Similar to how CAT common in Linux has the ability to manipulate files, NC command in Linux has the ability to perform operations like read, write, or data redirections over the network. 

Ncat command can be used as a utility to scan ports, monitoring or can also act as a basic TCP proxy. Organizations can utilize it to review the security of their networks, web servers, telnet servers, mail servers, etc, by checking the ports that are opened or unsecured and then secure them. NC command can also be used to capture information being sent by the system.

Recommended Read:  How to use NMAP command to test Server/Network Security

Also Read: How to use FIND command in Linux

First, let’s discuss how we can install NC command or Ncat command on Linux systems.

Install NC command on CentOS

To install the nc command on Centos, simply run the following command,

# yum install nc

Install NC on Ubuntu

Similar to CentOS, the nc command in Ubuntu can be installed with a single command,

$ sudo apt install netcat

Now if you also want to know how to install the ncat command in CentOS & Ubuntu, then here are the commands.

Install Ncat command on CentOS or RHEL

Ncat command in CentOS or RHEL is part of the NMAP command. So to install the ncat command on Centos, run the following command,

# yum install nmap

Install Ncat on Ubuntu

To install Ncat command in Ubuntu,

$ sudo apt install ncat

Now let’s discuss how we can use (NCAT command) NC command in Linux with the help of some examples.

Examples for NC command/Ncat command

Connect to a remote server

The following example shows how we can connect to a remote server with NC command,

$ nc 172.16.16.100 80

Or

$ ncat 172.16.16.100 80

here, 172.16.16.100 is the IP of the server we want to connect to & 80 is the port number for the remote server. 

Once the nc command has created the connection, we can then perform some other functions like we can get the  page content with

GET/HTTP/1.1

or fetch page name,

GET/HTTP/1.1

or we can get the banner for OS fingerprinting with the following,

HEAD/HTTP/1.1

This will tell us about the application & version being used to run the webserver.

Listen to inbound connection requests on a port

To use the ncat command in Linux to check for an incoming connection on a port number following example can be referenced,

$ nc -l 80

or 

$ ncat -l 80

This will put NC in listening mode, & it will check port 80 for incoming connection requests. Listening mode will keep on running until terminated manually. 

If we only need to run listening mode for a given amount of time, we can use option ‘w’ for that,

$ nc -w 20 80

or 

$ ncat -w 20 80

here, 20 means the listening mode is active on port 80 & will check connections for 20 seconds only.

Connecting to UDP ports

Nc command makes TCP ports connections by default. For NC command to make connections to UDP ports, use the option ‘u’,

$ nc -l -u 55

or 

$ ncat -l -u 55

Here, we are connecting to UDP port 55 in listening mode.

Using NC for Port forwarding

Another use for the NC command in Linux is that we can also use it for port forwarding. Using option ‘c’ with the nc command, we can redirect a port to another. An example would be,

$ nc -u -l 80 -c ‘ nc -u -l 90’

or 

$ ncat -u -l 80 -c ‘ nc -u -l 90’

here, all incoming connections from port 80 are being forwarded to port 90.

Using NC as a Proxy server

Nc command can also act as a proxy server. To use the NC command as a proxy, use

$ nc – l 80 | nc 172.16.16.200 80

or 

$ ncat – l 80 | nc 172.16.16.200 80

here, all incoming connections to port 8080 on localhost are being redirected to the 172.16.16.200 server on port 80, as we do with the help of a proxy server.  But this proxy is currently only one way, i.e. it will send the connections to the remote server but can not receive any packets in response.

 To create a return passage or 2-way communication channel, use the following commands,

$ mkfifo 2way

$ nc – l 80 0<2way | nc 172.16.16.200 80 1>2way

We now have a fully working 2-way proxy server using the ncat command.

Using NC as a chat tool

Another way to make use of the NC command is using it as a chat tool. Weird but it’s possible. To create a chat tool using the nc command, first, start it in listening mode,

$ nc – l 8080

or 

$ ncat – l 8080

Then from the remote machine, connect to the first server that is listening to port 8080,

$ nc 172.16.16.100 8080

or 

$ ncat 172.16.16.100 8080

That’s it, you have a working chat tool on your hand. Now we can start a conversation using the terminal/CLI.

