Guest Article: Kickstart Vol. II

Today’s guest article is a continuation of the Kickstart theme. The first Kickstart article can be found here. Thanks goes out to dos2unix from the Linux.org forums.

I should mention again that I don’t actually know anything about Kickstart, other than what I’ve read in these articles. I’m extremely grateful, but you may want to check back a few times to ensure all the editing is complete!

Kickstart Vol. II:

Now that we have your web server, dhcp, and tftp server configured, we will need to enable the firewall for them.

On Fedora it looks like this:

Now we need to extract the iso files you have handy (you did already download these, right?) I should have mentioned you will need the “server” version of these iso’s. There is a way to make the workstation iso’s work, but that’s for another more advanced article.

For the example here, I put everything in: 

When that gets done copying, we can add another OS’s iso if you like:

If you have more iso’s repeat the same for CentOS or Redhat or whatever you have.

Again, when it gets done copying, simply umount the iso image. I confess, I’m something of a minimalist. I like short names like pub/fed35srv. If you like long names you could have something like /public/fedora35-server/x86_64/ I’m too lazy to type all of that in all my config files.

Now we will install the boot kernels. This isn’t actually the full kernel yet, just a lite kernel with enough parts to boot the system from the network.

Just about all computers have one of two types of internal configuration systems. Legacy BIOS and UEFI. Most newer computers in the last 8 years or so,are UEFI, but there are still plenty of Legacy BIOS systems around. For the purpose of this article we will set-up for both types.

In your /var/lib/tftpboot directory, we will make two directories. One for BIOS and one for UEFI.

Technically you could rename the efi directory to something else, but the pxelinux for legacy BIOS systems is hardcoded in some files.

Now you will need to download a couple of files. I recommend using the Fedora 35 version, even if you are going to be installing Redhat or CentOS. They are newer, have more features, bug fixes, and support more hardware.

But you can use the CentOS or Rehat versions if you want to. Shim-x64, grub2-efi-x86, and grub2-efi-x64-modules. We will need to extract these rpms. You can do this in /tmp or somewhere safe.

If it says this is already installed, replace install with reinstall. These are the efi files you will need for efi based systems.

This will create 3 directies in /tmp.

You can delete these directories in /tmp if you like, you are done with them. Make sure you don’t put a leading / and actually delete /usr and /etc.

The next part depends on what iso’s you have downloaded and extracted. But hopefully you will get the idea.I am using Fedora 32, Fedora 35, and Redhat 9 as my examples. You can use whatever directory names you like.

That’s enough for this article, will add next part later.

Closure:

And there you have it, another article and this one is a guest article – just like yesterday and probably just like tomorrow. I’m extremely grateful for the respite and wish I knew more about Kickstart. I think, for future reference, I’m gonna ask that folks register and write the draft here. I think it’d streamline it.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 4 Average: 5]

Want To See The WiFi Password In The Terminal?

It’s remarkably easy (assuming one can gain access to a privileged account) to get the WiFi password from the terminal. It does generally require sudo or root. It’s literally three commands. It’s the kind of attack you’d possibly worry about in an office where you don’t regularly log out of your device when you leave it. It might be an akin to attack from the ‘evil maid‘, as well, but not just quite. 

It really requires only two pieces of knowledge. The first is how to gain elevated permissions on the device and the other is the name of the network device – usually easy enough to surmise. It’s pretty easy information to get under those circumstances – circumstances we may all have been guilty of. Perhaps we typed a sudo command and then walked off to get coffsssee while it updated itself? Who knows – but it’s really just that easy.

Is it a security issue? Not if your security is any good, it isn’t. But, if anyone has physical access to the device, they pretty much own the device. If your security is any good, nobody should get this far and internal practices would prevent fellow employees from doing much harm. I could speak for hours about security, I just can not seem to do it coherently. 

Anyhow, here’s how you view the wifi password in the terminal.

WiFi Password From The Terminal:

Obviously, you need an open terminal. Just press CTRL + ALT + T and your default terminal should open.

First, you must change to the directory where this sort of information is stored. 

Find the network name (SSID)… You can usually guess that, or narrow it down rapidly on sight, but you can also just find the SSID by typing iwgetid Either way, just enter this:

The password will be happily shown to you in plain text. I’m not even kidding. This is what the whole process looks like and shows you how easy it is:

I am elite hackor!
Tada! There it is in plain ol’ text, easily captured and saved away.

Obviously, I knew the sudo password – I’d have easily figured out the rest. Even if I didn’t, there really weren’t all that many choices and a little tab completion goes a long ways. It’s a good example of why you should lock your screen and logout of your computer if you’re going to be away from it. (Of course, there’s always a risk vs reward thing and it probably doesn’t really matter to most of us.)

