Ubuntu: enable root access from SSH

Leave a reply

Connecting to a server via SSH as root user is disabled by default. To enable this, edit the sshd configuration file: 

nano /etc/ssh/sshd_config

Find the following line:

#PermitRootLogin prohibit-password

Change it to this.

PermitRootLogin yes

Now restart the ssh service:

systemctl restart sshd

Time zone adjustment

Leave a reply

To check if the server is in the same timezone than your workstation:

date

To modify the time zone:

sudo timedatectl set-timezone Europe/Luxembourg

Change timezone:

dpkg-reconfigure tzdata

Find differences between folders

Leave a reply 
diff -rq /.../folder1 /.../folder2

The r flag assures that each directory is recursively looked at.
The q flag activates the brief mode: without this flag, diff will tell us the actual line-by-line differences for any files that exist in both locations but are not identical.

To check differences between remote shares:

diff -rq /Volumes/Movies-1 /Volumes/Movies-2

This also works with rsync:

rsync -avun $SOURCE $TARGET

In case you want to avoid corrupt files, you want to check for checksums too:

rsync -avnc $SOURCE $TARGET

SAMBA (install and configure)

Leave a reply

Install and configure Samba

sudo apt-get install samba -y

Once the software is installed, you’re ready to configure your first share. Open the samba configuration file:

Your Samba shares will be configured in /etc/samba/smb.conf, so open that file with the command:

sudo nano /etc/samba/smb.conf

Scroll to the bottom and add the following for each share:

[ShareName]

path = /var/www/www.website.com

valid users = paul

browsable = yes

writable = yes

read only = no
  • [ShareName] is the visible name of the share when connecting to the server
  • valid users: the list of users that are allowed to access this share. The user needs to be added to Samba and a password needs to be generated.
  • path: the absolute path on the disk
  • browsable: make the share visible or invisible on the network
  • writable: make the share writable (or not)
  • read-only: make the share read-only (or not)

Save (CTRL-O) and close (CTRL-X) the configuration file.
Restart the Samba daemon:

sudo systemctl restart smbd

Add a user to Samba

After limiting access to a list of users (see above), you have to add the user to Samba and create a password for him/her.

sudo smbpasswd -a paul

You will be prompted to enter the password and confirm it for user paul. After creating the user, you have to enable him/her.

Enable a user

sudo smbpasswd -e paul

Disable a user

sudo smbpasswd -d paul

Delete a user

sudo smbpasswd -x paul

Ubuntu: updates

Leave a reply

Regular updates

sudo apt update
sudo apt upgrades

Distribution updates

Check the version you are running:

lsb_release -a

If updater is not installed:

sudo apt install update-manager-core

To upgrade the release:

sudo do-release-upgrade -d

openHAB: important commands

Leave a reply

Live show openHAB logfile 

tail -f /var/log/openhab/openhab.log

Backup openHAB. The backup file will be created at /var/lib/openhab/backups.

openhab-cli backup

Restore openHAB backup file

sudo systemctl stop openhab
openhab-cli restore /var/lib/openhab/backups/openhab-backup-23_03_26-19_38_25.zip
sudo systemctl start openhab

Install bindings manually to the following directory. They will be automatically enabled.

cd /usr/share/openhab/addons

NGINX: redirect all HTTP traffic to HTTPS

Leave a reply

To redirect all traffic from non secure to secure sockets layer (SSL), add the following lines to the virtual host config file in /etc/nginx/sites-available/my_vhost_config_file.

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

Explanations:

Listen 80: This instructs the system to catch all HTTP traffic on Port 80
Server_name _; : This will match any hostname
Return 301: This tells the browser (and search engines) that this is a permanent redirect
https://$host$request_uri: This is a short code to specify the HTTPS version of whatever the user has typed