Category: Networking

How To: Make ‘wget’ Ignore Certificate Errors

In today’s article, we’ll learn how to make ‘wget’ ignore certificate errors. It’s an easy thing to do and can be pretty useful if you want to download stuff from a server with a broken or missing security certificate. It’s a simple process, one which even a new Linux user can follow – but it’s not one that comes up all that often and so it’s worth including here.

I’d like to save some time and not duplicate work, so I’d appreciate it greatly if you at least read the intro section from when I wrote how to make ‘curl’ ignore certificate errors.

That’s right, I’ve already written this article – except it was for ‘curl‘ and not for ‘wget’.  Well, this article is pretty much the same thing, except we’re talking about doing it with ‘wget’. So, read the intro to the curl article and you’ll be up to speed with regards to what a certificate is, why they’re important, and why you might want to ignore certificate errors.

That’ll save some time! Those of you who do not read the ‘curl’ article are on your own. Also, many of my readers will already know about security certificates and won’t need a tutorial or refresher course. 

By the way, we use SSL here on Linux Tips. In fact, we use HSTS Preload, which means it’s hard coded in Chromium browsers (or at least Chrome) and the site will simply refuse to load without a proper certificate. So, there’s that… I take security pretty seriously, something important when you’re using WordPress.

Make ‘wget’ Ignore Certificate Errors:

This article requires ‘wget’ which requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open. If ‘wget’ isn’t installed, install it. I am pretty darned confident that it’s in your default repositories.

If you don’t know, ‘wget’ is used to download stuff from servers – while  you’re using your terminal. It’s a basic concept, but the command can be pretty complicated. After all, there are some pretty complicated site structures out there, and of course your downloading needs will vary.

So, with that said, it’s really easy to do this. You’ll just use the “--no-check-certificate” flag, like so:

But wait, there’s more! You can actually make the ‘wget’ command ignore certificate errors all the time. If this is something you find yourself needing to add this to your ‘wget’ commands often, you can make it permanent. To do that, you just need to edit your ~/.wgetrc file (create it, if it doesn’t exist) with the following:

You won’t have to reload anything, that command should take effect the very next time you use the ‘wget’ command and you should now permanently be ignoring security certificate errors. 

Doing this might actually be a horrible idea. After all, you’re ignoring security warnings. That’s a bit like ignoring a ‘Bridge Closed’ sign and hoping for the best as you gun it to the tune of “Highway To The Danger Zone”. Or, it could be just fine ’cause not everything even needs a security certificate! It’s Linux. You get to decide.

Closure:

Whelp… You have a new article. In this one, I give you what could be horrible advice. You might not want to make ‘wget’ ignore certificate errors. I mean, they are security related. On the other hand, it’s likely just fine – assuming you do some basic verification. Ah well… I ain’t scared and it’s not my computer. I’ll happily teach you how to completely break your system. I ain’t scared.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Check Your SSH Server Configuration

Today, I’m going to show you how to check your SSH server configuration. It’s a simple process, but not one many people seem to know about. It’s also a pretty handy tool if you’re having SSH issues. Once again, this one isn’t all that complicated, I think… Read on!

So, why would you want to check your SSH server configuration?

Your SSH server might not be working. You may have made some changes and want to test it before moving it to production. An upgrade to the SSH application may have made some of the options different or even removed the options entirely.

There are all sorts of reasons why you’d want to check your SSH server configuration. Those are just a few of them. Not only will the article show you how to check your SSH configuration files – it’ll show you how to test alternative configurations. So, you can test your changes before making them – potentially saving you a physical trip to the server.

Check Your SSH Server Configuration:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

By the way, I would test/learn this on a local system. You’re potentially going to break things. In fact, let’s start by breaking them! Well, let’s create a backup first, and then we’ll break stuff.

Okay. Now let’s break something! Run this command:

Find a line that has a command and doesn’t start with a #. You can also remove the # from an option and it’ll be work. Find a one line option that has a “no” option field and change it to “oh_no” *sans quotes, though that probably won’t matter) and then save the file. 

(Also, to save the file in nano, press CTRL + X, then Y, and then ENTER and that should do it.)

Now, let’s check that SSH server configuration with the following command:

If things go according to plan, it will tell you that you have an error. On top of that, it will tell you on which line you have the error. If it doesn’t throw an error, it means your configuration is fine – or that you may need to restart your SSH service for it to see the new configuration.

