Pages

Showing posts with label linux. Show all posts
Showing posts with label linux. Show all posts

Monday, 24 October 2011

Regaining access to an AWS (Amazon) Linux machine

Say you secured so much your AWS server you can only login with SSH keys there. And you have only one SSH key that can access that server. And you lost your SSH key or forgot the passphrase for it.

Are you damned to lose all that work you have poured into that machine? Probably not, if you have the luxury of some downtime.

AWS does not have any (easy) way to just change the SSH key that can access to a system.

So after 30 minutes of attempts this is how I managed to get access back to my machine.
  1. Create another machine (a copy or just a new one it doesn't matter) and start it up. Pay attention to authorize a new SSH key that works to access this machine.
  2. Shut down the original machine
  3. Detach the (root) disk volume
  4. Attach that volume to the running instance
  5. mount the root partition (running dmesg or fdisk -l will tell you what to mount)
  6. go to <mtpoint>/root/.ssh/
  7. vi authorized_keys and add there the public key of your new key
  8. shutdown this new machine
  9. detach the volume
  10. reattach it to the old instance
  11. restart the instance and ssh into it with the new key

Be happy.


Ps. I found here another method involving snapshots but I just couldn't make it work. For some reason the cloned machine was always empty.
Posted by stezz at 21:25 18 comments
Labels: ,

Wednesday, 14 October 2009

Debian packaging: Changing permissions and ownership of dirs

Regarding creating users and permissions our beloved Debian Policy [chap. 10.9] tells us:
...you must arrange for your package to create the user or group if necessary using adduser in the preinst or postinst script (again, the latter is to be preferred if it is possible).

I wanted to stick to the postinst since it's preferrable so I couldn't change the permissions in the rules file.

Now the thing is I need to give this user permissions for the dirs it will need to own/write and so on. I already have the dirs listed in debian/dirs and I don't want to hardcode anything else in the rules or in the postinst. Of course not being a so experienced debian devel I started to google but didn't find anything... asked around but nothing yet... so I hacked it in this way in the end:
debian/rules:
...
MYDIRS := $(shell cat $(CURDIR)/debian/dirs)
SUBME := $(foreach dir, $(MYDIRS), chown -R \$$the_user $(dir);)
SUBFRIENDLY := $(shell echo "$(SUBME)" | sed -e 's/\//\\\//g')
...
binary-indep: build install
...
dh_installdeb
sed -i -e 's/PLACEHOLDER/$(SUBFRIENDLY)/' $(DESTDIR)/DEBIAN/postinst
...
...

debian/postinst:
...
configure)
the_user="xyz"
#Creating the user if it does not exist
if ! getent passwd $the_user > /dev/null; then
adduser $the_user
fi

#Changing the permissions for the given dirs
PLACEHOLDER
...


(user=xyz can be easily changed to numeric ID)

I don't know if this is the 'standard' way to do it (nor if there is a standard way) but it's at least a way that worked... If anybody there can give me an hint on how to do it better, it would be really appreciated.
Posted by stezz at 10:32 3 comments
Labels: , ,

Tuesday, 29 January 2008

Complex LDAP queries with python

I came across this nasty problem today and the solution was so easy and stupid that it took me 10 minutes to understand what it was after many tries... :D

Say that you want to make a quite complex query to an LDAP directory using ldapsearch, the syntax is:
ldapsearch -x -h ldap.server.com -b o=Myorganization "&(uid=john*)(!(jobgrade=boss))(address=*Washington*)"

Now to do the same thing with python ldap module I expected the syntax would be the same... well no! (don't know why?).
import ldap
l = ldap.open('ldap.server.com')
res = l.search_s('o=Myorganization', ldap.SCOPE_SUBTREE, '(&(uid=john*)(!(jobgrade=boss))(address=*Washington*))')

so you have simply to add brackets before the & (or |)... again I wonder why it was implemented differently...
Posted by stezz at 11:03 1 comments
Labels: ,

Monday, 26 November 2007

Linux Mint

I'm a Debian user since a while and I like it, well of course sometimes it's a bit difficult for the not-geek user to work with it, you always have to install something that is not here, copy something that is not there and so on. Despite everything I like it a lot.

I've never tried Ubuntu but I know it's more end-user oriented and easier to install. A week ago a distro based on Ubuntu Gutsy (that is based on debian) was released, so I decided to give it a try on a usb stick live installation.

Its name is Linux Mint and I was honestly really surprised by the ease of use of it and by the richness of the basic system. It's very strong in multimedia support so when it comes to Java, flash and divx support you don't have to do anything just use it.

If you have time to invest give it a try --> Linux Mint

Very easy also to put it on your usb stick --> here
Posted by stezz at 20:00 0 comments
Labels: , ,

Tuesday, 23 October 2007

LinuxDay.IT

Sabato sará un giorno importante per i linuxari di tutta Italia, il Linux Day 2007 sará occasione per chi é appassionato di open-source e Linux di rinfrescarsi le idee e per chi non lo é di farsene di nuove... alla larga da Apple & Microsoft :D

Saturday will be an important day for all the linux users and fans all over Italy, the Linux Day 2007 will give the possibility to who's a fan of linux to refresh her ideas and for who's not to make new ones... away from Apple & Microsoft :D

More info on http://www.linuxday.it/
Posted by stezz at 09:44 0 comments
Labels: , , ,
Subscribe to: Posts (Atom)