Using Ncat to create a system backdoor

Note: This will only work with the ncat command.

One of the most common ways that the ncat command in Linux is used for bad is by using it to create a backdoor. Nc command is used to create a backdoor to our system which can be exploited by hackers (I am mentioning this just for information & so that you can safeguard against these kinds of attacks. You guys should not be using it for wrong purposes, it’s completely wrong, unethical & not to mention can be illegal as well).

To create a backdoor,

$ ncat -l 5500 -e /bin/bash

here, we have attached port 5500 to /bin/bash, which can now be connected from a remote machine to execute the commands,

$ ncat 172.16.16.100 5500

As seen in the screenshot above, I created a backdoor on one tab & then on the second tab I connected to that backdoor & was able to run some commands like ‘date’, ‘df -h’ etc. You can run other commands as well & consider if this backdoor is created as the root user, hackers will have complete access to your system. 

Force server to remain up

The server will stop listening for connection once a client connection has been terminated. But with option ‘k’, we can force a server to remain running, even when no client is connected.

$ nc -l -k 8080

These were only some examples of how to use the nc command or ncat command in Linux. There are certainly more ways to use this, GOOD as well as BAD. So use wisely.

If you have any questions or queries regarding the tutorial, please do let us know using the comment box below.

The post Informative guide to NC (Ncat) command in Linux appeared first on The Linux GURUS.

Find command is a pretty useful command for easily locating files & folders in Linux. What makes it a powerful command is that we can use a number of search criteria/options to refine the search.  

It can be found & used on almost all Linux distros by default.

Recommended Read: How to use NMAP command to test Server/Network Security

Also Read: How to create a free SSL certificate using Let’s Encrypt in Linux

Syntax for using Find command

To use the find command, the basic syntax is:-

# find  location search-criteria  search-term

Now that we have some understanding of what the find command is & how to use the find command in Linux. Let’s discuss some examples as well,

Examples of the FIND command in Linux

Finding files on the system

To find all the files in the ‘/’ folder i.e. root directory, use,

# find / -type f

To search for the file in a particular directory, use,

# find /etc/ -type f

Finding directories on the system

To find all the folders/directories in the ‘/’ folder i.e. root directory, use,

# find / -type d

To look for all the directories in a particular directory, use,

# find /etc/ -type d

Finding files based on the name

If you know the name of the file or folder you are looking for, then you can also use that to make search easy & fast with the following command,

# find /etc -iname “*.txt”

This shows all the files in the /etc folder with extension .txt. One thing to consider here is that it will ignore a case-sensitive file. It will show all the files ending with .txt but will ignore files ending with .TXT or .Txt. 

To include all such files as well, we can use ‘-name’ instead of ‘-iname’, for example,

# find /etc -name “*.txt”

Invertive name search

Find command can also be used to exclude some files & only show the remaining files, use,

# find /etc -not -name “*.txt”

above command will list all the files & directories that do not have extension “.txt” at the end.

Finding files/directories with size

With the find command, we can also find files based on the file sizes. Use the following example as reference,

# find /etc -type f -size 2M

This will show all the files in the /etc folder with the size of 2 Megabytes.

Combining search criteria

We can also combine more than one search option to produce a more refined search,

# find /etc -name ‘test*’ ! -name ‘*.php’

here, it will find all the files with the name ‘test’ at the start in ‘/etc’ folder which does not have extension .php. “!” here is the equivalent of AND operator.

Also, we can combine two search criteria & produce results when any of the two search criteria are satisfied.

# find /etc -name ‘test*’ -o -name ‘*.txt’

Here “-o” is equivalent to OR operator.

Search based on file permissions

To find files based on their permissions, use, 

# find /etc -type f -perm 0400

This will show all the files in the /etc folder with the permission of 0644.

# find /etc -type f -perm /u=r

The result for the above command will show all files for a user with only read permissions.

Finding files with user & group ownership

Similar to how we can locate files with particular permissions, we can also use find command to locate files with a particular owner, 

# find / -user dan

Here, we are locating all the files that are created by user ‘dan’. Similarly, we can also search for files or folders that are owned by a group by replacing -user with -group.