If you do somehow need to restart SSH server (you shouldn’t have to), restart it with the following command:

Run the command again and that should definitely show the error, which you can easily fix by simply undoing what you did in the steps above and saving it. You almost certainly shouldn’t need to restart SSH to show the error, though you may want to restart it after you’re done playing around in the config file. Of course, if you did have to restart the SSH server, you’ll need to do so again after fixing the error you intentionally introduced.

BONUS: If you want, you can list the path and check a configuration file that’s not actually in use. So, you can check the configuration file before putting it into production. That’s just:

Again, under normal circumstances, it won’t show any output if it finds no errors. It only outputs information if there’s actually an error. So, a null response is considered normal and good.

Closure:

See? Nice and easy. Now you can check your SSH server configuration for errors – even doing so before putting the config into production. It’s a pretty handy tool to have. Also, you’ll need SSH installed and running on the machine you’ll be testing with. I figure that’s obvious, but I better mention it somewhere or someone will point it out or ask about it. Then again, people seldom read this far down in an article.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Change Your Hostname

In today’s article, we’re going to learn how to change your hostname in Linux. It’s a pretty easy article to follow along with, so even if you’re a beginner you can follow along. If you’re an advanced user, you probably already know how to do this. If not,  you will now.

So, what is your hostname? Basically, it’s the name of your computer (generally speaking). You login as <your_username> to a computer referred to by its <hostname>. So, in this case, I’m currently kgiii@kgiii-lmde. The ‘kgiii-lmde’ is the hostname. When you open your terminal, in all likelihood it shows you the <user>@<hostname> at the start of your regular prompt.

You can do some neat stuff with the hostname. For instance, and depending on the distro, it’s often local or localhost, you can connect to your LAN devices (without knowing the IP address) by connecting to <hostname>.local. This is handy for using SSH around the house, or even for using FTP or whatever.

If you don’t know your hostname, you can use one of the following commands to figure it out:

Or you can try:

There are other ways to show the hostname, but those two should be enough to get you sorted out. Either of them will happily spit out the hostname. Now that you know your hostname, it’s time to learn how to …

Change Your Hostname:

Like so many other articles on this site, this one requires an open terminal to continue. So, just press CTRL + ALT + T and your default terminal should open.

With your terminal open, enter the following command:

That should permanently change your hostname to the new hostname you chose to use in the command. You can actually change it temporarily, it will not be persistent between reboots, with the hostname command. to do that you’d just sudo hostname <new_hostname> and it’ll change it for the current session only.

To verify that you’ve changed your hostname, run one of the commands listed in the preamble section of this article. (Just type hostname and to verify you know how to change your hostname.)

Anyhow, that’s all there is to it. You really don’t need anything more than that if you want to change your hostname in Linux. Anyone should be able to follow the few directions needed.

Closure:

There you have it, another article. To think, we’re over 200 articles now. This is just one more among many, and this one is easy enough to follow. If you ever wanted to change your hostname, now you know…

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Turn Your Ubuntu Into A Wireless Hotspot

Have you ever wanted to use your Linux computer as a wireless hotspot? It’s actually pretty easy. Today’s article will get you started and it really isn’t all that difficult. We will actually be cribbing a bit of this article from the software’s homepage, but while some more, rather important, information added.

For many years, I used my own router that I had configured on my own hardware. It was built on Linux. The preceding version actually ran on BSD, but that’s not important for a site called Linux-Tips. Today, you can get a NUC or Pi for dirt cheap and so making a new router is back on my list of things to do. In other words, it’s a fun project that won’t take a lot of money to get into.

All of the varied software and hardware components are already there to make your own router, but I want to enable wireless connectivity. a wireless hotspot, and that’s what we’re going to look at today. The tool we’re going to use is called ‘linux-wifi-hotspot‘ That’s is a great tool, complete with GUI if wanted, written by lakinduakash. It has only been around for a few years, but it’s spoken of very highly – and it just works and works well.

At least it worked the last time I used it. This article is from the old site and I’m just moving it to this site. I actually haven’t bothered much with my own router for the past year or so. So, this information is a bit dated.

Turn Your Ubuntu Into A Wireless Hotspot:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

The software is easy enough to install. If you’re using Debian/Ubuntu, just add the PPA and install the software. To add the PPA, you just run:

On a modern Ubuntu, you shouldn’t need to do this, but you might want to go ahead and run a quick update with:

Then you can install the software, starting to get your system into a workable wireless hotspot. To do that, it’s just:

If you want, you can visit the link above (in the preamble), click on releases, and download the .deb file for the current release and just install it with gdebi. In this case, I’d suggest installing with the PPA – just to make sure

Then, you can go ahead and start it. You can also go ahead and make it start at boot, which would be prudent if you intended to use this to make your own router. It’s really self-explanatory and without specific questions for using it, I’m just going to refer you to the man page and the information at the project page.

