VirtualBox on Redhat(Fedora) Machines

This is a tutorial on how to get VirtualBox up and running on redhat flavoured machines To carry out the following task you have to have root access on the host Machine

1.) Get the VirtualBox package from the VirtualBox website for Fedora and install it.

rpm -ivh VirtualBox-1xxx.xxxx.xxxx_fedoraX-X.ixxx.rpm

2.) Get the kernel-devel package:
sudo yum install make automake autoconf gcc kernel-devel

3.) Run the setup file for VirtualBox:
sudo /etc/init.d/vboxdrv setup

4.) Add yourself to the “vboxusers” group (don’t forget the “-” dash!):
su -
usermod -G vboxusers -a username
exit
5.) Run, and enjoy!
VirtualBox

I would strongly suggest to disable compiz while using virtualbox. I have noticed that things get Exceptionally slow if turned on

Enjoy!!!

Remove old kernels on Fedora/Centos/RHEL

First I figure out what kernel I am actually running now so I don’t try and delete it. I am not sure what would happen if I tried but I am not going to find out. To determine the running kernel, use uname -r. I am running 2.4.21-52.ELsmp .

Next we want to see what other kernels are installed to find what we can delete. Do this like so:

[root@localhost root]# rpm -q kernel
kernel-2.4.21-37.EL
kernel-2.4.21-37.0.1.EL
kernel-2.4.21-40.EL
kernel-2.4.21-47.EL
kernel-2.4.21-47.0.1.EL
kernel-2.4.21-50.EL
kernel-2.4.21-51.EL
kernel-2.4.21-52.EL

I see that we have 7 old kernels installed. Now to delete them, just use rpm -e like so:

rpm -e kernel-2.4.21-37.EL

or you can use yum remove < kernel>

or more fany stuff is to use this command

yum remove $(rpm -qa | grep kernel | grep -v `uname -r`)

This will remove all the old kernel except the current one

Control Virtual Machines from Command line

Vmware workstation and vmware server comes with a command called vmrun which can be used from command line to control the virtual machines, without having to use GUI such as vi web access

The vmtool gets installed in the host system as part of vmware workstation/server install on linux the executable is located under /usr/bin/

#vmrun vmrun start /vmware-machines/WinXP-VM2/WinXP-VM2.vmx ( basically you are specifying the vmx file of the virtual machine )

some of the controls are

start: Start VM

Stop: Stop VM

reset: restart or reboot the vm

suspend: suspends the vm based on fast restart via start

Pause: pause the machine

unpause: unpause the machine

And also if you want to control the vm from remote host you can type the following command

vmrun -T server -h https://vmwarehost.address:8333/sdk -u root -p mypassword stop "/vmware-machines/WinXP-VM2/WinXP-VM2.vmx"

Recover Apple Mac Keychain password

Go to your home folder, find the Library folder and drag the Library>Keychains folder to the trash.

Restart the computer and a new keychain will be created using your current system password.

If you have forgotten you whole system password then you will need to reset it using your System Restore disk

Is your “Keychain password” the same as your “Administrator password”, the one you use to install software? Or do you have a user account a Mac OS X machine where someone else is the system administrator?

If you’re the administrator and you’ve forgotten the password to the login keychain and the administrator password, I am afraid you’ve permanently lost the contents of your keychain. However, you can recover from the situation without reinstalling the entire OS.

First, reset the administrator password using the Mac OS X disc:

1. Insert the Mac OS X Install disc and restart the computer.
2. When you hear the startup tone, hold down the C key until you see the spinning gear.
3. When the Installer appears, choose Utilities > Reset Password.
4. Follow the onscreen instructions to change the password.
5. Quit the Installer and restart your computer while holding down the mouse button to eject the disc.

After the Mac has restarted, you’d normally now need to change the password for the keychain called “login” to match the new admin password, but since you’ve forgotten it you’ll need to delete the old login keychain. Do the following steps:

1. Open Keychain Access, located in /Applications/Utilities.
2. Choose Keychain List from the Edit menu.
3. Select the “login” keychain.
4. Click Delete (the “-” button).