# find / -group dan

Finding files based on their modification time, Access time & Change time

# find / -mtime 10

It will find all the files that were modified in the last 10 days. Replace mtime with -atime to find all the files that were accessed in the last 10 days.

# find / -cmin -60 

It will find all the files that were changed in the last 60 minutes.

# find / -mmin -60 

It will find all the files modified in the last 60 minutes.

# find / -amin -60 

It will find all the files accessed in the last 60 minutes.

Listing all the found files

To get all files and present them in order as ‘ls command’ would, use,

# find . -exec ls -ld {} \;

This will show all the files in output as would be shown by ls command.

Finding & deleting the found files

We can also combine some options to locate files & then can also perform an operation to delete them, all in a single command,

# find /etc -type f -name *.txt -size -1M -exec rm -f {} \;

This command will find all the files with .txt as an extension with a size of less than 1 Megabyte & will execute the rm/delete command on found files.

Getting Help

Like with any other Linux command, we can also take help from the OS documentation to get more detailed information about the command. Use,

# find –help

With this, we complete our tutorial on how to use the FIND command in Linux.  These are only some examples, certainly, there are plenty of ways that you can use the find command to get what you need. If you run into any issues or have any questions, please do send us using the comment box below.

The post How to use FIND command in Linux appeared first on The Linux GURUS.

Well, there are two ways we can execute a command or script on system startup or after a reboot,

1- using ‘/etc/rc.local’ file

2- using Crontab

Recommended Read:  Beginner’s guide to Backup Postgres Database

Also Read: Scheduling CRON Jobs with Crontab for Beginners

Let’s discuss both these methods one by one.

1- Using ‘/etc/rc.local’ file

This is my go-to method when I need to execute a command or script on system startup. To execute a command on startup, open the file ‘/etc/rc.local’,

NOTE:- In the latest CentOS version, we might find this file in ‘/etc/rc.d/rc.local’.

$ sudo vi /etc/rc.local

& add it into the file with full command path, like,

/bin/date

Save file & exit. To get the full path of the command, you can run the ‘which’ command,

$ which date

Now the command will execute on each startup or after a reboot as well. To add a script to the file, first make sure that the script is executable,

$ chmod +x /home/linuxtechlab/test.sh

& then edit the rc.local file,

$ sudo vi /etc/rc.local

/bin/sh /home/linuxtechlab/test.sh

Save the file & exit, we are done. Now let’s see the second method as well.

2- Using Crontab

For this method, we only need to create a new crontab job in our system. So to create a new crontab job, run the following command,

$ crontab -e

Then add the following job to crontab,

@reboot (sleep 120; /bin/sh /home/linuxtechlab/test.sh)

So we added the job to run on every reboot with a sleep period of 120 seconds because we want our system to be fully up before our script is executed, otherwise, our script might fail to run. We now end this tutorial on how to execute command or script on system startup or after a reboot. Please do share any questions or queries using the comment box below.

The post How to Execute a Command or a Script on system Startup or Reboot appeared first on The Linux GURUS.

There are a number of things we can do to secure the Redis installation. We will now list them down one by one.

Recommended Read: How to setup Redis replication in Linux

Also Read: How to Host Multiple Websites with Nginx in Linux

Secure Redis Installation

1- Create a password to connect to Redis

By default, we are not required to enter any password to connect to the Redis server. But we can create a password in order to connect to Redis instance. All we have to do is to open the Redis configuration file,

$ sudo vim /etc/redis/redis.conf

& then look for the commented section that says “requirepass”, uncomment it & mention a password after that, like

requirepass password@1234

Now save the file & restart the redis service to implement the changes made,

$ sudo systemctl restart redis

Now to connect to redis instance, we first need to run,

$ redis-cli

& then we have to run the following command,

127.0.0.1:6379> auth password@1234

Now we will be able to run the redis commands in the redis-cli.

2- Renaming some dangerous commands

There are certain commands that have extremely devastating results, like FLUSHDB, FLUSHALL, KEYS, DEL, CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, RENAME, DEBUG, etc. There are many other commands but these can do some serious damage. 

So we can do two things here, if we are using a command regularly we can rename it something that will be hard to guess or we can just disable a command completely if it’s not required.