Caveats:

But, before you can even do all of this, you need to know that your wireless adapter actually supports doing this. To find out, you need to know if your wireless adapter supports “AP” mode. AP obviously meaning ‘Access Point’.

To check this, you need to run the following command:

The project page is noticeably silent with this, but it’s a necessary step. See, you need to know if your hardware actually supports it before you even bother trying. Come to think of it, I probably should have put this closer to the top of the page! Ah well…

Anyhow, the output should contain one or both of the following lines:

Device supports AP scan.

And/Or:

Driver supports full state transitions for AP/GO clients.

So long as you see one or both of those, you should be all set to proceed. If you don’t see either of them, there’s no software solution and you’ll need to get hardware that supports AP mode. In many cases, that’ll mean doing a bunch of research and may even mean contacting the vendor or OEM.

Nobody appears to have compiled a list of hardware that supports AP mode and I don’t think I’ve ever bought wireless adapters that explicitly stated they do on the box. As near as I can tell, more modern adapters support it just fine, so you’ll probably be alright. Online specs are more thorough than what’s printed on the outside of the box, so maybe searching is okay.

Closure:

Alright, there’s your article for the day. I have no idea if you want to make a wireless hotspot for your Linux box, but now you know how. It’s pretty self-explanatory, and you shouldn’t have any questions. If you do, you know where to find me – or to find others who can help you – at Linux.org.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Let’s Use ‘netstat’ To Find Out What Process Is Listening On A Specific Port

Today’s article is going to teach you how to use ‘netstat’ to find out what process is listening on a specific port. If you have open ports and don’t know why – and what’s listening on that port, you’re not making good security choices.

Let’s say you followed an article about how to monitor TCP/UDP in real time. If you’re new, or even just not all that advanced with Linux and networking, you might not know why there are all those ports and all that activity. Well, one of the things you should know is how to identify what process is listening on a specific port.

There are a number of ways to do this, but we’ll be using ‘netstat’. The ‘netstat’ application can be pretty advanced, but what we’ll be doing is pretty straightforward. If you’re curious, ‘netstat’ defines itself thus:

Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

As you can see, it’s a pretty advanced application. It has a rather expansive man page, and we’ll largely ignore that as we really only need some limited functionality. All we really need to do, for this exercise, is find out what process is listening on a specific port.

With that in mind, let’s leap into the meat of the article…

What Process Is Listening On A Specific Port:

This article requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have that open, you’ll need to find out if you have ‘netstat’ already installed. There are many ways to do this, I prefer:

If you do not have ‘netstat’ installed, it’s certainly available for all mainstream distros and easily installed from your default repositories. Here’s how to install on a few distros:

Debian/Ubuntu/Mint/etc:

RHEL/CentOS/Fedora/Rocky Linux/etc:

SUSE/OpenSUSE/etc:

If you’re using a different distro, root through the default repositories. It’s a pretty common tool and I’d like to imagine it’s easily available to anyone.

Once you have ‘netstat’ installed, the command we’re going to use is really, really, simple. In fact, I wrote this whole darned article mostly for just one command. I probably could have made it shorter. Still, it might as well be long enough to give some extra information along the way.

Anyhow, the command you run is this:

For example, you might have an open port 22 and want to know what process is listening on that specific port. So, you’re command would look like this:

The end result will look something like this:

netstat being used to find out which process is listening at a specific port
While not completely clear, you can deduce that it’s just the SSH daemon listening on port 22.

It may not be completely clear, but you can use this to deduce what process is listening on a specific port. If it’s not completely clear, you can get actually dig a little deeper. See the “1100” in there? Well, that’s the PID (Process ID) and you can use the following command to get more informtion. It looks like this:

The output from that in this case is:

Which, as we know, is the daemon for SSH and thus nothing unexpected is running on port 22. See? Security!

Closure:

And there you have it, another article. This one is a pretty handy one, especially for when you want to know what process is listening on a specific port. If you have things running that you can’t identify, you can always stop by Linux.org and ask for help. Someone there will try to find out what’s going on for you.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Subscribe To Our Newsletter
Get notified when new articles are published! It's free and I won't send you any spam.
.
Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.