
16.1. Simple Name Resolution with /etc/hosts16.2. Using /etc/hosts for Testing and Blocking Annoyances16.3. Finding All DNS and DHCP Servers on Your Network16.4. Installing Dnsmasq16.5. Making systemd-resolved and NetworkManager Play Nice with Dnsmasq16.6. Configuring Dnsmasq for LAN DNS16.7. Configuring firewalld to Allow DNS and DHCP16.8. Testing Your Dnsmasq Server from a Client Machine16.9. Managing DHCP with Dnsmasq16.10. Advertising Important Services over DHCP16.11. Creating DHCP Zones for Subnets16.12. Assigning Static IP Addresses from DHCP16.13. Configuring DHCP Clients for Automatic DNS Entries16.14. Managing Dnsmasq Logging16.15. Configuring Wildcard Domains
17. Keeping Time with ntpd, chrony, and timesyncd
17.1. Finding Which NTP Client Is on Your Linux System17.2. Using timesyncd for Simple Time Synchronization17.3. Setting Time Manually with timedatectl17.4. Using chrony for Your NTP Client17.5. Using chrony as a LAN Time Server17.6. Viewing chrony Statistics17.7. Using ntpd for Your NTP Client17.8. Using ntpd for Your NTP Server17.9. Managing Time Zones with timedatectl17.10. Managing Time Zones Without timedatectl
18. Building an Internet Firewall/Router on Raspberry Pi
Overview18.1. Starting and Shutting Down Raspberry Pi18.2. Finding Hardware and How-Tos18.3. Cooling the Raspberry Pi18.4. Installing Raspberry Pi OS with Imager and dd18.5. Installing Raspberry Pi with NOOBS18.6. Connecting to a Video Display Without HDMI18.7. Booting into Recovery Mode18.8. Adding a Second Ethernet Interface18.9. Setting Up an Internet Connection Sharing Firewall with firewalld18.10. Running Your Raspberry Pi Headless18.11. Building a DNS/DHCP Server with Raspberry Pi
19. System Rescue and Recovery with SystemRescue
19.1. Creating Your SystemRescue Bootable Device19.2. Getting Started with SystemRescue19.3. Understanding SystemRescue’s Two Boot Screens19.4. Understanding SystemRescue’s Boot Options19.5. Identifying Filesystems19.6. Resetting a Linux Root Password19.7. Enabling SSH in SystemRescue19.8. Copying Files over the Network with scp and sshfs19.9. Repairing GRUB from SystemRescue19.10. Resetting a Windows Password19.11. Rescuing a Failing Hard Disk with GNU ddrescue19.12. Managing Partitions and Filesystems from SystemRescue19.13. Creating a Data Partition on Your SystemRescue USB Drive19.14. Preserving Changes in SystemRescue
20. Troubleshooting a Linux PC
Overview20.1. Finding Useful Information in Logfiles20.2. Configuring journald20.3. Building a Logging Server with systemd20.4. Monitoring Temperatures, Fans, and Voltages with lm-sensors20.5. Adding a Graphical Interface to lm-sensors20.6. Monitoring Hard Disk Health with smartmontools20.7. Configuring smartmontools to Send Email Reports20.8. Diagnosing a Sluggish System with top20.9. Viewing Selected Processes in top20.10. Escaping from a Frozen Graphical Desktop20.11. Troubleshooting Hardware
21. Troubleshooting Networks
Diagnostic Hardware21.1. Testing Connectivity with ping21.2. Profiling Your Network with fping and nmap21.3. Finding Duplicate IP Addresses with arping21.4. Testing HTTP Throughput and Latency with httping21.5. Using mtr to Find Troublesome Routers
Software Management Cheatsheets
Package Management CommandsManaging Software on UbuntuManaging Software on FedoraManaging Software on openSUSE
Index

Content preview from Linux Cookbook, 2nd Edition

Chapter 13. Secure Remote Access with OpenVPN

Open Virtual Private Network (OpenVPN) creates a TLS/SSL encrypted connection between two different networks at separate physical locations, like a branch office linked to a main office, or a remote worker logging in to the company network from home. This connection is called an encrypted tunnel, a secure transport protecting your connection from the big bad internet. OpenVPN is dependent on OpenSSL, so having OpenSSL knowledge is helpful.

Note

If you are already familiar with OpenVPN, you can probably skip ahead to Recipes 13.5, 13.6, and 13.7 to review creating your encryption certificates and client and server configuration. If you are new to VPNs, try each recipe in sequence. Take your time; VPNs are complicated and finicky. Do a lot of testing before deploying to production systems.

OpenVPN Overview

A VPN is a secure extension of your network that makes all the same services available to remote workers that local users have, so the remote users’ experience is the same as for users physically present at your location. They can access your local web servers, email, file shares, chat servers, video conferencing apps, internal wikis, everything that you have walled off from the outside world and is available only to users inside your network. A VPN is not like SSH, which connects individual computers. A VPN links etworks and individual hosts to networks.

In this chapter you will learn how to set up an OpenVPN server, configure clients, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492087151Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design