The login keychain will now be empty. The next time the keychain is needed you’ll have to manually enter the appropriate password and then you’ll be asked if you want to store the password in the keychain

Solve Codec problem on Ubuntu Linux

The Ubuntu Restricted Extras will install Adobe Flash Player, Java Runtime Environment (JRE) (sun-java-jre) with Firefox plug-ins (icedtea), a set of Microsoft Fonts (msttcorefonts), multimedia codecs (w32codecs or w64codecs), mp3-compatible encoding (lame), FFMpeg, extra Gstreamer codecs, the package for DVD decoding (libdvdread3, libdvdcss2), and the unrar archiver. This is a single command approach.

sudo apt-get install ubuntu-restricted-extras

[edit]

Network Troubleshooting Linux

Sources of Network Slowness

• NIC duplex and speed incompatibilities
• Network congestion
• Poor routing
• Bad cabling
• Electrical interference
• An overloaded server at the remote end of the connection
• Misconfigured DNS

TEST YOUR NIC

It is always a good practice in troubleshooting to be versed in monitoring the status of your NIC card from the command line. The following sections introduce a few commands that will be useful.

The ifconfig command without any arguments gives you all the active interfaces on your system. Interfaces will not appear if they are shut down:

[root@bigboy tmp]# ifconfig

Note: Interfaces will appear if they are activated, but have no link.

DHCP Considerations

DHCP clients automatically give their NICs and IP address starting with 169.254.x.x until they can make contact with their DHCP server. When contact is made they reconfigure their IP addresses to the values provided by the DHC server. An interface with a 169.254.x.x address signifies a failure to communicate with the DHCP server. Check your cabling, routing and DHCP server configuration to rectify such a problem.

Testing Link Status from the Command Line

Link Status Output from ethtool

[root@test.com tmp]# ethtool eth0

Settings for eth0:
        Supported ports: [ TP MII ]
        Supported link modes:   10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Supports auto-negotiation: Yes
        Advertised link modes:  10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Advertised auto-negotiation: No
        Speed: 100Mb/s
        Duplex: Full
        Port: MII
        PHYAD: 1
        Transceiver: internal
        Auto-negotiation: off
        Supports Wake-on: g
        Wake-on: g
        Current message level: 0x00000007 (7)
        Link detected: yes
[root@test.com tmp]#

Testing Web sites with the curl

Using curl

The curl utility acts like a text based Web browser in which you can select to see either the header or complete body of a Web page’s HTML code displayed on your screen.

A good start is to use the curl command with the -I flag to view just the Web page’s header and HTTP status code. By not using the -I command you will see all the Web page’s HTML code displayed on the screen. Either method can provide a good idea of your server’s performance.

[root@ bigboy tmp]# curl -I www.testing.com
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2004 05:11:22 GMT
Server: Apache/2.0.51 (Fedora)
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=UTF-8
[root@test.com tmp]#

Using netcat to Test Network Bandwidth

Most Linux distributions contain the netcat or nc packages which can be used to create a TCP socket over which you can transfer data. The syntax can also vary between distributions so you should refer to your system’s man pages if you have any questions.

The netcat server can be easily created with the -l switch that signifies the program should listen, and not talk. The desired TCP port then follows. In this case the server is listening on TCP port 7777.

[root@smallfry tmp]# nc -l 7777

The netcat client only needs to specify the server’s IP address followed by server’s the TCP listener port.

[root@bigboy ~]# nc 192.168.2.50 7777

Any text typed to the console screen of the client;

[root@bigboy ~]# nc 192.168.2.50 7777 This is a test of the NetCat program! [root@bigboy ~]#

will also be visible on the server’s console.

[root@smallfry tmp]# nc -l 7777 This is a test of the NetCat program! [root@smallfry tmp]#

If you want to transfer a file, you only need to use some simple command line redirection. In this case, the server will output all data it receives on port 7777 to a file called FC-6-i386-disc1.iso, and the client pipes the output of the cat command to the netcat client that points to our server.

