To configure postfix to relay mail using another MTA, you may do the following steps:
postconf -e 'relayhost = smtp.to.relay.com'
postconf -e 'smtp_sasl_auth_enable = yes'
postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'
postconf -e 'smtp_sasl_security_options='
smtp.to.relay.com with the original MTA hostname that you going to use for relaying. Now, create the
sasl_passwd file in
/etc/postfix with the following inside:
Now, use postmap to generate postfix hash db:
You can verify if it’s working with the following:
postmap -q smtp.to.relay.com /etc/postfix/sasl_passwd
This will return the username and password for your smtp relay host.
Now all you need to do is to restart the postfix
service postfix restart
There are cases, where you might want to use OpenVPN to redirect only a fraction of traffic, but not all. By default, after you connect to OpenVPN, server would push the call
'redirect-gateway' to the client to make the client divert all the traffic through
This behavior can be override with the following command line argument:
--pull-filter ignore redirect-gateway
You can add it in the openvpn command line as following:
openvpn --pull-filter ignore redirect-gateway --config "your_file.ovpn"
Once this is done, remember that, you have to route the targetted traffic using either the
route command or
'ip route' command, otherwise no traffic will route through your openvpn tunnel network.
If you are using OpenVPN in a Linux platform through command line, it is always handy to be able to save the authentication information in a file and let openvpn use them. There are two ways you can do it.
First save the password in a file e.g auth.txt with two lines:
First line is for username and the second line is for password.
If you are using .ovpn files for configuration, open the .ovpn file and simply add the following:
Now, your authentication would use the authentication given in that file
You may add the
auth-user-pass in the openvpn command line argument, but you have to make sure, this is passed after the
--config. Here is an example
openvpn --config "your_file.ovpn" --auth-user-pass "auth.txt"
That should be enough.
If you are trying to use a command, fuser, that is used to identify process using lock file or socket file, and having the following error:
-bash: fuser: command not found
that means, your system doesn’t have the psmisc package installed. Usually, killall, fuser type of commands are under this package. CentOS 7 sometimes, do not install the package by default. To install it, run the following:
yum install psmisc -y
Once done, you should be able to use fuser command.
You can obviously use RSA public/private keypair to access servers without password, although, sometimes, it may be desirable to use ssh password on a command line and run a remote command on another server. This can be done using a tool called ‘sshpass’. You can create a simple bash script using sshpass, that can help you monitor and control multiple servers from a single location.
How to use ssh password in script
First install sshpass:
# yum install sshpass -y
Once done, you can use sshpass command as following:
# sshpass -p "SSH_Password" ssh -o StrictHostKeyChecking=no SSH_Username@remote-ssh-server "yourcommand"
Just replace, the password, username, remote-ssh-server and your command with your desired setup, and viola!
Note: If yum says, the following:
No package sshpass* available.
then you would need to install epel repository to install sshpass. To install epel, run the following:
# yum install epel* -y
How To Check if an IP is Available or Not in Bash
A quick trick I use is ‘ping’ command. PING will return 0 on success and 1 or above on failure while using it with -c 1 (Means only one ICMP packet). That makes it useful to use with a if condition shell code as following:
if ping -c 1 -w 5 192.168.2.1 >/dev/null
echo "IP Available"
echo "IP Not Available"
How to Check If A File Exists or Not in Bash Script
You can use if condition in bash script to do that. If conditions takes ‘-f’ to test if a file exists or not. Syntax would be the following:
$FILE = $1
if [ -f $FILE ]; then
echo "File Exists"
echo "File Do Not Exist"
Now, if your script only demands to check if the file do not exist, you can use a unary operator for negate the boolean value as following:
$FILE = $1
if[ ! -f $FILE ]; then
echo "File Do Not Exist"
Sometimes, for development purposes, you may want to restrict access to the folder, only to your IP, and deny others from accessing that folder. One way to do that is to use htaccess rules. A common rule, could be denying all the users and allowing your IP. To find out, your IP, you may visit the following:
Note the IP it has reported. Open the folder that you want to protect. Find the .htaccess file under the folder (If no file available, create one) and add the following:
deny from all
allow from <your IP goes here>
Replace the <your IP goes here> from the snippets with the IP you have noted from ifconfig.co. Now, your folder should be accessible only from your IP.
Sometimes, you may want to run a screen command in a remote server. That makes it necessary to run the command inside the screen session while starting it.
How to start a screen session and run a command in one line
# screen -d -m sh -c "yourcommand"
From the man page of Screen:
-d -m : Start screen in “detached” mode. This creates a new session but doesn’t attach to it. This is useful for system startup scripts.
sh -c: Starts a shell and runs a command for you.
Starting from Cpanel 11.58, Cpanel is offering Free SSL, issued by ‘Cpanel INC’ for free of charge to the valid cpanel license owner. If you are using cpanel, login to your WHM >> Providers >> Enable Cpanel & from Options >> Check Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.
Now, running upcp should automatically install the free SSL for your cpanel server hostname. If it doesn’t, it is probably because your server IP and the hostname IP are resolving to wrong address. To understand and troubleshoot the problem, run the following script from command line:
This script checks and installs certificate for expired, invalid and self signed certificates for the server services. If you are seeing an error like the following:
[WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID 62hp6x) The system queried for a temporary file at “http://server91.mellowhost.com/.well-known/pki-validation/D92868E512FB02354F2498B94E67430B.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
It means, your hostname is resolving to the wrong IP. You would need to check if the hostname is resolving to an IP which has first virtualhost pointed to /var/www/html or not under /etc/apache2/conf/httpd.conf