How to Save OpenVPN Username & Password

If you are using OpenVPN in a Linux platform through command line, it is always handy to be able to save the authentication information in a file and let openvpn use them. There are two ways you can do it.

First Method

First save the password in a file e.g auth.txt with two lines:

username
password

First line is for username and the second line is for password.

If you are using .ovpn files for configuration, open the .ovpn file and simply add the following:

auth-user-pass auth.txt

Now, your authentication would use the authentication given in that file

Second Method

You may add the auth-user-pass in the openvpn command line argument, but you have to make sure, this is passed after the --config. Here is an example

openvpn --config "your_file.ovpn" --auth-user-pass "auth.txt"

That should be enough.

Troubleshoot: -bash: fuser: command not found

If you are trying to use a command, fuser, that is used to identify process using lock file or socket file, and having the following error:

-bash: fuser: command not found

that means, your system doesn’t have the psmisc package installed. Usually, killall, fuser type of commands are under this package. CentOS 7 sometimes, do not install the package by default. To install it, run the following:

yum install psmisc -y

Once done, you should be able to use fuser command.

How To: Use SSH Password in a Script

You can obviously use RSA public/private keypair to access servers without password, although, sometimes, it may be desirable to use ssh password on a command line and run a remote command on another server. This can be done using a tool called ‘sshpass’. You can create a simple bash script using sshpass, that can help you monitor and control multiple servers from a single location.

How to use ssh password in script

First install sshpass:

# yum install sshpass -y

Once done, you can use sshpass command as following:

# sshpass -p "SSH_Password" ssh -o StrictHostKeyChecking=no SSH_Username@remote-ssh-server "yourcommand"

Just replace, the password, username, remote-ssh-server and your command with your desired setup, and viola!

Note: If yum says, the following:

No package sshpass* available.

then you would need to install epel repository to install sshpass. To install epel, run the following:

# yum install epel* -y

Programming: How To Check if an IP is Available or Not in Bash

How To Check if an IP is Available or Not in Bash

A quick trick I use is ‘ping’ command. PING will return 0 on success and 1 or above on failure while using it with -c 1 (Means only one ICMP packet). That makes it useful to use with a if condition shell code as following:

if ping -c 1 -w 5 192.168.2.1 >/dev/null
then
echo "IP Available"
else
echo "IP Not Available"

Programming: How to Check If A File Exists or Not in Bash Script

How to Check If A File Exists or Not in Bash Script

You can use if condition in bash script to do that. If conditions takes ‘-f’ to test if a file exists or not. Syntax would be the following:

$FILE = $1
if [ -f $FILE ]; then
echo "File Exists"
else
echo "File Do Not Exist"
endif

Now, if your script only demands to check if the file do not exist, you can use a unary operator for negate the boolean value as following:

$FILE = $1
if[ ! -f $FILE ]; then
echo "File Do Not Exist"
endif

 

How To: Restrict a Folder to Your IP Only

Sometimes, for development purposes, you may want to restrict access to the folder, only to your IP, and deny others from accessing that folder. One way to do that is to use htaccess rules. A common rule, could be denying all the users and allowing your IP. To find out, your IP, you may visit the following:

http://ifconfig.co

Note the IP it has reported. Open the folder that you want to protect. Find the .htaccess file under the folder (If no file available, create one) and add the following:

order deny,allow
deny from all
allow from <your IP goes here>

Replace the <your IP goes here> from the snippets with the IP you have noted from ifconfig.co. Now, your folder should be accessible only from your IP.

How To: Start a Screen Session and Run a Command at a Time

Sometimes, you may want to run a screen command in a remote server. That makes it necessary to run the command inside the screen session while starting it.

How to start a screen session and run a command in one line

# screen -d -m sh -c "yourcommand"

From the man page of Screen:

-d -m : Start screen in “detached” mode. This creates a new session but doesn’t attach to it. This is useful for system startup scripts.

sh -c: Starts a shell and runs a command for you.

 

How To: Install AutoSSL for Server Hostname – Cpanel Server

How about install Let’s Encrypt for Cpanel?

Before we start, you may first want to install Let’s Encrypt to use an Immediately Issuing provider for your SSL in Cpanel?

https://mellowhost.com/blog/how-to-install-lets-encrypt-in-cpanel.html

Once done, you may now continue using this tutorial to install Let’s Encrypt for your Service SSL in Cpanel/WHM/Webmail.

How To Install AutoSSL for Server Hostname / Webmail / Cpanel / WHM

Starting from Cpanel 11.58, Cpanel is offering Free SSL, issued by ‘Cpanel INC’ for free of charge to the valid cpanel license owner. If you are using cpanel, login to your WHM >> Providers >> Enable Cpanel & from Options >> Check Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates.

Now, running upcp should automatically install the free SSL for your cpanel server hostname. If it doesn’t, it is probably because your server IP and the hostname IP are resolving to wrong address. To understand and troubleshoot the problem, run the following script from command line:

# /usr/local/cpanel/bin/checkallsslcerts

This script checks and installs certificate for expired, invalid and self signed certificates for the server services. If you are seeing an error like the following:

[WARN] The system failed to acquire a signed certificate from the cPanel Store because of the following error: (XID 62hp6x) The system queried for a temporary file at “http://server91.mellowhost.com/.well-known/pki-validation/D92868E512FB02354F2498B94E67430B.txt”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.

It means, your hostname is resolving to the wrong IP. You would need to check if the hostname is resolving to an IP which has first virtualhost pointed to /var/www/html or not under /etc/apache2/conf/httpd.conf

Troubleshoot: You must upgrade to Litespeed “5.2.1 build 2 or later”, in order to upgrade to the next version of cPanel & WHM.

Error Message

You must upgrade to Litespeed “5.2.1 build 2 or later”, in order to upgrade to the next version of cPanel & WHM.

Explanation

The error appears because Litespeed below 5.2.1 doesn’t have SSL compatibility with Cpanel 11.68. Although, this goes further, if you uninstall the plugin, and upcp will still fail to update the Cpanel/WHM. A workaround for this, is to install and uninstall the plugin through Litespeed auto installer. Here is how to do that:

Download Litespeed Auto Installer for Cpanel

# wget https://www.litespeedtech.com/packages/cpanel/lsws_whm_autoinstaller.sh
# chmod a+x lsws_whm_autoinstaller.sh

Install Litespeed for Cpanel/WHM using Auto Installer

# ./lsws_whm_autoinstaller.sh TRIAL 1 8080 username testpass1234 [email protected] 1 0

Uninstall Litespeed

# /usr/local/lsws/admin/misc/uninstall.sh

Uninstall Litespeed WHM Plugin

# /usr/local/cpanel/whostmgr/docroot/cgi/lsws/lsws_whm_plugin_uninstall.sh

Run upcp:

# /scripts/upcp --force

Quick Tip: How to Check Total Number of Mails in Postfix Queue

Exim provides a quick way to check the total number of mails in the queue. This is done using the exim -bpc Although, this is not the same for postfix. Postfix doesn’t come with an easy way to do that.

How to Check Total Number of Mails in Postfix Queue

A quick tip on what I use to check the postfix queue number is the following command:

# mailq | tail -n 1
-- 6899 Kbytes in 1518 Requests.

Basically, postfix returns the queue statistics at the end of the queue listing command. We are simply tailing that to find the number.