[root@smallfry tmp]# nc -l 7777 > FC-6-i386-disc1.iso [root@bigboy ~]# cat /tmp/FC-6-i386-disc1.iso | nc 192.168.2.50 7777

All Linux systems have a black hole file named /dev/null which automatically discards any data written to it. If you want to test file transfers without filling your disk storage, or having the server’s disk I/O be a bottleneck, then use this as your output file instead.

[root@smallfry tmp]# nc -l 7777 > /dev/null

All Linux systems also have a have a continuous random data source located at /dev/random. Instead of using a file in your tests, you can use this instead for a data stream or infinite duration.

[root@bigboy ~]# cat /dev/random | nc 192.168.2.50 7777

GPG on Linux-(Secure communications)

 

Overview

GnuPG is a tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user’s private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate. It is a full replacement for PGP. this does not use any potential algorithm

Installation: Most Linux and Unix Systems have gpg installed by default

Generating a new keypair 

We must create a new key-pair (public and private) for the first time. The command line option –gen-key is used to create a new primary keypair.

[root@dragon /]# gpg –gen-key
gpg (GnuPG) 1.0.2; Copyright (C) 2000 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg:/root/.gnupg/secring.gpg: keyring created
gpg: /root/.gnupg/pubring.gpg: keyring created
Please select what kind of key you want:
   (1) DSA and ElGamal (default)
   (2) DSA (sign only)
   (4) ElGamal (sign and encrypt)
Your selection?  1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
              minimum keysize is  768 bits
              default keysize is 1024 bits
    highest suggested keysize is 2048 bits
What keysize do you want? (1024) 2048
Do you really need such a large keysize? y
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>   = key expires in n days
      <n> w = key expires in n weeks
      <n> m = key expires in n months
      <n> y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form: “

Real name: Test Tester
Email address: test@example.com
Comment: Unix/Linux consultant
You selected this USER-ID:
    “Test Tester (Unix/Linux consultant) <test@example.com> “

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

Enter passphrase: [enter a passphrase]

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. ++++++++++.+++++^^^
public and secret key created and signed.

Now I will explain about the various inputs asked during the generation of the keypairs.

• Please select what kind of key you want:
• (1) DSA and ElGamal (default) 
• (2) DSA (sign only) 
• (3) ElGamal (sign and encrypt) 
• Your selection?

  GnuPG is capable of creating different kind of keypairs. There are three options. 

 A DSA keypair is the primary keypair usable only for making signatures. An ElGamal subordinate keypair is also created for encryption. Option 2 is similar but creates only a DSA keypair. Option 

 3[1] creates a single ElGamal keypair usable for both making signatures and performing encryption. For most users the default option is fine. 

 

• You must also choose a key size. The size of a DSA key must be between 512 and 1024 bits, and an ElGamal key may be of any size.

                      About to generate a new ELG-E keypair. 

                      minimum keysize is  768 bits 

                     default keysize is 1024 bits 

                     highest suggested keysize is 2048 bits 

                     What keysize do you want? (1024)

 There are advantages and disadvantages of choosing a longer key. The advantages are: 1) The longer the key the more secure it is against brute-force attacks
 The disadvantages are: 1) encryption and decryption will be slower as the key size is increased 2) a larger keysize may affect signature length

  The default keysize is adequate for almost all purpose and  the keysize can never be changed after selection.
 

• Finally, you must choose an expiration date. If Option 1 was chosen, the expiration date will be used for both the ElGamal and DSA keypairs
•   Please specify how long the key should be valid 
•   0 = key does not expire   = key expires in n days 
• <n> w = key expires in n weeks 
• <n> m = key expires in n months 
• <n> y = key expires in n years 
• Key is valid for? (0)

For most users a key that does not expire is adequate. The expiration time should be chosen with care, however, since although it is possible to change the expiration date after the key is created, 

it may be difficult to communicate a change to users who have your public key. 

 

• You must provide a user ID in addition to the key parameters. The user ID is used to associate the key being created with a real person.

