On Linux, environment variables hold important values and settings. Scripts, applications, and shells read these values, often to configure themselves, or to control their behavior. Here are several ways to show those variables in your terminal.
[mai mult...]How to Integrate Applications and Scripts to a Linux Desktop
How to Kill a Linux Process by Port Number
How (and Why) to Disable Root Login Over SSH on Linux
You need someone with the authority to own and administer those parts of your operating system that are too important or too sensitive for regular users to deal with. That’s where root comes in. root is the all-powerful superuser of Unix and Linux operating systems.
The root user account, like all accounts, is protected by a password. Without the root user’s password, no one else can access that account. That means root’s privileges and powers cannot be used by anyone else. The flip side is that the only defense between a malicious user and root’s powers is that password. Passwords, of course, can be guessed, deduced, spotted written down somewhere, or brute-forced.
If a malicious attacker discovers root’s password they can log in and do anything they like to the entire system. With root’s elevated privileges there are no restrictions on what they can do. It would be just as if the root user had walked away from a terminal without logging out, allowing opportunistic access to their account.
Because of these risks, many modern Linux distributions don’t allow root to login to the computer locally, never mind over SSH. The root user exists, but they don’t have a password set for them. And yet, someone has to be able to administer the system. The solution to that conundrum is the sudo command.
sudo allows nominated users to temporarily use root-level privileges from within their own user account. You need to authenticate to use sudo, which you do by entering your own password. This gives you temporary access to root’s capabilities.
Your root powers die when you close the terminal window they were used in. If you leave the terminal window open they’ll timeout, automatically returning you to regular user status. This provides another type of protection. It protects you from yourself.
If you habitually log in as root instead of a regular account, any mistakes you make on the command line could be catastrophic. Having to use sudo to perform administration means you’re more likely to be focused and careful about what you type. Allowing root login over SSH increases the risks because attackers don’t have to be local; they can try to brute-force your system remotely.
How to Set Up Bluetooth on Linux
How to Parse CSV Data in Bash
A Comma Separated Values file is a text file that holds tabulated data. CSV is a type of delimited data. As the name suggests, a comma “,” is used to separate each field of data—or value—from its neighbors.
CSV is everywhere. If an application has import and export functions, it’ll almost always support CSV. CSV files are human-readable. You can look inside them with less, open them in any text editor, and move them from program to program. For example, you can export the data from an SQLite database and open it in LibreOffice Calc.
However, even CSV can become complicated. Want to have a comma in a data field? That field needs to have quotation marks “"” wrapped around it. To include quotation marks in a field each quotation mark needs to be entered twice.
Of course, if you are working with CSV generated by a program or script that you have written, the CSV format is likely to be simple and straightforward. If you’re forced to work with more complex CSV formats, with Linux being Linux, there are solutions we can use for that too.
[mai mult...]How to Trap Errors in Bash Scripts on Linux
How to List All Users In a Group on Linux
Files and directories on Linux have a set of permissions for the owner, another set for the group the file is allocated to, and permissions for everyone who isn’t in one of the previous two categories. Each set of permissions defines whether the members of that category can read, write, or execute the file. In the case of a directory, the execute action equates to being able to cd into the directory.
The default group for a file or directory is the default group of the owner. That’s usually the person who created it. The group permissions are used to allow a collection of users to have controlled access to the files and directories of the other members of that group.
[mai mult...]How to Calculate Subnet Masks on Linux With ipcalc
Subnetting is a way to break a large network into smaller, connected pieces. Each piece is called a subnet. You might choose to organize your network so that your sales team uses one subnet, HR use another subnet, customer support use yet another subnet, and so on.
There are significant benefits to this. The first has to do with security and control. Without subnetting, everything is one big “flat” network. With subnetting, you can decide which subnets can talk to other subnets. Different subnets have different IP address ranges and use different subnet masks, which we’ll talk about in a moment.
Your router must be configured to allow traffic from one subnet to reach another subnet. And, because the router is a managed device, that gives you control over the type of traffic and interaction that is allowed between different subnets.
Subnetting can also prevent unauthorized users and malware from roaming through your network unchecked. Or at the very least, it’ll slow them down. Think of it like a submarine. If you get a hull breach in one section, you can close bulkhead doors so the rest of the vessel doesn’t get flooded. Subnets are like those bulkhead doors.
Often, there are performance benefits purely from the act of subnetting a large network. If your network is big enough and busy enough, that performance increase will come from the reduction of network traffic inside each subnet. The drop in ARP traffic alone might make things seem more responsive.
And of course, once your network is compartmentalized, it’s easier for your IT staff to understand, maintain, and support your infrastructure.
IP Addresses and Subnet Masks
That all sounds great, and it is. But it means we need to be very particular in our IP addressing. We need to use part of the IP address for the network ID, and part of the IP address for the device addressing. With subnets, we also need to use part of the IP address for the subnet.
IPv4 IP addresses use four three-digit numbers separated by periods. It’s called dot-decimal notation. The range of these numbers is 0 to 255. The first two numbers are the network ID. The third is used to hold the subnet ID, and the fourth number is used to hold the device address. That’s in simple cases.
Numbers are represented inside computers as sequences of binary values. If there are so few devices in the subnet that there are unused high bits in the device address number range, these “spare” binary bits can be used by the subnet ID.
How does the router or any other network device know what the composition of the IP address is? What indicates whether the subnet ID is wholly contained in the third number or if it poaches some of the high bits of the fourth number? The answer to that is the subnet mask.
The subnet mask looks like an IP address. It is four three-digit numbers, and the range of the numbers is from 0 to 255. But they really need to be thought about in their binary form.
Every binary bit that is a 1 in the subnet mask means the corresponding bit in the IP address refers to the network ID or subnet ID. Everything that is a zero in the subnet mask means the corresponding bit in the IP address refers to a device address.
Let’s take a typical IP address and apply a subnet mask to it. The subnet mask has 255 for each of the first three numbers, and 0 for the fourth.
- IP address: 192.168.1.0
- Subnet mask: 255.255.255.0 = 11111111.11111111.11111111.00000000
In binary 255 is 11111111. If the subnet mask bits are set to one, the corresponding bits in the IP address refer to the network ID and subnet ID. 255 in the subnet mask means all of the bits in the corresponding number in the IP address refer to the network ID or subnet ID.
The fourth number is zero, meaning no bits are set to one. So that number refers to the network device addresses. So our subnet mask of 255.255.255.0 means the first three numbers of the IP address hold the network ID and subnet ID, and the last number is reserved for network device addresses.
That means that a side effect of all this is that the subnet mask also determines how many bits in the IP address can be used to identify individual devices. In other words, the subnet mask determines which bits in the IP address identify the subnet and how many devices that subnet can contain.
Altering the subnet mask has a dramatic effect on the network. That’s why we need to get it right.
[mai mult...]