To rename a command, open configuration file,

$ sudo vi /etc/redis/redis.conf

& add the following line,

rename-command FLUSHALL “DELETEALL”

Now restart the redis service to make changes. Now the command ‘FLUSHALL’ command will not work at all & we will be required to use ‘DELETEALL’ to use that. 

Now to completely disable a command, open the configuration file & add the following line,

rename-command FLUSHALL “”

Restart the service to apply changes & after that, FLUSHALL command will be completely disabled.

3- Allow connections from localhost only

By default, redis connections from only local systems are allowed. So if you have not allowed connections from remote systems, then you are not needed to make any changes. But if you have allowed remote connections, you can make the following changes to revert that.

Open redis configuration file,

$ sudo vi /etc/redis/redis.conf

& change the section starting with ‘bind’ to,

bind 127.0.0.1

Restart the service to apply changes.

These were some changes we can make to secure the Redis installation. If you have any questions or concerns, you can connect to us using the comment box below.

The post Simple guide to secure Redis Installation appeared first on The Linux GURUS.

Recommended Read: Examples on how to use YUM command in Linux

Also Read: Scheduling CRON Jobs with Crontab for Beginners

There are two methods using which we can install the EPEL repository on the Linux system,

1- Using the packages from default repositories

2- Using rpm package

1- Using the packages from the default repositories

To install the package from default repositories, use the following command,

CentOS/RHEL 6/7

# yum install epel-release

CentOS/RHEL 8

# dnf install epel-release

This command will work most of the times but I have faced an issue with some versions where this might not work. So if this does not work for you, then you can use the second method.

2- Using RPM packages

For this method, we will directly install the RPM package for epel repository. Based on the version, use one of the following commands,

RHEL/CentOS 6:

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm

RHEL/CentOS 7:

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Epel also recommends for RHEL 7, to enable the optional, extras, and HA repositories since EPEL packages may depend on packages from these repositories, using the following command,

# subscription-manager repos –enable “rhel-*-optional-rpms” –enable “rhel-*-extras-rpms” –enable “rhel-ha-for-rhel-*-server-rpms”

RHEL/CentOS 8:

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

Note:- EPEL also recommends for RHEL 8, to enable the code ready-builder-for-rhel-8-*-rpms repository since EPEL packages may depend on packages from it. To install it, use the following commands,

# ARCH=$( /bin/arch )

# subscription-manager repos –enable “codeready-builder-for-rhel-8-${ARCH}-rpms”

Note:- For CentOS 8, EPEL recommends to also enable the PowerTools repository since EPEL packages may depend on packages from it, run the following command to enable power tools,

# dnf config-manager –set-enabled PowerTools

Check repository

Once the EPEL repository has been installed, we can check it by executing the following command,

RHEL/CentOS 6/7

# yum repolist

RHEL/CentOS 8

# dnf repolist epel

We can now install the packages available in the EPEL repository. Please share this tutorial, or if you have any questions, concerns or suggestions, please send them to us using the comment box below.

The post Install EPEL repository on CentOS/RHEL 6, 7 & 8 appeared first on The Linux GURUS.

For the purpose of this tutorial, we will be creating a single Primary & a single secondary server. So let’s discuss the pre-requisites for setting up redis replication.

Recommended Read: How to create a free SSL certificate using Let’s Encrypt in Linux

Also Read: How to Schedule a Shutdown in Linux using Crontab?

Pre-Requisites

2 servers with Redis installed, one will act as the Primary server (10.10.10.10 IP address for our scenario) & another will act as the Secondary server (IP address 10.10.10.11 ).

You can read the following tutorials to install Redis in Ubuntu or in CentOS/RHEL. 

Now let’s move on to the configuration part.

Configuring the Redis replication

Primary Server

First, we will start with the Primary server & will configure it. Open the redis configuration file on the primary server. 

Depending on how you have installed it, the configuration file can be ‘/etc/redis/redis/conf’ or ‘/etc/redis/6379.conf’,

$ sudo vi /etc/redis/redis.conf

& look for ‘append’ & ‘appendfilename’, then change it to following,

appendonly yes

appendfilename “appendonly.aof​”

Now restart the redis service to implement the changes made,

$ sudo systemctl restart redis

OR

$ sudo systemctl restart redis_6379 

Now let’s move on to configuring the secondary server.