             You need a User-ID to identify your key; the software constructs the user id 

              from Real Name, Comment and Email Address in this form: 

             “Test Tester (Linux consultant) <test@example.com> “

             Real name: Enter you name here
             Email address: Enter you email address
           Comment: Enter any comment here
  

• GnuPG needs a passphrase to protect the primary and subordinate private keys that you keep in your possession.
• You need a Passphrase to protect your secret key.

              Enter passphrase:

There is no limit on the length of a passphrase, and it should be carefully chosen. From the perspective of security, the passphrase to unlock the private key is one of the weakest points in GnuPG
(and other public-key encryption systems as well) since it is the only protection you have if another individual gets your private key. Ideally, the passphrase should not use words from a
dictionary and should mix the case of alphabetic characters as well as use non-alphabetic characters. A good passphrase is crucial to the secure use of GnuPG.
 

2: Generating a revocation certificate

After your keypair is created you should immediately generate a revocation certificate for the primary public key using the option –gen-revoke. If you forget your passphrase or if your private
key is compromised or lost, this revocation certificate may be published to notify others that the public key should no longer be used.

 [root@dragon /]# gpg –output revoke.asc –gen-revoke mykey

Here mykey must be a key specifier, either the key ID of your primary keypair or any part of a user ID that identifies your keypair. The generated certificate will be left in the file
revoke.asc. The certificate should not be stored where others can access it since anybody can publish the revocation certificate and render the corresponding public key
useless.
 
 

3: Listing Keys

 To list the keys on your public keyring use the command-line option –list-keys.

[root@dragon /]#  gpg –list-keys
/root/.gnupg/pubring.gpg
————————
pub  1024D/020C9884 2000-11-09 Test Tester (Unix/Linux consultant) <test@example.com>
sub  2048g/555286CA 2000-11-09

4: Exporting a public key

You can export your public key to use it on your homepage or on a available key server on the Internet or any other method. To send your public key to a correspondent you must first export it. The command-line option –export is used to do this. It takes an additional argument identifying the public key to export.
 

• To export your public key in binary format, use the following command:
•   [root@dragon /]# gpg –output harry.gpg –export test@example.com
• To export your public key in ASCII armored output, use the following command:
•  [root@dragon /]# gpg  –export-armor> harry-key.asc 
• Here “–export” is for extracting your Public-key from your pubring encrypted file , “-armor” is to create ASCII armored output that you can mail, publish it on a web page and “> harry-key.asc” is to put the result in a file.
• To export your public key in ASCII armored output and to view it , use the following command:
• • [root@dragon /]# gpg  –export-armor 

• —–BEGIN PGP PUBLIC KEY BLOCK—– 
• Version: GnuPG v1.0.2 (GNU/Linux) 
• Comment: For info see http://www.gnupg.org
• [...]
  —–END PGP PUBLIC KEY BLOCK—–
   

5: Importing a public key 

Once your own keypair is created, you can put it into your public keyring database of all keys from trusted third party in order to be able to use the keys for future encryption and authentication communication. A public key may be added to your public keyring with the –import option.

 [root@dragon /]# gpg –import <filename>
Here “filename” is the name of the exported public key.
For example:
[root@dragon /]# gpg –import mandrake.asc
gpg: key :9B4A4024: public key imported
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: Total number processed: 1
gpg:              imported: 1

In the above example we imported the Public key file “mandrake.asc” from the company Mandrake Linux, downloadable from Mandrake Internet site, into our keyring.

6: Validating the key
Once a key is imported it should be validated.  A key is validated by verifying the key’s fingerprint and then signing the key to certify it as a valid key. A key’s fingerprint can be quickly viewed with the –fingerprint command-line option.
[root@dragon /]# gpg –fingerprint <UID>
As a example:
[root@dragon /]# gpg –fingerprint mandrake
pub  1024D/9B4A4024 2000-01-06 MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com>
     Key fingerprint = 63A2 8CBD A7A8 387E 1A53  2C1E 59E7 0DEE 9B4A 4024
sub  1024g/686FF394 2000-01-06

In the above example we verified the fingerprint of mandrake. A key’s fingerprint is verified with the key’s owner. This may be done in person or over the phone or through any other means as long as you can guarantee that you are communicating with the key’s true owner. If the fingerprint you get is the same as the fingerprint the key’s owner gets, then you can be sure that you have a correct copy of the key.