Closure:

There you have it! You can now find the WiFi password from the terminal. This shouldn’t ever be a risk, because you already practice good security. But, it’s a fun little trick to know. It doesn’t take a whole lot of effort and it makes for another article. Another one is written and done!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 1 Average: 5]

Automatically Logout Of Your Shell

For security reasons, you’ll possibly automatically logout of your user sessions. If you didn’t know, you can actually do that with your shell, in the terminal. There’s already a variable (TMOUT) just for this reason, should you want to add it as a layer of security.

Basically, for today, we’re going to set it up so that it automatically logs inactive users out of their shell session. It doesn’t log you out of your complete user session, it just logs you out of your shell – after a set period of activity. It even closes the open terminal windows when it does so.

So, depending on the interval you use, you can set it up to log you out of your shell instances after just a few minutes of inactivity. If you have nosy neighbors, like people physically near your computer, it can be a nice way to make sure things are all locked before you head off to the bathroom.

It’s useful for that sort of stuff. It’s just an added layer of security. I think that it is a pretty handy feature. I’ll explain how to enable it on a user-by-user basis and how to make it system-wide, giving you a choice. It’s actually pretty easy, so read on!

Automatically Logout Of Your Shell:

Like most good things in the Linux world, you’ll need an open terminal to take advantage of this article. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Both of these ways are pretty simple, in each case you add some text (using nano) to a profile file. The text in either case is the same. If you want to do it for just one user, the user you’re currently using, then run the following:

Add the following:

So, if you wanted it to be 10 minutes of inactivity before being logged out, you’d use TMOUT=600, because 600 seconds is 10 minutes. As you’re using nano, you can press CTRL + X, then Y, and then ENTER to save the file.

You’ll then force the profile to load, the command taking effect immediately, with this:

If you want to do it with the full system, the online guides will tell you to edit /etc/profile and that it’ll work if you do. My experiences are different and this is tested across multiple systems. You’ll be editing /etc/bash.bashrc, just like you did above but with sudo. (Using /etc/profile has not worked for me.)

Again, you add ‘TMOUT=600″ or however many seconds you want to wait. Personally? I scrolled to the bottom of the file, made a new line, and added the text that way. You could be all professional and add a comment indicating when and why you were there. I did nothing of the sort.

Unlike the first command, you’ll not be able to reload the second method (system-wide configuration) with ‘source ~/…’. As near as I can tell, you’ll have to restart the system for the changes to take place. If someone has a way to load it without rebooting, I’ll update the article. Please leave a comment if you do know of a way!

Closure:

There you have it, another article! This one tells you how to automatically logout from your shell. I’m not sure if it works for all shells, so feel free to test and see what sort of results you get. I’m pretty sure the 2nd option could be reloaded without rebooting, but I can’t think of which command. Which service would need restarting? I dunno?

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 3 Average: 5]

How To: Change Your Password In The Terminal

It’s considered good form to change your password once in a while. This may not be something important for you, but others may appreciate it. It may be corporate policy or regulations that make you need to change your password, or you could just be more security minded than many others. No matter what, this article tells you how.

The tool we’re using in today’s exercise is called ‘passwd‘, which is a tool to help make and manage passwords. It’s a bit complicated, but it uses something called hashing and stores a hash instead of a plain-text password.

When you login, your password is checked against the hash that was created when the password was created. This prevents people from easily reading your stored password, stored of course because there must be something to check against.

If one remembers way back to the start of this project, my goal is to put my notes online. This article is in my notes, which is why this is such a simple article. Indeed, this article should be pretty straightforward and easy to understand. I’d definitely call it a beginner-friendly article.

Change Your Password:

Like most always, you need to open your terminal. You can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have your terminal open, the command you’re looking for is:

If you already have a password, you’ll need to type your current password and then you’ll type the new password twice. When you logout or next need to use your password, your new password will be required. You don’t need ‘sudo’ for this, as the password you’re changing belongs to you.

Seeing as this is short, I’ll toss in another use of passwd. If you want to change the password for a different user, you just use this command:

Change the obvious to the obvious, specifically the username. This command does require ‘sudo’, because you’re changing a password that doesn’t belong to the current user.

There’s more that can be done with passwd, but those things are beyond the scope of this article. I’d expect to see some more passwd uses covered in the future, but you can get a head start by typing man passwd into your terminal and learning about the other options.

Closure:

That’s it, really. I told you that this one would be short and easy! Sure enough, it’s pretty easy. Many of my notes are regarding people who are new to Linux, but it’s still nice to get more of them online. I dare say we’re coming along nicely.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!
[Total: 5 Average: 5]