Secondary Server

Open the redis configuration file on the secondary server, 

$ sudo vi /etc/redis/redis.conf

& look for ‘slaveof’ & change it to following,

slaveof 10.10.10.10 6379

here, ‘10.10.10.10’ is the IP address for the Primary redis server. & ‘6379’ is the port number for redis on that server.  Once changes have been done, restart the service to implement changes,

$ sudo  systemctl restart redis

OR

$ sudo systemctl restart redis_6379

That’s it our setup for redis replication is complete, we will now verify it.

Checking the replication

To check if the master-slave setup is working, connect to the master redis instance using the following command,

& run command ‘info’,

We will get the following output, here look for ‘replication’,

Here we can see the IP address for the secondary server i.e. 10.10.10.11, also it shows the number of secondary servers i.e. 1.  

We can also try adding a key on the Primary server, that will be replicated to the secondary server in real-time. To create a test key-value, login to redis instance & execute the following command,

now to check the key on the master, run command ‘get test’

Now, login to slave server & check if the key ‘test’ has been replicated or not,

& run ‘get test’ command,

This shows that the key has been replicated to the slave server as well & our master-slave data replication is working fine.

Promoting Secondary server as Primary

So in case, the Primary server fails or there is any other issue, we can promote the secondary server as the primary server. To do this connect to the redis instance of the secondary server,

$ redis-cli -h 10.10.10.11 -p 6379

& execute the following command,

10.10.10.11:6379> SLAVEOF NO ONE

Now the secondary server will act as the primary server. You will be required to update the IP address of redis to the application where you have configured it.

Also if there is more than one redis secondary server, then you are required to update the field,

slaveof 10.10.10.11 6379

on all the secondary servers to point to a new primary server.

Reconnecting to Original Primary server

Once the original primary server is up, we can then reconnect the secondary server to the primary server by the following method, connect to the redis instance of the secondary server,

$ redis-cli -h 10.10.10.11 -p 6379

& execute the following command,

10.10.10.11:6379> SLAVEOF 10.10.10.10 6379

That’s it, this was our tutorial on how setup Redis Replication in Linux. Please do send in any questions or queries using the comment box below.

The post How to setup Redis replication in Linux appeared first on The Linux GURUS.

It also provides a number of features like,

• Replication
• data persistence
• LRU eviction
• High availability using sentinel
• Publish / Subscribe support for data
• Keys with limited TTL
• Automatic Failover
• LUA scripting, etc

Recommended Read: Install Redis on Ubuntu

Also Read: How to Host Multiple Websites with Nginx in Linux

So let’s start the process to install Redis on CentOS or RHEL.

Install Redis on CentOS

Redis packages are available on EPEL repository, so we are required to install the EPEL repository on our CentOS/ RHEL system first. Install it with the following command,

# yum install epel-release

Once the epel repository has been installed, we can install redis with the following command,

# yum install redis

Start service using the following command,

# systemctl start redis

Another method to install Redis on CentOS

With this method, we can install the latest version of redis or for that matter any version we need. We will installing the latest version at this time, i.e. 6.0.9.. Download the redis package with the following command,

# wget https://download.redis.io/releases/redis-6.0.9.tar.gz

Next extract the redis package,

# tar -xvf  redis-6.0.9.tar.gz

Now goto the extracted folder,

# cd redis-6.0.9

& then goto folder ‘deps’,

$ cd deps

next compile packages, ,

$ make hiredis lua jemalloc linenoise

$ make geohash-int

Next, we will move back to the main directory i.e. ‘redis-6.0.9’

$ cd ../

execute  ‘make’ & ‘make install’ commands

$ make

$ make installation

Once these commands have been executed, we will install the init scripts, init script will setup a redis service with port number, config file, log file & a data directory. To run run init script,

$ cd utils\

& run the install_server.sh script,

$ ./install_server.sh

We will now be asked with some information regarding redis server, as shown below,

Welcome to the redis service installer

This script will help you easily set up a running redis server

Please select the redis port for this instance: [6379]

Selecting default: 6379

Please select the redis config file name [/etc/redis/6379.conf]

Selected default – /etc/redis/6379.conf

Please select the redis log file name [/var/log/redis_6379.log]

Selected default – /var/log/redis_6379.log

Please select the data directory for this instance [/var/lib/redis/6379]

Selected default – /var/lib/redis/6379

Please select the redis executable path [/usr/local/bin/redis-server]

Selected config:

Port : 6379

Config file : /etc/redis/6379.conf

Log file : /var/log/redis_6379.log

Data dir : /var/lib/redis/6379

Executable : /usr/local/bin/redis-server

Cli Executable : /usr/local/bin/redis-cli

Is this ok? Then press ENTER to go on or Ctrl-C to abort.