7: Key Signing
After importing and verifying the keys that you have imported into your public database, you can start signing them. Signing a key certifies that you know the owner of the keys. You should only sign the keys when you are 100% sure of the authentication of the key.
 

• To sign a key for the company Mandrake that we have added on our keyring above, use the following command:
• [root@dragon /]# gpg –sign-key <UID> 
• As an example: 
• [root@dragon /]# gpg –sign-key <UID> 
• pub  1024D/9B4A4024  created: 2000-01-06 expires: never      trust: -/q 
• sub  1024g/686FF394  created: 2000-01-06 expires: never 
• (1)  MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com> 
•  
• pub  1024D/9B4A4024  created: 2000-01-06 expires: never      trust: -/q
               Fingerprint: 63A2 8CBD A7A8 387E 1A53  2C1E 59E7 0DEE 9B4A 4024
•      MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com>
• Are you really sure that you want to sign this key
  with your key: “Test Tester (Unix/Linux consultant) <test@example.com> “
• Really sign? y
• You need a passphrase to unlock the secret key for
  user: “Test Tester (Unix/Linux consultant) <test@example.com> ”
  1024-bit DSA key, ID 020C9884, created 2000-11-09
• Enter passphrase:
   

8:  Checking Signatures 

 

Once signed you can check the key to list the signatures on it and see the signature that you have added. Every user ID on the key will have one or more self-signatures as well as a signature for 

each user that has validated the key. We can check the signatures of the keys by the gpg option “–check-sigs: 

As an example: 

[root@dragon /]# gpg –check-sigs mandrake 

pub  1024D/9B4A4024 2000-01-06 MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com> 

sig!       9B4A4024 2000-01-06  MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com> 

sig!       020C9884 2000-11-09  Test Tester(Unix/Linux consultant) <test@example.comt> 

sub  1024g/686FF394 2000-01-06 

sig!       9B4A4024 2000-01-06  MandrakeSoft (MandrakeSoft official keys) <mandrake@mandrakesoft.com>

9: Encrypting and decrypting
The procedure for encrypting and decrypting documents is very simple. If you want to encrypt a message to mandrake, you encrypt it using mandrake public key, and then only mandrake can
decrypt that file  with his private key. If Mandrake wants to send you a message, it  encrypts it using your public key, and you decrypt it with your private key.

To encrypt and sign data for the user Mandrake that we have added on our keyring use the following command (You must have a public key of the recipient):
[root@dragon /]# gpg  -sear <UID of the public key> <file>

As an example:
[root@dragon /]# gpg -sear Mandrake document.txt
You need a passphrase to unlock the secret key for user: “Kapil Sharma (Unix/Linux consultant) <kapil@linux4biz.net> ”
1024-bit DSA key, ID 020C9884, created 2000-11-09

Enter passphrase:

Here “s” is for signing , “e” for encrypting, “a” to create ASCII armored output (”.asc” is ready for sending by mail), “r” to encrypt the user id name and <file> is the data you want to encrypt
[root@dragon /]# gpg  -d <file>

As an example:
[root@dragon /]# gpg -d documentforkapil.asc
You need a passphrase to unlock the secret key for
user: “Test Tester (Unix/Linux consultant) <test@example.com> ”
1024-bit DSA key, ID 020C9884, created 2000-11-09
Enter passphrase:

Here the parameter “d” is for decrypting the data and <file> is a data you want to decrypt.
[Note: you must have the public key of the sender of the message/data that you want to decrypt in your public keyring database.]

10: Checking the signature
Once you have extracted your public key and exported it then by using the –verify option of GnuPG anybody can check whether encrypted data from you is also signed by you.

• To check the signature of encrypted data, use the following command:
• [root@dragon /]#  gpg –verify <Data> 
• Here “–verify” option is to check the signature and “<Data> ” is the encrypted data/file you want to verify.

