lunes, 27 de mayo de 2019

Ssh sin password

Your aim

You want to use Linux and OpenSSH to automate your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script.

How to do it

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:
a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A
Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine):
a@A:~> ssh b@B mkdir -p .ssh
b@B's password: 
Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time:
a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password: 
From now on you can log into B as b from A as a without password:
a@A:~> ssh b@B
A note from one of our readers: Depending on your version of SSH you might also have to do the following changes:
  • Put the public key in .ssh/authorized_keys2
  • Change the permissions of .ssh to 700
  • Change the permissions of .ssh/authorized_keys2 to 640
Fuente:
http://www.linuxproblem.org/art_9.html

martes, 9 de abril de 2019

Migrar una maquina fisica linux a una virtual con vmware converter

Me surgio el trabajo de migrar una maquina fisica con linux centos 7 a una virtual en el vmware. Buscando en google esta la solucion de vmware converter que funciona muy bien dentro de todo.

Basicamante hay que poner la ip de la maquina fisica con sus credenciales (root en lo posible), y la ip del vmware de destino.

También importante editar la configuracion de ip (si tenes ip fija), porque hay que ponerle una ip al vmware helper una mini maquina virtual que chupa los datos de la otra y configura el grub entre otras cosas.

Despues de eso puede que haya un error :

redhat error can't find command ':'

Que aca hay que editar el archivo de configuracion de grub

/etc/grub2.cfg

Y borrar todas las lineas que dice vmware converter  con ":"


martes, 12 de febrero de 2019

VPN IPSec vCloud Director

 No encontraba que algoritmo de hash utiliza la vpn ipsec de vcloud director, encontre un articulo interesante que me ayudo y pongo las fuentes mas abajo. Al final utilice estos algoritmos de cifrado y encriptación:


Phase 1 Settings
Mode: Main
Authentication: Preshared Key
IKE Version: 1
Encryption: AES256 (or the other options if you chose them instead)
Authentication: SHA1
DH Group: 2
Key Lifetime: 28800 seconds
Dead Peer Detection: Enabled
Keepalive Frequency: 10

Phase 2 Settings
Encryption: AES256 (or the other options if you chose them instead)
Authentication: SHA1
Enable replay detection: Yes
Enable Perfect forward secrecy (PFS): Yes
DH Group: 2
Key Lifetime: 3600 seconds
Autokey Keep Alive: No


Fuente:
https://vgrid.zendesk.com/hc/en-us/articles/205248425-vCloud-Director-Edge-Gateway-VPN-Settings
https://adosztal.blogspot.com/2018/07/demystifying-vcloud-director-vpn.html