Copied /tmp/6379.conf => /etc/init.d/redis_6379

Installing service…

Successfully added to chkconfig!

Successfully added to runlevels 345!

Starting Redis server…

Installation successful!

Modify any settings as per your requirements & can also install more than one redis instances by just changing the redis port number.

Now to start the redis service, command is a bit different as service name will be different,

# systemctl start redis_6379

So just change the port number to start only a single redis instance.

Testing Redis installation

We can now check if the redis has been installed by running the following command,

$ redis-cli –version

We can also connect to the installed redis server with the following command,

$ redis-cli

then check the response to ping command for redis,

redis > PING

In response, we should get PONG as output.

Allowing remote connections to Redis installation

By default, we can only connect to redis server from the local server. To allow connections to redis installation from remote machines, we need to make changes to redis configuration file,

$ sudo vi /etc/redis/redis.conf

then look for section that says ‘bind 127.0.0.1’ & change it

bind 0.0.0.0 

to allow connections from all remote servers or we can also mention single or multiple IP addresses to allow connections from those servers only, like

bind 10.10.10.10 192.168.1.10

here, connections will be allowed from two machines with IP addresses 10.10.10.10 & from 192.168.1.10.

Once the changes have been made, we need to restart the redis service to apply changes,

$ sudo systemctl restart redis

This completes our tutorial on how to install Redis on CentOS & RHEL. Please do send in any questions or queries using the comment box below.

The post Install Redis on CentOS / RHEL appeared first on The Linux GURUS.

For this to work, we will first have to create ssh keys on one server, named SERVER A & then will copy the created public key to another Linux server, named SERVER B. The public key is copied into the file located in a user’s ssh directory i.e. ‘/home/user/.ssh/authorized_keys’.

Recommended Read: Simple guide to install POSTGRESQL on Centos/RHEL

Also Read: Simple guide to install POSTGRESQL on Ubuntu

Let’s discuss the process to create password less ssh authentication,

Setup ssh login without password

1- Login to SERVER A, and then run the following command to create ssh keys,

$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/user/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/user/.ssh/id_rsa.

Your public key has been saved in /home/user/.ssh/id_rsa.pub.

The key fingerprint is:

As mentioned above two files named ‘id_rsa’ & ‘id_rsa.pub’ will be created in ‘/home/user/.ssh’ directory. We need to copy the public key ‘id_rsa.pub’ to SERVER B.

2- You can use two methods to copy the public key to SERVER B, either 

• You can copy the content of public key from SERVER A & copy it inside authorized_keys located inside the folder ‘/home/user/.ssh’,
  

$ cat ~/.ssh/id_rsa.pub | ssh user@remote-host(SERVER B) “cat >> ~/.ssh/authorized_keys” 

• Or we can execute the following command to copy the public file contents from SERVER A to SERVER B,
  

$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-host(SERVER B)

That’s it, we have now setup ssh login without password, but before we test it out we must make sure the permissions to files and folders are correct, i.e.

$ chmod 600 ~/.ssh/authorized_keys 

$ chmod 700 ~/.ssh/

3- Next, we can setup ssh login without password, 

$ ssh user@remote-host(SERVER B)

We can now access the SERVER B from SERVER A without it asking for password. We now end this tutorial, please feel free to send in any questions or queries using the comment box below.

The post How to setup SSH login without password on Linux systems appeared first on The Linux GURUS.