Some uses of GnuPG software

1: Send encrypted mail messages.
2: Encrypt files and documents
3: Transmit encrypted files and important documents through network
 

VNC- Virtual Network Computing

To configure vncserver as a service on your system, add yourself in following config file.

[harry@beans.com]$ sudo vi /etc/sysconfig/vncservers

# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the line below to start a VNC server on display :1
# as my 'myusername' (adjust this to your own).  You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted!  For a secure way of using VNC, see
# URL:http://www.uk.research.att.com/vnc/sshvnc.html

# VNCSERVERS="1:myusername"
VNCSERVERS="1:harry"

Before starting vncserver as a service, let’s create a vnc password with vncpasswd command.
Notice it creates a hidden directory .vnc under your home account with file passwd which contains your vnc password.

[tchung@tchung101 tchung]$ vncpasswd

Password:

Verify:

[beans@harry]$ ls -d .vnc

[beans@harry]$ ls .vnc

passwd

[beans@harry]$

Now let’s start vncserver as a service.

[beans@harry.com]$ sudo /sbin/service vncserver start or service vncserver start

Starting VNC server: 1:tchung [ OK ]

[tchung@tchung101 tchung]$

Take a look at the contents of .vnc directory now. You should have something similiar to following.

[tchung@tchung101 tchung]$ cd .vnc

[tchung@tchung101 .vnc]$ ls

passwd tchung101:1.log tchung101:1.pid xstartup

[tchung@tchung101 .vnc]$ If you edit the script called xstartup, you will notice following comment in red.
Uncomment those two lines in red as shown below!!! Otherwise, you will get nothing but grey screen. #!/bin/sh

# Uncomment the following two lines for normal desktop:

unset SESSION_MANAGER

exec /etc/X11/xinit/xinitrc

#!/bin/sh

# vncconfig -iconic &
# Uncomment the following two lines for normal desktop:
#unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &

twm &

I have add to add these lines just because my fedora box refused to start x without the following lines 3, please remember to delete &twm if you are going to add the below lines

gnome-session &
gnome-wm &
gnome-panel &

Windows Uptime?

Instructions

Option 1:

1. Go to “Start” -> “Run”.

2. Write “CMD” and press on “Enter” key.

3. Write the command “net statistics server” and press on “Enter” key.

4. The line that start with “Statistics since …” provides the time that the server was up from.

* The command “net stats srv” can be use instead.

Option 2:

Uptime.exe Tool Allows You to Estimate Server Availability

Help Communication using ssh-agent and ssh-add

The little program ssh-agent does you a favor by managing your keys for you. You enter the passphrase once, and after that, ssh-agent keeps your key in its memory and pulls it up whenever it is asked for it.

To use the agent first start it. Just enter “ssh-agent bash” and thats all. This will put you in a bash shell which is spawned by ssh-agent. After that you’ll need to add your key. To do this enter the command “ssh-add”. This will try and add the standard key “identity” to the key manager. To add a key with a different name, enter “ssh-add /location/of/key”. After this, the ssh-add program will ask you for your passphrase. After you entered your password the key is loaded in the key manager ssh-agent.

You can test this by logging into the server you put your public key on. If the key is correctly loaded in the ssh agent it wont ask you for your passphrase and log you in. (”ssh -v host.with.pubkey”).

Also you can have a look at your currently loaded keys by using “ssh-add -l“.

After you logged in, log out by typing “logout”. After this, try and login again, using “ssh -v host.with.pubkey” again. Again it wont ask you for your passphrase, because the ssh-agent does this for you.

Redhat flavor Tweak Auto complete service command

I am a lazy bugger!!!
Type:
complete -W “$(ls /etc/init.d/)” service

* complete : the command complete sets up tab completion
* -W : this option creates a word list for completion
* “$(ls /etc/init.d/)” : out word list is made up of the output of the command ls /etc/init.d/
* service : this then sets up the configured completion for the command service

So next time when you type service command it should automatically auto complete,

hope this helps the Lazy like me