Saturday 30 January 2010

nagios create readonly user

# cd /etc/nagios/

htpasswd passowrdfile readonlyuser
# htpasswd htpasswd.users nagiosuser

Enter you password.

Then edit cgi.cfg file.There are different access you can enable.
# SYSTEM/PROCESS INFORMATION ACCESS
# CONFIGURATION INFORMATION ACCESS
# SYSTEM/PROCESS COMMAND ACCESS
# GLOBAL HOST/SERVICE VIEW ACCESS
# GLOBAL HOST/SERVICE COMMAND ACCESS

"GLOBAL HOST/SERVICE VIEW ACCESS" access is enough for read only users.
authorized_for_all_services=nagiosadmin,nagiosuser
authorized_for_all_hosts=nagiosadmin,nagiosuser

Friday 29 January 2010

Moving Ubuntu in Company

M$ Windows OS is only supported OS in my company. But I decided to move linux, because i am administrating around 180 Linux bases machine. These are tools which used before and afer .

M$ Office 2007 --> Installed Crossover Linux and M$ Office 2007
M$ Office Communicator --> Pidgin with Office communicator plug in
Windows share --> samba smb://domain;username@host/share and add "connect to a server" applet to panel.
Remote Desktop --> Terminal Server Client
Securcrt --> ssh in console itself with ssh key and clusterssh
wireless --> Also wireless is ok with dynamic wep protected eap with ca certificate and mschapv2 authentication.
internet explorer --> firefox and google chrome
babylon dictionary --> stardict
backup --> ddrescue and rsync for individual folders
gtalk --> cntlm and pidgin
vpn --> kvpnc
itunes --> gtkpod and rhythmbox

Monday 25 January 2010

Pidgin ntlmaps gtalk behind isa proxy

I need to connect gtalk. Because support team of vendor companies using gtalk.
Nntlmaps; proxy software that allows you to authenticate via an MS Proxy Server

Install ntlmaps
# sudo apt-get install ntlmaps

configure ntlmaps
# vi /etc/ntlmaps/server.cfg

PARENT_PROXY: your isa proxy ip adress
PARENT_PROXY_PORT: you isa proxy port
NT_DOMAIN: domainname
USER: nt username
PASSWORD: nt password
LISTEN_PORT:5865 (ntlmaps listen port)

Pidgin --> accounts --> manage accounts --> modify --> advanced
check force old ssl clear others
connect port: 443
connect server: talk.google.com

In proxy tab
Proxy type: http
Host: 127.0.0.1
Port: 5865 (ntlmaps port)
Username: nt username
password : nt password

Monday 18 January 2010

Ssh user config file

I got bored running command ssh -Y root@hostname everytime. So I created ssh config file my user. So my user connects remote computer with ssh command and allowed X11 forwarding.

edit ssh config file in your home directory
vi ~/.ssh/config

Add this line
User root
ForwardX11 yes


I use ssh passwordless login (ssh keygen) for remote computers. Also clusterssh for executing remote commands one time.

ClusterSSH controls a number of xterm windows via a single graphical console window to allow commands to be interactively run on multiple servers over an ssh connection.