It also provides a number of features like,

• Replication
• data persistence
• LRU eviction
• High availability using sentinel
• Publish / Subscribe support for data
• Keys with limited TTL
• Automatic Failover
• LUA scripting, etc

In this tutorial, we will learn to install Redis on Ubuntu servers. So let’s get going,

Install Redis on Ubuntu

Redis server packages are available on default Ubuntu repositories, so we are not required to install any official or 3rd party repos on the system. So just perform a repos update,

$ sudo apt update

& then install redis on ubuntu with the following command,

$ sudo apt install redis

Once the redis has been installed on server, we can start the server with the following command,

$ sudo systemctl start redis

Testing Redis installation

We can now check if the redis has been installed by running the following command,

$ redis-cli –version

We can also connect to the installed redis server with the following command,

$ redis-cli

then check the response to ping command for redis,

redis > PING

In response, we should get PONG as output.

Allowing remote connections to redis installation

By default, we can only connect to redis server from the local server. To allow connections to redis installation from remote machines, we need to make changes to redis configuration file,

$ sudo vi /etc/redis/redis.conf

then look for section that says ‘bind 127.0.0.1’ & change it

bind 0.0.0.0 

to allow connections from all remote servers or we can also mention single or multiple IP addresses to allow connections from those servers only, like

bind 10.10.10.10 192.168.1.10

here, connections will be allowed from two machines with IP addresses 10.10.10.10 & from 192.168.1.10.

Once the changes have been made, we need to restart the redis service to apply changes,

$ sudo systemctl restart redis

This completes our tutorial on how to install Redis on Ubuntu. In our future tutorials, we will learn to create MASTER-SLAVE replication for redis & also how we can secure the redis installation. If you have any doubts or questions related to this tutorial, you can reach to us using the comment box below.

The post How to install REDIS on Ubuntu appeared first on The Linux GURUS.

The main aim of Let’s Encrypt is to make the internet secure by making SSL certificates accessible to all with ease. In this tutorial, we will learn to create a free SSL certificate using Let’s Encrypt in Linux.

Recommended Read: Beginner’s guide to NGINX SSL CONFIGURATION

Also Read: Create a SELF-SIGNED SSL Certificate in Linux

So let’s start with the tutorial.

Install Certbot in Linux

We will be using certbot to create a free Let’s Encrypt SSL certificate in Linux. Let’s discuss how we can install certbot on various Linux distros.

Ubuntu/popOS/Debian/LinuxMInt

For their distributions, we need to have snap package manager installed, as the certbot packages are maintained on snap repositories.

The Snap package manager is installed on all the new versions of Ubuntu. If you are still using an older version of Ubuntu, then you can install the snap package manager using the following command,

$ sudo apt-get install snapd

Once the snap is installed, we can then install certbot on the system. But before we do that, just make sure that there are not any other versions of certbot installed on the system, & if they are, we need to remove them,

$ sudo apt-get remove certbot

Now install the certbot with the help of snap,

$ sudo snap install –classic certbot

CentOS/RHEL

For CentOS & RHEL, we need to have an EPEL repository on the system to install certbot. Install the EPEL repository using the following command,

# yum install epel-release

Now we can install the certbot with the following command,

# yum install certbot

Now let’s proceed ahead with the SSL creation.

Create free SSL certificate using Let’s Encrypt in Linux

Now when the certbot has been installed, we can create the free SSL certificate using Let’s Encrypt in Linux with the following command,

$ sudo certbot certonly -d thelinuxgurus.com –manual –preferred-challenges dns

See the screenshot above, mainly the highlighted part. I know the cert was not created for my domain as i already have a SSL cert & did not want to add a TXT record in DNS. But if you need an SSL certificate, you must prove the domain ownership by adding the TXT DNS record as mentioned for you, when you run the command.

Once you have added the record, wait for some time as DNS records can take some time to propagate successfully. After that press ENTER to confirm & verify the DNS record to create a certificate successfully.

Once the certificate is created, you can manually install the certificate on a web server of your choice or on WordPress using CPanel, etc.

If you need to renew the certificate, then you can run the following command,

$ sudo certbot renew

You can also dry run to simulate the certificate renewal with the following command,

$ sudo certbot renew –dry-run

This completes our tutorial on how to create a free SSL certificate using Let’s Encrypt in Linux.

The post How to create a free SSL certificate using Let’s Encrypt in Linux appeared first on The Linux GURUS.